You might eventually have to unit-test a website that has a functional need to be run as SSL. For example, you might need to test a client that must connect using SSL authentication.
You can accomplish this by combining Python’s built-in webserver with ssl.SSLSocket.
This code is a distant relative of another example, but is lighter, simpler, and more Pythonic.
It runs out of the current directory (you’ll have to chdir() from the code if you want something different, since the webserver doesn’t take a path), and expects server.private_key.pem and server.crt.pem to exist.
import os.path
import socket
import SocketServer
import BaseHTTPServer
import SimpleHTTPServer
import ssl
class _SecureHTTPRequestHandler(SimpleHTTPServer.SimpleHTTPRequestHandler):
def setup(self):
self.connection = self.request
self.rfile = socket._fileobject(self.request, 'rb', self.rbufsize)
self.wfile = socket._fileobject(self.request, 'wb', self.wbufsize)
class _SecureHTTPServer(BaseHTTPServer.HTTPServer):
def __init__(self, private_key_pem_filepath, cert_pem_filepath,
binding=None, handler_cls=_SecureHTTPRequestHandler):
if binding is None:
# The default port is 1443 so that we don't have to be root.
binding = ('', 1443)
# We can't use super() because it's not a new-style class.
SocketServer.BaseServer.__init__(self, binding, handler_cls)
s = socket.socket(self.address_family, self.socket_type)
self.socket = ssl.SSLSocket(
s,
keyfile=private_key_pem_filepath,
certfile=cert_pem_filepath)
self.server_bind()
self.server_activate()
app_path = os.path.abspath(os.path.dirname(__file__))
private_key_pem_filepath = os.path.join(app_path, 'server.private_key.pem')
certificate_pem_filepath = os.path.join(app_path, 'server.crt.pem')
httpd = _SecureHTTPServer(
private_key_pem_filepath,
certificate_pem_filepath)
print("Running.")
httpd.serve_forever()
This code may also be found in the RandomUtility repository.
