The Curl object is now local to functions call, but there is no common to each one so some code duplication is needed but forgotten. For example, the section def __send(self, request): ... # Configure debug mode: if self._debug and self._log is not None: curl.setopt(pycurl.VERBOSE, 1) curl.setopt(pycurl.DEBUGFUNCTION, self._curl_debug) is missing in _get_sso_response. Without it, it's not possible to debug authentication failure.
Didn't a generic Connection._get_curl_instance() would'nt have been better ? Actually there is a lof of duplicated code. And also forgotten code too, like curl.setopt(pycurl.COOKIEFILE, '/dev/null') curl.setopt(pycurl.COOKIEJAR, '/dev/null') For my own usage, I have written the following function: def get_curl(self): new_curl = pycurl.Curl() settings = { # Don't handle signals pycurl.NOSIGNAL: True, # Don't keep persistent data pycurl.COOKIEFILE: '/dev/null', pycurl.COOKIEJAR: '/dev/null', pycurl.SHARE: self._share, # Follow redirect but not too much, it's needed for CAS pycurl.FOLLOWLOCATION: True, pycurl.MAXREDIRS: 5, # Strict TLS check pycurl.SSL_VERIFYPEER: True, pycurl.SSL_VERIFYHOST: 2, pycurl.CAINFO: self._ca_file # Debug setup pycurl.VERBOSE: False, pycurl.DEBUGFUNCTION: self._curl_debug, # Needed for SPNEGO authentication pycurl.HTTPAUTH: pycurl.HTTPAUTH_NEGOTIATE, pycurl.USERPWD: ':', # Needed for CAS login pycurl.UNRESTRICTED_AUTH: True, pycurl.POSTREDIR: pycurl.REDIR_POST_ALL, pycurl.USERAGENT: self._VALID_USER_AGENT } for key, value in settings.items(): new_curl.setopt(key, value) return new_curl
Verified with: python-ovirt-engine-sdk4-4.2.1-1.a1.20170607gitdec2258.el7.centos.x86_64 DEBUG:root:< POST /ovirt-engine/sso/oauth/token HTTP/1.1 DEBUG:root:< Host: engine.com DEBUG:root:< User-Agent: PythonSDK/4.2.1a1.dev20170607+gitdec2258 DEBUG:root:< Accept: application/json DEBUG:root:< Content-Length: 81 DEBUG:root:< Content-Type: application/x-www-form-urlencoded DEBUG:root:< username=admin%40internal&scope=ovirt-app-api&password={password}&grant_type=password DEBUG:root:* upload completely sent off: 81 out of 81 bytes DEBUG:root:> HTTP/1.1 200 OK