Allow insecure communication for development about requests-oauthlib HOT 13 CLOSED

I have nothing against allowing this library to function over HTTP, but I'll defer to @ib-lundgren in this matter.

More generally, is it that much work? Generating a self-signed certificate and setting verify=False on your Requests' calls doesn't seem that hard to me...

from requests-oauthlib.

There is already some support forthis and it is in place for OAuth 2 session if "DEBUG" is present in env. See if

$ export DEBUG=1
$ python ....

covers your needs. If not let me know or feel free to send a PR refactoring in is_secure_transport checks where needed.

from requests-oauthlib.

@Lukasa We are developing a Java app, and wrestling keystore files and Eclipse plugins is a hassle. :-/

@ib-lundgren The code in requests-oauthlib does not refer to is_secure_transport but checks the URL itself. I can update the code to use it.

from requests-oauthlib.

@jcassee I know, its on the TODO list :) Updates would be much appreciated, and feel free to update checks outside oauth 2 session as well.

from requests-oauthlib.

Ah, I see that the version on GitHub does check for DEBUG, but the version on pypi doesn't.

I'll try to refactor it using oauthlibs is_secure_transport

from requests-oauthlib.

@Lukasa Hi, is verify=False also available for OAuth1 ? I can't get it to work :(

from requests-oauthlib.

@Notmarrco How are you expecting it to work?

from requests-oauthlib.

@Lukasa to test access to a webapp, I did something like this : test = OAuth1Session (tokens, secrets ...)
and then after the first test.get(url, verify = False) I get an error in core.py : AttributeError: 'Request' object has no attribute 'body'

from requests-oauthlib.

That's a bizarre error. The auth object should be called against a PreparedRequest, not a Request. Can you paste your full traceback please? =)

from requests-oauthlib.

Here it is : :)

Traceback (most recent call last):
  File "./import.py", line 17, in <module>
    r = test.get(url, verify=False)
  File "/usr/local/lib/python2.6/dist-packages/requests/sessions.py", line 254, in get
    return self.request('get', url, **kwargs)
  File "/usr/local/lib/python2.6/dist-packages/requests/sessions.py", line 241, in request
    r.send(prefetch=prefetch)
  File "/usr/local/lib/python2.6/dist-packages/requests/models.py", line 518, in send
    r = self.auth(self)
  File "/usr/local/lib/python2.6/dist-packages/requests_oauthlib/core.py", line 58, in __call__
    if is_form_encoded or extract_params(r.body):
AttributeError: 'Request' object has no attribute 'body'

from requests-oauthlib.

Which version of requests are you using?

python -c "import requests; print requests.version"

I think in later versions this should be a "PreparedRequest", not "Request"
as @Lukasa mentions.

On Fri, Aug 9, 2013 at 4:27 PM, Notmarrco [email protected] wrote:

Here it is : :)

Traceback (most recent call last):
File "./import.py", line 17, in
r = test.get(url, verify=False)
File "/usr/local/lib/python2.6/dist-packages/requests/sessions.py", line 254, in get
return self.request('get', url, **kwargs)
File "/usr/local/lib/python2.6/dist-packages/requests/sessions.py", line 241, in request
r.send(prefetch=prefetch)
File "/usr/local/lib/python2.6/dist-packages/requests/models.py", line 518, in send
r = self.auth(self)
File "/usr/local/lib/python2.6/dist-packages/requests_oauthlib/core.py", line 58, in call
if is_form_encoded or extract_params(r.body):
AttributeError: 'Request' object has no attribute 'body'

—

Reply to this email directly or view it on GitHubhttps://github.com//issues/61#issuecomment-22401761
.

from requests-oauthlib.

ok thx to both of you !
upgrading did solve my problem 😄 ... I was still in 0.14.1 😦

from requests-oauthlib.

I don't see it stated in this thread -- the thread is probably older than the solution, but the fix seems to be to set the environment variable: OAUTHLIB_INSECURE_TRANSPORT=1

from requests-oauthlib.