From c17ca96975599183ba5a76b6ce88ad8e640ae23f Mon Sep 17 00:00:00 2001 From: Adam Beairsto Date: Tue, 18 Dec 2018 05:21:28 -0500 Subject: [PATCH] [PRED-2150] fix verify_ssl argument in api token retrieve (#146) * fix argument * linter * add change to changelog * fix up changelog * fix up tests * more linter * change enhancement to bugfix in changelog --- CHANGES.rst | 51 ++++++++++++++---------- datarobot_batch_scoring/__init__.py | 2 +- datarobot_batch_scoring/batch_scoring.py | 3 +- datarobot_batch_scoring/utils.py | 9 ++++- tests/test_utils.py | 18 ++++++--- 5 files changed, 51 insertions(+), 32 deletions(-) diff --git a/CHANGES.rst b/CHANGES.rst index ed99eacb..4b11149e 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -1,26 +1,33 @@ -1.15.1 (Unreleased) -=================== +1.15.2 (2018 Dec 17) +===================== + +Bugfixes +-------- +* Fixed bug where retrieving the user's API token would fail when insecure SSL is required + +1.15.1 (2018 Dec 4) +==================== Enhancements ------------ * Updated `trafaret` dependency to support the same version as https://pypi.org/project/datarobot/ . 1.15.0 (2018 Nov 23) -=================== +==================== Enhancements ------------ * Added new argument ``-max_prediction_explanations`` that allows batch scoring with predictions explanations and adds ``explanation_N_feature`` and ``explanation_N_strength`` to each row in output document (where ``N ∈ (1, max_prediction_explanations)`` ) 1.14.2 (2018 Nov 14) -======================= +==================== Bugfixes -------- * Added check to detect and warn about quoted delimiters during --fast mode with --keep_cols. Security fixes --------- +-------------- * Update `requests` dependency due to https://nvd.nist.gov/vuln/detail/CVE-2018-18074 1.14.1 (2018 August 30) @@ -31,7 +38,7 @@ Bugfixes * Added ``batch_scoring_deployment_aware`` to Windows/Linux/MacOSX assets. 1.14.0 (2018 August 16) -===================== +======================= Bugfixes -------- @@ -131,11 +138,11 @@ Bugfixes * Fix issue when client error message wasn't logged properly. 1.10.2 (2017 May 9) -================ +=================== * Set default timeout on server response to infinity. 1.10.1 (2017 April 27) -================ +====================== * New semantic routes versioning support @@ -145,12 +152,12 @@ Bugfixes 1.10.0 (2017 January 27) -================= +======================== * Independent prediction service support for scoring 1.9.1 (2017 January 6) -================== +====================== * switched to supervisor + workers architecture, improving handling of errors and subprocess lifecycle control. @@ -158,7 +165,7 @@ Bugfixes * Source code split into more mostly isolated modules. 1.9.0 (2016 December 1) -================== +======================= * added 3rd parallel process which handles post-processing and writing of responses. This should greatly improve performance. @@ -166,7 +173,7 @@ Bugfixes * add ability to compress data in transit 1.8.8 (2016 November 17) -================== +======================== * --output_delimiter flag to set delimiter for output CSV. "tab" can be used for tab-delimited output @@ -182,7 +189,7 @@ Bugfixes * Run all tests against Windows 1.8.7 (2016 November 1) -================== +======================= * --pred_name parameter is documented. Potentially backward incompatible change: Previously, 1.0 class was used as positive result for binary predictions, now last class in lexical order is used @@ -196,7 +203,7 @@ Bugfixes * auto sampler target batch size increased to 2.5M 1.8.6 (2016 August 23) -================== +====================== * improve url parsing. You no longer need to include "/api" in the host argument. * return more descriptive error messages when there is a problem @@ -204,7 +211,7 @@ Bugfixes * include the version of the batch-scoring script in the user-agent header 1.8.5 (2016 July 28) -================== +==================== * add option to define document encoding * add option to skip csv dialect detection. @@ -216,27 +223,27 @@ Bugfixes * allow "tab" command line arg keyword. e.g. "--delimiter=tab" 1.8.4 (2016 July 11) -================== +==================== * minor performance improvement for nix users 1.8.3 (2016 July 6) -================== +=================== * This release is compatible with Windows * logs are now sent to two files within the directory where the script is run 1.8.2 (2016 June 16) -================== +==================== * added --auto_sample option to find the n_samples automatically. 1.8.1 (2016 June 15) -================== +==================== * added --auto_sample option to find the n_samples automatically. * change how csv dialects are passed around in attempt to fix a bug on Windows. 