Authentication Username+Password+Certificate

[tr4shitter]

Hello,

i am using your library to connect successfully to one of our CTI providers using username+password.

Sadly, the second one is using username+password and required additionally a certificate (.crt and .key file).
Is it possible to use this authentication methods using taxii2client? I get the following error message:

taxii2client.exceptions.InvalidArgumentsError: Only one of a connection, username/password, or auth object may be provided._

I looked into your source and could verify that you check that not both methods are provided at the same time. Is there a way around that other than editing the library? Will this feature be added in the future?

Thank you very much in advance.

[emmanvg]

@tr4shitter, would you be able to provide more details to better understand your issue. It was not clear to me if after editing the library you were able to successfully authenticate to the TAXII Server with the username/password + key/cert combination scenario? Do you know in which order they are used, etc.?

[tr4shitter]

@emmanvg thanks for your reply. I didn't want to edit the library so i didn't try it out. I just looked into the source code of the library to verify that it checks that not both (username/pw+client certificate) can be used at the same time. Sorry for the misunderstanding.

I think the client side certificate is used to encrypt the traffic to the server before username and password is transmitted.

[clenk]

With #89 the Server and endpoint classes now take a cert parameter that can be either a tuple of (‘cert’, ‘key’) or a filepath to a cert file. This should allow the functionality you need, but if you run into any issues please let us know.