LENS-1516 : SSL changes to ignore cert for python module

commit: c6423ae01a4776383f0edcd8591124ac643b9e3e [log] [tgz]
author: Rajitha R <rajithar@apache.org> Fri May 25 20:04:43 2018 +0530
committer: Rajitha.R <rajithar@IM0318-L0.corp.inmobi.com> Fri May 25 20:04:43 2018 +0530
tree: d784d21b756750f9f63471b27f5a76051470ddef
parent: 58752d0a4fda199d83be8bb9bd899a6e19e1e43f [diff]
diff --git a/contrib/clients/python/lens/client/log.py b/contrib/clients/python/lens/client/log.py
index e427f7f..4dc19ad 100644
--- a/contrib/clients/python/lens/client/log.py
+++ b/contrib/clients/python/lens/client/log.py

@@ -23,6 +23,10 @@
         self.base_url = base_url + "logs/"
         self.keytab = conf.get('lens.client.authentication.kerberos.keytab')
         self.principal = conf.get('lens.client.authentication.kerberos.principal')
+        self.ignoreCert = conf.get('lens.client.ssl.ignore.server.cert')
 
     def __getitem__(self, item):
-        return requests.get(self.base_url + str(item), auth=SpnegoAuth(self.keytab, self.principal)).text
+        if self.ignoreCert == 'true':
+            return requests.get(self.base_url + str(item), auth=SpnegoAuth(self.keytab, self.principal), verify=False).text
+        else:
+            return requests.get(self.base_url + str(item), auth=SpnegoAuth(self.keytab, self.principal)).text

diff --git a/contrib/clients/python/lens/client/query.py b/contrib/clients/python/lens/client/query.py
index b09ff19..8b0616b 100644
--- a/contrib/clients/python/lens/client/query.py
+++ b/contrib/clients/python/lens/client/query.py

@@ -159,22 +159,37 @@
                                            in ['true', '1', 't', 'y', 'yes', 'yeah', 'yup']
         self.keytab = conf.get('lens.client.authentication.kerberos.keytab')
         self.principal = conf.get('lens.client.authentication.kerberos.principal')
+        self.ignoreCert = conf.get('lens.client.ssl.ignore.server.cert')
 
     def __call__(self, **filters):
         filters['sessionid'] = self._session._sessionid
-        resp = requests.get(self.base_url + "queries/",
+
+        if ignoreCert == 'true':
+            resp = requests.get(self.base_url + "queries/",
                             params=filters,
                             headers={'accept': 'application/json'},
-                            auth=SpnegoAuth(self.keytab, self.principal))
+                            auth=SpnegoAuth(self.keytab, self.principal), verify=False)
+        else:
+            resp = requests.get(self.base_url + "queries/",
+                                        params=filters,
+                                        headers={'accept': 'application/json'},
+                                        auth=SpnegoAuth(self.keytab, self.principal))
+
         return self.sanitize_response(resp)
 
     def __getitem__(self, item):
         if isinstance(item, string_types):
             if item in self.finished_queries:
                 return self.finished_queries[item]
-            resp = requests.get(self.base_url + "queries/" + item, params={'sessionid': self._session._sessionid},
+
+            if ignoreCert == 'true':
+                resp = requests.get(self.base_url + "queries/" + item, params={'sessionid': self._session._sessionid},
                                 headers={'accept': 'application/json'},
-                                auth=SpnegoAuth(self.keytab, self.principal))
+                                auth=SpnegoAuth(self.keytab, self.principal), verify=False)
+            else:
+                resp = requests.get(self.base_url + "queries/" + item, params={'sessionid': self._session._sessionid},
+                                                headers={'accept': 'application/json'},
+                                                auth=SpnegoAuth(self.keytab, self.principal))
             resp.raise_for_status()
             query = LensQuery(self, resp.json(object_hook=WrappedJson))
             if query.finished:
@@ -201,8 +216,14 @@
             operation = "execute_with_timeout" if timeout else "execute"
         payload.append(('operation', operation))
         payload.append(('conf', conf_to_xml(conf)))
-        resp = requests.post(self.base_url + "queries/", files=payload, headers={'accept': 'application/json'},
-                             auth=SpnegoAuth(self.keytab, self.principal))
+
+        if self.ignoreCert == 'true':
+            resp = requests.post(self.base_url + "queries/", files=payload, headers={'accept': 'application/json'},
+                             auth=SpnegoAuth(self.keytab, self.principal), verify=False)
+        else:
+            resp = requests.post(self.base_url + "queries/", files=payload, headers={'accept': 'application/json'},
+                                         auth=SpnegoAuth(self.keytab, self.principal))
+
         query = self.sanitize_response(resp)
         logger.info("Submitted query %s", query)
         if conf:
@@ -225,24 +246,41 @@
         query = self.wait_till_finish(handle_or_query, *args, **kwargs)
         handle = str(query.query_handle)
         if query.status.status == 'SUCCESSFUL' and query.status.is_result_set_available:
-            resp = requests.get(self.base_url + "queries/" + handle + "/resultsetmetadata",
+
+            if self.ignoreCert == 'true':
+                resp = requests.get(self.base_url + "queries/" + handle + "/resultsetmetadata",
                                 params={'sessionid': self._session._sessionid}, headers={'accept': 'application/json'},
-                                auth=SpnegoAuth(self.keytab, self.principal))
+                                auth=SpnegoAuth(self.keytab, self.principal), verify=False)
+            else:
+                resp = requests.get(self.base_url + "queries/" + handle + "/resultsetmetadata",
+                                                params={'sessionid': self._session._sessionid}, headers={'accept': 'application/json'},
+                                                auth=SpnegoAuth(self.keytab, self.principal))
             metadata = self.sanitize_response(resp)
             # Try getting the result through http result
-            resp = requests.get(self.base_url + "queries/" + handle + "/httpresultset",
+            if self.ignoreCert == 'true':
+                resp = requests.get(self.base_url + "queries/" + handle + "/httpresultset",
                                 params={'sessionid': self._session._sessionid}, stream=True,
-                                auth=SpnegoAuth(self.keytab, self.principal))
+                                auth=SpnegoAuth(self.keytab, self.principal), verify=False)
+            else:
+                resp = requests.get(self.base_url + "queries/" + handle + "/httpresultset",
+                                                params={'sessionid': self._session._sessionid}, stream=True,
+                                                auth=SpnegoAuth(self.keytab, self.principal))
             if resp.ok:
                 is_header_present = self.is_header_present_in_result
                 if handle in self.query_confs and 'lens.query.output.write.header' in self.query_confs[handle]:
                     is_header_present = bool(self.query_confs[handle]['lens.query.output.write.header'])
                 return LensPersistentResult(metadata, resp, is_header_present=is_header_present, *args, **kwargs)
             else:
-                response = requests.get(self.base_url + "queries/" + handle + "/resultset",
+                if self.ignoreCert == 'true':
+                    response = requests.get(self.base_url + "queries/" + handle + "/resultset",
                                         params={'sessionid': self._session._sessionid},
                                         headers={'accept': 'application/json'},
-                                        auth=SpnegoAuth(self.keytab, self.principal))
+                                        auth=SpnegoAuth(self.keytab, self.principal), verify=False)
+                else:
+                    response = requests.get(self.base_url + "queries/" + handle + "/resultset",
+                                                            params={'sessionid': self._session._sessionid},
+                                                            headers={'accept': 'application/json'},
+                                                            auth=SpnegoAuth(self.keytab, self.principal))
                 resp = self.sanitize_response(response)
                 # If it has in memory result, return inmemory result iterator
                 if resp._is_wrapper and resp._wrapped_key == u'inMemoryQueryResult':
@@ -279,3 +317,4 @@
             resp.raise_for_status()
         logger.error(resp.text)
         raise Exception("Unknown error with response", resp)
+

