Merge pull request #36 from westonplatter/pin-ssl-certs

Pin ssl certs copying stripe's python client.
westonplatter · Sep 14, 2018 · 547de97 · 547de97
2 parents dc2af6d + e107bc3
commit 547de97
Show file tree

Hide file tree

Showing 4 changed files with 4,322 additions and 9 deletions.
diff --git a/README.md b/README.md
@@ -94,7 +94,7 @@ Here's what you can do with `fast_arrow` (some features still in development)
 - [x] [fetch historical value of portfolio](examples/portfolio_historicals.py)
 
 **Authentication/Security**
-- [ ] pin Robinhood's SSL certificate
+- [x] pin SSL certificate (see [this PR](https://github.com/westonplatter/fast_arrow/pull/35))
 - [x] implments oauth2 automatic refresh
 - [ ] handle MFA token during login
 

diff --git a/fast_arrow/client.py b/fast_arrow/client.py
@@ -1,3 +1,4 @@
+import os
 import requests
 from fast_arrow.util import get_last_path
 from fast_arrow.resources.user import User
@@ -8,6 +9,8 @@
 
 CLIENT_ID = "c82SH0WZOsabOXGP2sxqcj34FxkvfnWRZBKlBjFS"
 
+HTTP_ATTEMPTS_MAX = 2
+
 
 class Client(object):
 
@@ -20,6 +23,7 @@ def __init__(self, **kwargs):
         self.mfa_code       = None
         self.scope          = None
         self.authenticated  = False
+        self.certs = os.path.join(os.path.dirname(__file__), 'ssl_certs/certs.pem')
 
 
     def authenticate(self):
@@ -44,13 +48,15 @@ def get(self, url=None, params=None):
         headers = self._gen_headers(self.access_token)
 
         attempts = 1
-        while attempts:
+        while attempts <= HTTP_ATTEMPTS_MAX:
             try:
-                res = requests.get(url, headers=headers, params=params, timeout=15)
+                import pdb; pdb.set_trace()
+                res = requests.get(url, headers=headers, params=params,
+                    timeout=15, verify=self.certs)
                 return res.json()
-            except:
+            except Exception as e:
                 self.relogin_oauth2()
-                attempts -= 1
+                attempts += 1
             else:
                 attempts = False
 
@@ -64,16 +70,19 @@ def post(self, url=None, payload=None):
             if url == "https://api.robinhood.com/options/orders/":
                 headers["Content-Type"] = 'application/json; charset=utf-8'
         attempts = 1
-        while attempts:
+        while attempts <= HTTP_ATTEMPTS_MAX:
             try:
-                res = requests.post(url, headers=headers, data=payload, timeout=15)
+                import pdb; pdb.set_trace()
+                res = requests.post(url, headers=headers, data=payload,
+                    timeout=15, verify=self.certs)
                 if res.headers['Content-Length'] == '0':
                     return None
                 else:
                     return res.json()
-            except:
+            except Exception as e:
+                import pdb; pdb.set_trace()
                 self.relogin_oauth2()
-                attempts -= 1
+                attempts += 1
             else:
                 attempts = False