From b592a13ab5030365d0c0d98524a1a67fb651e290 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Olivier=20L=C3=A9obal?= <olivier.leobal@owkin.com>
Date: Wed, 6 Sep 2023 15:47:51 +0200
Subject: [PATCH] fix: make Client(insecure=True) affect login & logout (#384)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Olivier Léobal <olivier.leobal@owkin.com>
---
 CHANGELOG.md                               |  1 +
 substra/sdk/backends/remote/rest_client.py |  7 +++++--
 tests/sdk/test_rest_client.py              | 19 +++++++++++++++++++
 3 files changed, 25 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index a2425157..53c8bf37 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -33,6 +33,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Fixed
 
 - typo in exception ([#377](https://github.com/Substra/substra/pull/377))
+- Client.login breaking when Client was instanciated with `insecure=True` ([#384](https://github.com/Substra/substra/pull/384))
 
 ## [0.46.0](https://github.com/Substra/substra/releases/tag/0.46.0) - 2023-07-25
 
diff --git a/substra/sdk/backends/remote/rest_client.py b/substra/sdk/backends/remote/rest_client.py
index a6eaa171..8eb99b39 100644
--- a/substra/sdk/backends/remote/rest_client.py
+++ b/substra/sdk/backends/remote/rest_client.py
@@ -68,7 +68,7 @@ def login(self, username, password):
             "password": password,
         }
         try:
-            r = requests.post(f"{self._base_url}/api-token-auth/", data=data, headers=headers)
+            r = requests.post(f"{self._base_url}/api-token-auth/", data=data, headers=headers, **self._default_kwargs)
             r.raise_for_status()
         except requests.exceptions.RequestException as e:
             if isinstance(e, requests.exceptions.HTTPError):
@@ -110,7 +110,10 @@ def logout(self) -> None:
             return
         try:
             r = requests.delete(
-                f"{self._base_url}/active-api-tokens/", params={"id": self._token["id"]}, headers=self._headers
+                f"{self._base_url}/active-api-tokens/",
+                params={"id": self._token["id"]},
+                headers=self._headers,
+                **self._default_kwargs,
             )
             r.raise_for_status()
             self._token = None
diff --git a/tests/sdk/test_rest_client.py b/tests/sdk/test_rest_client.py
index 02a9ad45..58337753 100644
--- a/tests/sdk/test_rest_client.py
+++ b/tests/sdk/test_rest_client.py
@@ -45,6 +45,25 @@ def test_post_success(mocker, config):
     assert len(m.call_args_list) == 1
 
 
+@pytest.mark.parametrize("config", CONFIGS)
+def test_verify_login(mocker, config):
+    """
+    check "insecure" configuration results in endpoints being called with verify=False
+    """
+    m_post = mock_requests(mocker, "post", response={"id": "a", "token": "a", "expires_at": "3000-01-01T00:00:00Z"})
+    m_delete = mock_requests(mocker, "delete", response={})
+
+    c = _client_from_config(config)
+    c.login("foo", "bar")
+    c.logout()
+    if config.get("insecure", None):
+        assert m_post.call_args.kwargs["verify"] == False
+        assert m_delete.call_args.kwargs["verify"] == False
+    else:
+        assert "verify" not in m_post.call_args.kwargs or m_post.call_args.kwargs["verify"]
+        assert "verify" not in m_post.call_args.kwargs or m_delete.call_args.kwargs["verify"]
+
+
 @pytest.mark.parametrize(
     "status_code, http_response, sdk_exception",
     [