search

code-specialist / fastapi-keycloak

Keycloak integration for Python FastAPI
https://fastapi-keycloak.code-specialist.com/
Apache License 2.0
193 stars 50 forks source link

Bypass Certificate Verification on Development #51

Closed edgarfelizmenio closed 2 years ago

edgarfelizmenio commented 2 years ago

Hi

I'm trying to use this package on a local Keycloak instance that uses a self-signed certificate. Since python requests verify the certificate by default, creating a FastAPIKeycloak wrapper to the Keycloak instance always raises an SSLVerificationError.

Is it okay if a verify server certificate parameter will be included to the FastAPIKeycloak wrapper so we can temporarily bypass certificate verification?

Thank you!

yannicschroeer commented 2 years ago

Hi @edgarfelizmenio,

We'd rather not open this package to vulnerabilities due to testing purposes. Sorry.

If you really need that functionality, you could either monkey patch the requests method or utilize a context manager to override its configuration (Check https://stackoverflow.com/questions/15445981/how-do-i-disable-the-security-certificate-check-in-python-requests).

Both is neither recommendable nor beautiful, but that's mostly due to the fact that using Keycloak with self-signed certificates isn’t either