-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathssl_config.py
More file actions
54 lines (41 loc) · 1.74 KB
/
Copy pathssl_config.py
File metadata and controls
54 lines (41 loc) · 1.74 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
import os
import ssl
from typing import Any
def expand_path(path):
"""Expand environment variables and user home directory in path."""
if not path:
return path
# Expand environment variables like $HOME
path = os.path.expandvars(path)
# Expand user home directory ~
path = os.path.expanduser(path)
return path
def create_ssl_context():
# Try truststore first (system certificates)
try:
import truststore
return truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
except ImportError:
# Fallback to manual certificate configuration
import certifi
ssl_cert_file = expand_path(os.environ.get("SSL_CERT_FILE"))
requests_ca_bundle = expand_path(os.environ.get("REQUESTS_CA_BUNDLE"))
ssl_cert_dir = expand_path(os.environ.get("SSL_CERT_DIR"))
return ssl.create_default_context(
cafile=ssl_cert_file or requests_ca_bundle or certifi.where(),
capath=ssl_cert_dir,
)
def get_httpx_client_kwargs() -> dict[str, Any]:
"""Get standardized httpx client configuration."""
client_kwargs: dict[str, Any] = {"follow_redirects": True, "timeout": 30.0}
# Check environment variable to disable SSL verification
disable_ssl_env = os.environ.get("UIPATH_DISABLE_SSL_VERIFY", "").lower()
disable_ssl_from_env = disable_ssl_env in ("1", "true", "yes", "on")
if disable_ssl_from_env:
client_kwargs["verify"] = False
else:
# Use system certificates with truststore fallback
client_kwargs["verify"] = create_ssl_context()
# Auto-detect proxy from environment variables (httpx handles this automatically)
# HTTP_PROXY, HTTPS_PROXY, NO_PROXY are read by httpx by default
return client_kwargs