authlib icon indicating copy to clipboard operation
authlib copied to clipboard
verified publisher icon lepture

Allow custom CA bundle to be set for the whole OAuth2Session and being registered using oauth.register()

Open hscholz opened this issue 4 years ago • 1 comments

Is your feature request related to a problem? Please describe.

I'm having a flask application which is integrating via OIDC with an OIDC provider which has a custom certificate. Currently there is no way to provide a CA bundle for RemoteApp.load_server_metadata().

Describe the solution you'd like

Enable the configuration of the CA bundle for the whole OAuth2Session and the RemoteApp via OAuth.register, e.g.

from authlib.integrations.flask_client import OAuth

oauth = OAuth(app)
client = oauth.register(
    name="oauth",
    server_metadata_url=f'{app.config["OAUTH_DOMAIN"]}/.well-known/openid-configuration',
    client_kwargs={"scope": "openid email profile", "verify": "/path/to/ca_bundle/cert.pem"},
)

hscholz avatar Dec 08 '21 10:12 hscholz

Are there any workaround for this? I'm using the starlette integration and would like to specify the ca bundle for all httpx requests

dbkegley avatar Oct 27 '23 20:10 dbkegley