googleads-python-lib icon indicating copy to clipboard operation
googleads-python-lib copied to clipboard

Published 20 hours ago verified publisher icon googleads

disable_certificate_validation not being properly set on AdWordsClient

Open felipeferri opened this issue 4 years ago • 1 comments

I'm trying to use Charles proxy to monitor comunication between my script and the Google Adwords api.

I created a ProxyConfig object like this:

proxy_config = ProxyConfig(
    http_proxy='127.0.0.1:8888',
    https_proxy='127.0.0.1:8888',
    disable_certificate_validation=True
)

I disabled the certificate validation because Charles proxy uses a self signed certificate to monitor the https requests.

Then, I instantiate a oauth2 client and an adwords client like this:

oauth2_client = GoogleRefreshTokenClient(
    client_id,
    client_secret,
    refresh_token,
    proxy_config=proxy_config
)
            
self.client = AdWordsClient(
    developer_token,
    oauth2_client,
    client_customer_id=self.customer_id,
    proxy_config=proxy_config
)

When I make the calls to the Adwords api I can see that the refresh token is properly generated and monitored by Charles. However, the AdWordsClient calls fail with the error:

Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain)

Digging the code, I found out that the proxies defined in proxy_config are used on the Zeep client instantiated in googleads.common._ZeepProxyTransport:

class _ZeepProxyTransport(zeep.transports.Transport):
  """A Zeep transport which configures caching, proxy support, and timeouts."""
  def __init__(self, timeout, proxy_config, cache):
    """Initializes _ZeepProxyTransport.

    Args:
      timeout: An integer timeout in MS for connections.
      proxy_config: A ProxyConfig instance representing proxy settings.
      cache: A zeep.cache.Base instance representing a cache strategy to employ.
    """
    if not cache:
      cache = zeep.cache.SqliteCache()
    elif cache == ZeepServiceProxy.NO_CACHE:
      cache = None

    super(_ZeepProxyTransport, self).__init__(
        timeout=timeout, operation_timeout=timeout, cache=cache)

    self.session.proxies = proxy_config.proxies # HERE THE PROXIES ARE USED

However the parameter disable_certificate_validation is never used! I think this can be solved by adding the following line just below:

self.session.verify = not proxy_config.disable_certificate_validation

At least this works for me.

Is this really a bug? Or is there a different way of configuring the "disable_certificate_validation" parameter that i'm missing?

felipeferri avatar Sep 05 '20 21:09 felipeferri

This is quite old and refers to the now-sunset AdWordsClient, but I'll check if it's still relevant to AdManagerClient.

msaniscalchi avatar Jun 05 '24 18:06 msaniscalchi