certificate verify failed

[xinthink]

I'm using flask_oauth in an app deployed on heroku.

And 'certificate verify failed' occurs when requesting the access token from https://api.weibo.com. But it's ok to access the website in browser, no certificate warning.

So, how can I just ignore the ssl certificate verification?

---

Stack trace:

File "/Volumes/ws/prj/mark1x/venv/lib/python2.7/site-packages/flask_oauth.py", line 429, in decorated
  data = self.handle_oauth2_response()
File "/Volumes/ws/prj/mark1x/venv/lib/python2.7/site-packages/flask_oauth.py", line 400, in handle_oauth2_response
  resp, content = self._client.request(url, self.access_token_method)
File "/Volumes/ws/prj/mark1x/venv/lib/python2.7/site-packages/oauth2/__init__.py", line 682, in request
  connection_type=connection_type)
File "/Volumes/ws/prj/mark1x/venv/lib/python2.7/site-packages/httplib2/__init__.py", line 1597, in request
  (response, content) = self._request(conn, authority, uri, request_uri, method, body, headers, redirections, cachekey)
File "/Volumes/ws/prj/mark1x/venv/lib/python2.7/site-packages/httplib2/__init__.py", line 1345, in _request
  (response, content) = self._conn_request(conn, request_uri, method, body, headers)
File "/Volumes/ws/prj/mark1x/venv/lib/python2.7/site-packages/httplib2/__init__.py", line 1281, in _conn_request
  conn.connect()
File "/Volumes/ws/prj/mark1x/venv/lib/python2.7/site-packages/httplib2/__init__.py", line 1036, in connect
  raise SSLHandshakeError(e)
SSLHandshakeError: [Errno 1] _ssl.c:504: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

[enewhuis]

Yup I have the same problem.

[balanceiskey]

Ditto, did you guys have any success figuring this one out?

[xinthink]

My solution is to add additional http options to python-oauth2 and flask-oauth:
joestump/python-oauth2#136
xinthink@8be4c2e

[balanceiskey]

So I was actually able to remedy this by adding more entries to the cacert.txt, per this thread: http://stackoverflow.com/questions/9270195/python-ssl-issue-with-oauth2

Note this appears to be more of an issue for httplib2 than for flask-oauth.

[jaitaiwan]

Hey guys, we just merged some changes in joestump/python-auth2 that should help :)

[dwoz]

In case it helps anyone other than myself. :) Newer versions of urllib2 verify ssl certificates by default. You can override this behavior by monkey patching the http_request method of the flask_oauthlib.client.OAuth class.

import ssl
from flask_oauthlib.client import OAuth, prepare_request, http


auth = oauth.remote_app()


def net_http_request(uri, headers=None, data=None, method=None):
    '''
    Method for monkey patching 'flask_oauthlib.client.OAuth.http_request'
    This version allows for insecure SSL certificates
    '''
    uri, headers, data, method = prepare_request(
        uri, headers, data, method
    )
    req = http.Request(uri, headers=headers, data=data)
    req.get_method = lambda: method.upper()
    try:
        resp = http.urlopen(req, context=ssl._create_unverified_context())
        content = resp.read()
        resp.close()
        return resp, content
    except http.HTTPError as resp:
        content = resp.read()
        resp.close()
        return resp, content

auth.http_request = new_http_request

[gbrian]

Thanks @dwoz! it helped to do quick fix

just typo: new_http_request must be net_http_request