GraphAPI - SSL Certificate Verification #412
Conversation
|
Not sure why the automated tests are failing. It seems there is some issue with the Facebook backend as indicated in the test exceptions: |
There was a problem hiding this comment.
This pull request is missing documentation.
In our project, we needed to bypass this verification but by default requests.request was verifying the SSL certificates and creating an issue for us.
I would also like to see additional explanation of why this would be generally useful to people using this project.
|
We have added documentation detailing usage of added parameters along with relevant links. This is useful because by default SSL verification is enabled and at present, there is no option available in GraphAPI to ignore the SSL verification. By introducing the said parameters, we get a handle to underlying Requests.request parameter verify which allows users to choose if they want the API to verify SSL or ignore it. |
|
This library doesn't expose every single parameter that the underlying requests library does. I still don't understand why these two options are generally useful - it would help if you could give a use case or an example in which using them would be required. |
|
Closing because my questions on general usefulness have not been answered. Unless you can provide a rationale for why users of this SDK would need to disable SSL verification on a regular basis, it doesn't make sense to accept this pull request. |
At present, the GraphAPI does not contain verify and cert parameters which exist in requests.request. These parameters help in dealing with SSL certificate verification. In our project, we needed to bypass this verification but by default requests.request was verifying the SSL certificates and creating an issue for us. We simply included the said parameters in the GraphAPI as verify_ssl and verify_cert and used it subsequently in the call to requests.request
If some further changes are to be made, let us know - we could modify accordingly too