Table Of Contents

Previous topic

9.7. Base class for exceptions

Next topic

9.9. MemoryCache

9.8. Requests TLS Session¶

The RequestsTLS service provides means to instantiate a requests.Session object with TLS settings set with respect to plugin configuration.

New in version 1.3.0.

9.8.1. Configuration example¶

[tls]
# Set to 'no' to disable TLS completely
# Default is 'yes'
; enabled = yes

# Set this option to enable client side verification. Certificate from the
# server will be checked with this CA. If the value of the option is `$[<name>]`
# the certificates are retrieved from the trusted CA list configured on the SPS,
# identified by the name. When the certificate is given in the configuration, it
# should be in PEM format and all the new lines must be indented with one
# whitespace. If it is a chain, put the certificates right after each other.
; ca_cert = <ca-certificate-chain>
; ca_cert = $[<trusted_ca_list_name>]

# Client certificate, set this if verification is enabled on server side
# If the value of the option is `$` the certificate identified by the section
# and option pair is retrieved from the configured credential store. When the
# certificate and private key is given in the configuration it should be in
# PEM format and all the new lines must be indented with one whitespace. Note
# that encrypted keys are not supported.
; client_cert = <client-certificate-and-key>

9.8.2. Getting a Session object¶

After getting a session object, it can be used as a standard requests session to make API calls

from safeguard.sessions.plugin.requests_tls import RequestsTLS

class Plugin(PluginBase):
    def hook(self):
        requests_tls = RequestsTLS.from_config(self.plugin_configuration)
        with requests_tls.open_session() as session:
            session.get('https://httpbin.org')