【Python】用原生的urllib2+httplib請求Https

轉載：  https://blog.csdn.net/ns2250225/article/details/79528827

環境

python2.7.5

# https server 生成證照

https://www.cnblogs.com/loleina/p/8418111.html

# HTTPSConnection

key        # https server使用的key

ca_certs # https server使用的ca

cert        # 在 瀏覽器下載的證照, windows下載後linux可以使用

### https.py

import urllib2, httplib, ssl, socket

DEFAULT_HTTP_TIMEOUT = 10 #seconds

#

#

class HTTPSClientAuthHandler(urllib2.HTTPSHandler):

    '''

    Allows sending a client certificate with the HTTPS connection.

    This version also validates the peer (server) certificate since, well...

    WTF IS THE POINT OF SSL IF YOU DON"T AUTHENTICATE THE PERSON YOU"RE TALKING TO!??!

    '''

    def __init__(self, key=None, cert=None, ca_certs=None, ssl_version=None, ciphers=None):

        urllib2.HTTPSHandler.__init__(self)

        self.key = key

        self.cert = cert

        self.ca_certs = ca_certs

        self.ssl_version = ssl_version

        self.ciphers = ciphers

    def https_open(self, req):

        # Rather than pass in a reference to a connection class, we pass in

        # a reference to a function which, for all intents and purposes,

        # will behave as a constructor

        return self.do_open(self.get_connection, req)

    def get_connection(self, host, timeout=DEFAULT_HTTP_TIMEOUT):

        return HTTPSConnection( host, 

                key_file = self.key, 

                cert_file = self.cert,

                timeout = timeout,

                ciphers = self.ciphers,

                ca_certs = self.ca_certs )

class HTTPSConnection(httplib.HTTPSConnection):

    '''

    Overridden to allow peer certificate validation, configuration

    of SSL/ TLS version and cipher selection.  See:

   

    and `ssl.wrap_socket()`

    '''

    def __init__(self, host, **kwargs):

        self.ciphers = kwargs.pop('ciphers',None)

        self.ca_certs = kwargs.pop('ca_certs',None)

        self.ssl_version = kwargs.pop('ssl_version', ssl.PROTOCOL_SSLv23)

        httplib.HTTPSConnection.__init__(self,host,**kwargs)

    def connect(self):

        sock = socket.create_connection( (self.host, self.port), self.timeout )

        if self._tunnel_host:

            self.sock = sock

            self._tunnel()

        self.sock = ssl.wrap_socket( sock, 

                keyfile = self.key_file, 

                certfile = self.cert_file,

                ca_certs = self.ca_certs,

                cert_reqs = ssl.CERT_REQUIRED if self.ca_certs else ssl.CERT_NONE )

### test.py

import urllib2

import urllib

import https

import ssl

import json

client_cert_key = "etcd-client-key.pem" # file path

client_cert_pem = "etcd-client.pem"     # file path 

ca_certs = "etcd-ca.pem"                # file path

handlers = []

handlers.append( https.HTTPSClientAuthHandler( 

    key = client_cert_key,

    cert = client_cert_pem,

    ca_certs = ca_certs,

    ssl_version = ssl.PROTOCOL_SSLv23,

    ciphers = 'TLS_RSA_WITH_AES_256_CBC_SHA' ) )

http = urllib2.build_opener(*handlers)

# request https

# GET

resp = http.open(')

data = resp.read()

# POST

req = urllib2.Request(url)  

data = urllib.urlencode(data)

resp = http.open(req, data)

# PUT

request = urllib2.Request(url, data=json_data)

request.add_header('Content-Type', 'application/json')

request.get_method = lambda: 'PUT'

resp = http.open(request)

# DELETE

request = urllib2.Request(url, data=data)

request.get_method = lambda: 'DELETE'

resp = http.open(request)

resp.close()