1.8.0 (2016 June 13) -================== +==================== * use chardet module `chardet `_ to attempt to detect character encoding @@ -247,7 +254,7 @@ Bugfixes * provide a mode for sending all user messages to stdout 1.7.0 (2016 May) -================== +================ * separate process for disk IO and request payload serialization * avoid codecs.getreader due to IO bottleneck @@ -260,7 +267,7 @@ Bugfixes 1.6.0 alpha (2016 April 29) -================== +=========================== * Get rid of gevent/asyncio, use thread-based networking diff --git a/datarobot_batch_scoring/__init__.py b/datarobot_batch_scoring/__init__.py index 2ed81080..18ddad07 100644 --- a/datarobot_batch_scoring/__init__.py +++ b/datarobot_batch_scoring/__init__.py @@ -1 +1 @@ -__version__ = '1.15.1' +__version__ = '1.15.2' diff --git a/datarobot_batch_scoring/batch_scoring.py b/datarobot_batch_scoring/batch_scoring.py index 4eebe14e..b8e629b7 100644 --- a/datarobot_batch_scoring/batch_scoring.py +++ b/datarobot_batch_scoring/batch_scoring.py @@ -178,7 +178,8 @@ def run_batch_predictions(base_url, base_headers, user, pwd, if not (api_token or import_id): try: api_token = acquire_api_token(base_url, base_headers, user, - pwd, create_api_token, ui) + pwd, create_api_token, ui, + verify_ssl) except Exception as e: ui.fatal(str(e)) diff --git a/datarobot_batch_scoring/utils.py b/datarobot_batch_scoring/utils.py index c7fa34be..500590f7 100644 --- a/datarobot_batch_scoring/utils.py +++ b/datarobot_batch_scoring/utils.py @@ -272,7 +272,8 @@ def parse_config_file(file_path): return config_validator(parsed_dict) -def acquire_api_token(base_url, base_headers, user, pwd, create_api_token, ui): +def acquire_api_token(base_url, base_headers, user, pwd, + create_api_token, ui, verify_ssl): """Get the api token. Either supplied by user or requested from the API with username and pwd. @@ -286,7 +287,11 @@ def acquire_api_token(base_url, base_headers, user, pwd, create_api_token, ui): else: request_meth = requests.get - r = request_meth(base_url + 'api_token', auth=auth, headers=base_headers) + r = request_meth(base_url + 'api_token', + auth=auth, + headers=base_headers, + verify=verify_ssl) + if r.status_code == 401: raise ValueError('wrong credentials') elif r.status_code != 200: diff --git a/tests/test_utils.py b/tests/test_utils.py index 1a303a14..a909d009 100644 --- a/tests/test_utils.py +++ b/tests/test_utils.py @@ -252,7 +252,8 @@ def test_auto_small_dataset(): def test_acquire_api_token(live_server): ui = PickableMock() base_url = '{webhost}/predApi/v1.0/'.format(webhost=live_server.url()) - ret = acquire_api_token(base_url, {}, 'username', 'password', False, ui) + ret = acquire_api_token(base_url, {}, 'username', 'password', False, ui, + False) assert ret == 'Som3tok3n' ui.info.assert_called_with('api-token acquired') ui.debug.assert_called_with('api-token: Som3tok3n') @@ -262,7 +263,8 @@ def test_acquire_api_token_unauthorized(live_server): ui = PickableMock() base_url = '{webhost}/predApi/v1.0/'.format(webhost=live_server.url()) with pytest.raises(ValueError) as ctx: - acquire_api_token(base_url, {}, 'unknown', 'passwd', False, ui) + acquire_api_token(base_url, {}, 'unknown', 'passwd', False, ui, + False) assert not ui.info.called assert not ui.debug.called assert str(ctx.value) == 'wrong credentials' @@ -272,7 +274,8 @@ def test_acquire_api_token_bad_status(live_server): ui = PickableMock() base_url = '{webhost}/predApi/v1.0/'.format(webhost=live_server.url()) with pytest.raises(ValueError) as ctx: - acquire_api_token(base_url, {}, 'bad_status', 'passwd', False, ui) + acquire_api_token(base_url, {}, 'bad_status', 'passwd', False, ui, + False) assert not ui.info.called assert not ui.debug.called assert str(ctx.value) == 'api_token request returned status code 500' @@ -282,7 +285,8 @@ def test_acquire_api_token_no_token1(live_server): ui = PickableMock() base_url = '{webhost}/predApi/v1.0/'.format(webhost=live_server.url()) with pytest.raises(ValueError) as ctx: - acquire_api_token(base_url, {}, 'no_token1', 'passwd', False, ui) + acquire_api_token(base_url, {}, 'no_token1', 'passwd', False, ui, + False) assert not ui.info.called assert not ui.debug.called assert str(ctx.value) == ('no api-token registered; ' @@ -293,7 +297,8 @@ def test_acquire_api_token_no_token2(live_server): ui = PickableMock() base_url = '{webhost}/predApi/v1.0/'.format(webhost=live_server.url()) with pytest.raises(ValueError) as ctx: - acquire_api_token(base_url, {}, 'no_token2', 'passwd', False, ui) + acquire_api_token(base_url, {}, 'no_token2', 'passwd', False, ui, + False) assert not ui.info.called assert not ui.debug.called assert str(ctx.value) == ('no api-token registered; ' @@ -303,7 +308,8 @@ def test_acquire_api_token_no_token2(live_server): def test_create_and_acquire_api_token(live_server): ui = PickableMock() base_url = '{webhost}/predApi/v1.0/'.format(webhost=live_server.url()) - ret = acquire_api_token(base_url, {}, 'username', 'password', True, ui) + ret = acquire_api_token(base_url, {}, 'username', 'password', True, ui, + False) assert ret == 'Som3tok3n' ui.info.assert_called_with('api-token acquired') ui.debug.assert_called_with('api-token: Som3tok3n')