From f75313a43474cae92046bc1895585160cd78fd81 Mon Sep 17 00:00:00 2001
From: Radoslav Gerganov <rgerganov@gmail.com>
Date: Thu, 16 Apr 2020 12:16:32 +0300
Subject: [PATCH] Allow passing ssl_context when login with token

When we login with either bearer or HoK token, there should be an option
to pass an ssl_context in order to support self-signed certificates.
---
 pyVim/connect.py | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/pyVim/connect.py b/pyVim/connect.py
index 435b194e0..eeb1ff10a 100644
--- a/pyVim/connect.py
+++ b/pyVim/connect.py
@@ -115,13 +115,14 @@ def _doLogin(soapStub):
       return _doLogin
 
    @staticmethod
-   def makeCertHokTokenLoginMethod(stsUrl, stsCert=None):
+   def makeCertHokTokenLoginMethod(stsUrl, stsCert=None, ssl_context=None):
       '''Return a function that will call the vim.SessionManager.LoginByToken()
       after obtaining a HoK SAML token from the STS. The result of this function
       can be passed as the "loginMethod" to a SessionOrientedStub constructor.
 
       @param stsUrl: URL of the SAML Token issuing service. (i.e. SSO server).
       @param stsCert: public key of the STS service.
+      @param ssl_context: SSL context
       '''
       assert(stsUrl)
 
@@ -132,7 +133,7 @@ def _doLogin(soapStub):
          authenticator = sso.SsoAuthenticator(sts_url=stsUrl,
                                               sts_cert=stsCert)
 
-         samlAssertion = authenticator.get_hok_saml_assertion(cert,key)
+         samlAssertion = authenticator.get_hok_saml_assertion(cert, key, ssl_context=ssl_context)
 
 
          def _requestModifier(request):
@@ -154,7 +155,8 @@ def _requestModifier(request):
    def makeCredBearerTokenLoginMethod(username,
                                       password,
                                       stsUrl,
-                                      stsCert=None):
+                                      stsCert=None,
+                                      ssl_context=None):
       '''Return a function that will call the vim.SessionManager.LoginByToken()
       after obtaining a Bearer token from the STS. The result of this function
       can be passed as the "loginMethod" to a SessionOrientedStub constructor.
@@ -163,6 +165,7 @@ def makeCredBearerTokenLoginMethod(username,
       @param password: password of the user/service registered with STS.
       @param stsUrl: URL of the SAML Token issueing service. (i.e. SSO server).
       @param stsCert: public key of the STS service.
+      @param ssl_context: SSL context
       '''
       assert(username)
       assert(password)
@@ -177,7 +180,8 @@ def _doLogin(soapStub):
          samlAssertion = authenticator.get_bearer_saml_assertion(username,
                                                                  password,
                                                                  cert,
-                                                                 key)
+                                                                 key,
+                                                                 ssl_context=ssl_context)
          si = vim.ServiceInstance("ServiceInstance", soapStub)
          sm = si.content.sessionManager
          if not sm.currentSession: