def _connect(self):
# Host and port for the HTTP(S) connection to the API server.
if self.ca_certs == 'HTTP':
api_port = 80
else:
api_port = 443
if self.port is not None:
api_port = self.port
# Host and port for outer HTTP(S) connection if proxied.
if self.proxy_type is None:
host = self.host
port = api_port
elif self.proxy_type == 'CONNECT':
host = self.proxy_host
port = self.proxy_port
else:
raise NotImplementedError('proxy_type=%s' % (self.proxy_type,))
# Create outer HTTP(S) connection.
if self.ca_certs == 'HTTP':
conn = httplib.HTTPConnection(host, port)
elif self.ca_certs == 'DISABLE':
kwargs = {}
if hasattr(ssl, '_create_unverified_context'):
# httplib.HTTPSConnection validates certificates by
# default in Python 2.7.9+.
kwargs['context'] = ssl._create_unverified_context()
conn = httplib.HTTPSConnection(host, port, **kwargs)
else:
conn = CertValidatingHTTPSConnection(host,
port,
ca_certs=self.ca_certs)
# Override default socket timeout if requested.
conn.timeout = self.timeout
# Configure CONNECT proxy tunnel, if any.
if self.proxy_type == 'CONNECT':
if hasattr(conn, 'set_tunnel'): # 2.7+
conn.set_tunnel(self.host,
api_port,
self.proxy_headers)
elif hasattr(conn, '_set_tunnel'): # 2.6.3+
# pylint: disable=E1103
conn._set_tunnel(self.host,
api_port,
self.proxy_headers)
# pylint: enable=E1103
return conn
def _connect(self):
# Host and port for the HTTP(S) connection to the API server.
if self.ca_certs == 'HTTP':
api_port = 80
else:
api_port = 443
if self.port is not None:
api_port = self.port
# Host and port for outer HTTP(S) connection if proxied.
if self.proxy_type is None:
host = self.host
port = api_port
elif self.proxy_type == 'CONNECT':
host = self.proxy_host
port = self.proxy_port
else:
raise NotImplementedError('proxy_type=%s' % (self.proxy_type,))
# Create outer HTTP(S) connection.
if self.ca_certs == 'HTTP':
conn = httplib.HTTPConnection(host, port)
elif self.ca_certs == 'DISABLE':
conn = httplib.HTTPSConnection(host, port)
else:
conn = CertValidatingHTTPSConnection(host,
port,
ca_certs=self.ca_certs)
# Override default socket timeout if requested.
conn.timeout = self.timeout
# Configure CONNECT proxy tunnel, if any.
if self.proxy_type == 'CONNECT':
if hasattr(conn, 'set_tunnel'): # 2.7+
conn.set_tunnel(self.host,
api_port,
self.proxy_headers)
elif hasattr(conn, '_set_tunnel'): # 2.6.3+
# pylint: disable=E1103
conn._set_tunnel(self.host,
api_port,
self.proxy_headers)
# pylint: enable=E1103
return conn
def api_call(self, method, path, params):
"""
Call a Duo API method. Return a (status, reason, data) tuple.
"""
# urllib cannot handle unicode strings properly. quote() excepts,
# and urlencode() replaces them with '?'.
params = encode_params(params)
if self.sig_timezone == 'UTC':
now = email.utils.formatdate()
elif pytz is None:
raise pytz_error
else:
d = datetime.datetime.now(pytz.timezone(self.sig_timezone))
now = d.strftime("%a, %d %b %Y %H:%M:%S %z")
auth = sign(self.ikey, self.skey, method, self.host, path, now,
self.sig_version, params)
headers = {
'Authorization': auth,
'Date': now,
}
if method in ['POST', 'PUT']:
headers['Content-type'] = 'application/x-www-form-urlencoded'
body = urllib.urlencode(params, doseq=True)
uri = path
else:
body = None
uri = path + '?' + urllib.urlencode(params, doseq=True)
# Host and port for the HTTP(S) connection to the API server.
if self.ca_certs == 'HTTP':
api_port = 80
api_proto = 'http'
else:
api_port = 443
api_proto = 'https'
# Host and port for outer HTTP(S) connection if proxied.
if self.proxy_type is None:
host = self.host
port = api_port
elif self.proxy_type == 'CONNECT':
host = self.proxy_host
port = self.proxy_port
else:
raise NotImplementedError('proxy_type=%s' % (self.proxy_type, ))
# Create outer HTTP(S) connection.
if self.ca_certs == 'HTTP':
conn = httplib.HTTPConnection(host, port)
elif self.ca_certs == 'DISABLE':
conn = httplib.HTTPSConnection(host, port)
else:
conn = CertValidatingHTTPSConnection(host,
port,
ca_certs=self.ca_certs)
# Configure CONNECT proxy tunnel, if any.
if self.proxy_type == 'CONNECT':
# Ensure the request has the correct Host.
uri = ''.join((api_proto, '://', self.host, uri))
if hasattr(conn, 'set_tunnel'): # 2.7+
conn.set_tunnel(self.host, api_port, self.proxy_headers)
elif hasattr(conn, '_set_tunnel'): # 2.6.3+
# pylint: disable=E1103
conn._set_tunnel(self.host, api_port, self.proxy_headers)
# pylint: enable=E1103
conn.request(method, uri, body, headers)
response = conn.getresponse()
data = response.read()
conn.close()
return (response, data)
def api_call(self, method, path, params):
"""
Call a Duo API method. Return a (status, reason, data) tuple.
"""
# urllib cannot handle unicode strings properly. quote() excepts,
# and urlencode() replaces them with '?'.
params = encode_params(params)
if self.sig_timezone == 'UTC':
now = email.utils.formatdate()
elif pytz is None:
raise pytz_error
else:
d = datetime.datetime.now(pytz.timezone(self.sig_timezone))
now = d.strftime("%a, %d %b %Y %H:%M:%S %z")
auth = sign(self.ikey,
self.skey,
method,
self.host,
path,
now,
self.sig_version,
params)
headers = {
'Authorization': auth,
'Date': now,
}
if method in ['POST', 'PUT']:
headers['Content-type'] = 'application/x-www-form-urlencoded'
body = urllib.urlencode(params, doseq=True)
uri = path
else:
body = None
uri = path + '?' + urllib.urlencode(params, doseq=True)
# Host and port for the HTTP(S) connection to the API server.
if self.ca_certs == 'HTTP':
api_port = 80
api_proto = 'http'
else:
api_port = 443
api_proto = 'https'
# Host and port for outer HTTP(S) connection if proxied.
if self.proxy_type is None:
host = self.host
port = api_port
elif self.proxy_type == 'CONNECT':
host = self.proxy_host
port = self.proxy_port
else:
raise NotImplementedError('proxy_type=%s' % (self.proxy_type,))
# Create outer HTTP(S) connection.
if self.ca_certs == 'HTTP':
conn = httplib.HTTPConnection(host, port)
elif self.ca_certs == 'DISABLE':
conn = httplib.HTTPSConnection(host, port)
else:
conn = CertValidatingHTTPSConnection(host,
port,
ca_certs=self.ca_certs)
# Configure CONNECT proxy tunnel, if any.
if self.proxy_type == 'CONNECT':
# Ensure the request has the correct Host.
uri = ''.join((api_proto, '://', self.host, uri))
if hasattr(conn, 'set_tunnel'): # 2.7+
conn.set_tunnel(self.host,
api_port,
self.proxy_headers)
elif hasattr(conn, '_set_tunnel'): # 2.6.3+
# pylint: disable=E1103
conn._set_tunnel(self.host,
api_port,
self.proxy_headers)
# pylint: enable=E1103
conn.request(method, uri, body, headers)
response = conn.getresponse()
data = response.read()
conn.close()
return (response, data)