diff --git a/contrib/clients/python/lens/client/session.py b/contrib/clients/python/lens/client/session.py
index 3b527e0..cafbfe5 100644
--- a/contrib/clients/python/lens/client/session.py
+++ b/contrib/clients/python/lens/client/session.py

@@ -27,13 +27,20 @@
         self.base_url = base_url + "session/"
         self.keytab = conf.get('lens.client.authentication.kerberos.keytab')
         self.principal = conf.get('lens.client.authentication.kerberos.principal')
+        self.ignoreCert = conf.get('lens.client.ssl.ignore.server.cert')
         self.open(username, password, database, conf)
 
     def __getitem__(self, key):
-        resp = requests.get(self.base_url + "params",
+        if self.ignoreCert == 'true':
+            resp = requests.get(self.base_url + "params",
                             params={'sessionid': self._sessionid, 'key': key},
                             headers={'accept': 'application/json'},
-                            auth=SpnegoAuth(self.keytab, self.principal))
+                            auth=SpnegoAuth(self.keytab, self.principal), verify=False)
+        else:
+            resp = requests.get(self.base_url + "params",
+                                        params={'sessionid': self._sessionid, 'key': key},
+                                        headers={'accept': 'application/json'},
+                                        auth=SpnegoAuth(self.keytab, self.principal))
         if resp.ok:
             params = resp.json(object_hook=WrappedJson)
             text = params.elements[0]
@@ -45,12 +52,23 @@
         payload = [('username', username), ('password', password), ('sessionconf', conf_to_xml(conf))]
         if database:
             payload.append(('database', database))
-        r = requests.post(self.base_url, files=payload, headers={'accept': 'application/xml'},
-                          auth=SpnegoAuth(self.keytab, self.principal))
+
+        if self.ignoreCert == 'true':
+            r = requests.post(self.base_url, files=payload, headers={'accept': 'application/xml'},
+                          auth=SpnegoAuth(self.keytab, self.principal), verify=False)
+        else:
+            r = requests.post(self.base_url, files=payload, headers={'accept': 'application/xml'},
+                                      auth=SpnegoAuth(self.keytab, self.principal))
         r.raise_for_status()
         self._sessionid = r.text
 
     def close(self):
-        requests.delete(self.base_url, params={'sessionid': self._sessionid},
-                        auth=SpnegoAuth(self.keytab, self.principal))
+        if self.ignoreCert == 'true':
+            requests.delete(self.base_url, params={'sessionid': self._sessionid},
+                        auth=SpnegoAuth(self.keytab, self.principal), verify=False)
+        else:
+            requests.delete(self.base_url, params={'sessionid': self._sessionid},
+                                    auth=SpnegoAuth(self.keytab, self.principal))
+
+
commit	c6423ae01a4776383f0edcd8591124ac643b9e3e	[log] [tgz]
author	Rajitha R <rajithar@apache.org>	Fri May 25 20:04:43 2018 +0530
committer	Rajitha.R <rajithar@IM0318-L0.corp.inmobi.com>	Fri May 25 20:04:43 2018 +0530
tree	d784d21b756750f9f63471b27f5a76051470ddef
parent	58752d0a4fda199d83be8bb9bd899a6e19e1e43f [diff]