Randy808
commented
4 months ago The standard way to initialize credentials is by using the associated function with which takes in the cert and key used for auth, and the CA cert. This differs from the way the TlsConfig was able to load the CA cert, where something closer to a builder pattern could be used to call TlsConfig::new().unwrap().identity(cert, key) and the default CA cert would get loaded without being specified (since it was the default CA value in new).
Because specifying a CA cert every time can be tedious for the average consumer who only wants to talk to the official Greenlight server, and because we don't have instructions in our docs on manually loading up the Greenlight CA cert, I thought it would be beneficial to add a convenience functions that take care of this for the developer. The convenience method I used was with_identity, and I defined these on an extension trait for the Credentials called CredentialExt. I make my convenience method by initializing the default impl for each credential, and manually changing the values of the fields related to the identity.
In Python these fields aren't exposed so this approach doesn't work. Instead, I just put the Greenlight CA cert in the same folder as the main.py python file so my convenience method nobody_with_identity can call the with mentioned above and pass in the cert in the directory as the CA cert (so the developer doesn't have to worry about it).
I have another PR to make it easier to initialize a Credential without explicitly specifying the cert but I put custom functions in the docs as placeholders. It gets a little tricky with how it's done because of the UnifiedCredentials used to simplify the Python API but I think it's starting to get into a state I'm happy with.
ErikDeSmedt
cdecker
The docs for this branch use the latest version of the code and this shouldn't be merged yet until the below tasks have been completed.
- [ ] Update docs for creds page