Table Of Contents

Previous topic

9.7. Base class for exceptions

Next topic

9.9. MemoryCache

9.8. Requests TLS Session¶

The RequestsTLS service provides means to instantiate a requests.Session object with TLS settings set with respect to plugin configuration.

New in version 1.3.0.

9.8.1. Configuration example¶

[tls]
# To disable TLS completely, enter no as the value of this parameter.
# Default is yes
; enabled = yes

# Configure this parameter to enable client-side verification. The certificate shown
# by the server will be checked with this CA.
# If the value of this parameter is $[<trusted-ca-list-name>], the certificates are
# retrieved from the trusted CA list configured on SPS, identified by the name.
# When the certificate is inserted into the configuration file, it must be in PEM
# format and all the new lines must be indented with one whitespace. If it is a chain,
# insert the certificates right after each other.
; ca_cert = <ca-certificate-chain>
; ca_cert = $[<trusted-ca-list-name>]

# Configure this parameter to enable server-side verification. If the value of this
# parameter is $, the certificate identified by the section and option pair is retrieved
# from the configured Credential Store. When the certificate is inserted into the
# configuration file, it must be in PEM format and all the new lines must be indented
# with one whitespace. Note that encrypted keys are not supported.
; client_cert = <client-certificate-and-key>

9.8.2. Getting a Session object¶

After getting a session object, it can be used as a standard requests session to make API calls

from safeguard.sessions.plugin.requests_tls import RequestsTLS

class Plugin(PluginBase):
    def hook(self):
        requests_tls = RequestsTLS.from_config(self.plugin_configuration)
        with requests_tls.open_session() as session:
            session.get('https://httpbin.org')