Python - Oauth2 的 SSL 问题 [英] Python - SSL Issue with Oauth2

问题描述

每当尝试在 Python 中使用 oAuth2 时，我似乎都遇到了 SSL 问题.我花了一个下午的大部分时间试图调试它，但似乎无法弄清楚.

I seem to be having an issue with SSL whenever trying to use oAuth2 in Python. I've spent most of the afternoon attempting to debug it but can't seem to figure it out.

这是我的 Python 脚本(又好又简单):

Here's my Python Script (Nice and simple):

import oauth2.oauth2 as oauth
import urlparse
import time

## If you're actually processing requests, you'll want this
# import simplejson


### GET A REQUEST TOKEN ###

consumer = oauth.Consumer(key="***KEYHERE***", secret="***KEYSECRETHERE***")

request_token_url = 'https://api.instagram.com/oauth/access_token'

client = oauth.Client(consumer)
resp, content = client.request(request_token_url, "GET")

request_token = dict(urlparse.parse_qsl(content))


token = oauth.Token(request_token['oauth_token'], request_token['oauth_token_secret'])

以及来自 Python 解释器的这些错误:

And these error from the Python Interpreter:

Traceback (most recent call last):
  File "E:ProjectsoAuth2Test	est.py", line 16, in <module>
    resp, content = client.request(request_token_url, "GET")
  File "E:ProjectsoAuth2Testoauth2oauth2.py", line 682, in request
    connection_type=connection_type)
  File "E:ProjectsoAuth2Testhttplib2httplib2.py", line 1445, in request
    (response, content) = self._request(conn, authority, uri, request_uri, method, body, headers, redirections, cachekey)
  File "E:ProjectsoAuth2Testhttplib2httplib2.py", line 1197, in _request
    (response, content) = self._conn_request(conn, request_uri, method, body, headers)
  File "E:ProjectsoAuth2Testhttplib2httplib2.py", line 1133, in _conn_request
    conn.connect()
  File "E:ProjectsoAuth2Testhttplib2httplib2.py", line 914, in connect
    raise SSLHandshakeError(e)
SSLHandshakeError: [Errno 1] _ssl.c:503: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

现在，众所周知，我将 httplib2 附带的 cacerts.txt 放在适当的位置，并且找到了，但我仍然遇到此问题.感谢任何帮助，谢谢！

Now, just so it's known, I have my cacerts.txt that came with httplib2 in the proper place and it is found, yet I still have this problem. Any help is appreciated, thanks!

推荐答案

cacerts.txt 包含的 CA 太少.如果你用 cacert.pem 替换它，那么就没有 ssl 错误.这是一个测试脚本:

cacerts.txt contains too few CAs. If you replace it with cacert.pem then there is no ssl error. Here's a test script:

#!/usr/bin/env python3
import http.client
import ssl

####context = ssl.create_default_context(cafile='cacerts.txt') # ssl.SSLError
####context = ssl.create_default_context(cafile='cacert.pem')  # works   
context = ssl.create_default_context()  # works as is on the recent versions
#NOTE: ssl.CERT_REQUIRED is set for the default Purpose.SERVER_AUTH

h = http.client.HTTPSConnection('api.instagram.com', 443, context=context)
h.request('POST', '/oauth/access_token')
resp = h.getresponse()
print(resp.status, resp.reason) # produce expected 400 http error
print(resp.headers)
print(resp.read())

如示例所示，对于最近的软件版本，默认 CA 列表可能就足够了.

As the example demonstrates, the default CA list might be enough on the recent software versions.

这篇关于Python - Oauth2 的 SSL 问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！