diff --git a/CHANGELOG.md b/CHANGELOG.md index 7f8531f..f048b01 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ ## [Version 1.2.7](https://github.com/dataiku/dss-plugin-api-connect/releases/tag/v1.2.7) - Feature - 2026-02-18 - Detecting dialect for better csv decoding +- Adding mutual TLS authentication - Fixing duplication of last line in csv APIs using the recipe ## [Version 1.2.6](https://github.com/dataiku/dss-plugin-api-connect/releases/tag/v1.2.6) - Feature - 2025-09-24 diff --git a/custom-recipes/api-connect/recipe.json b/custom-recipes/api-connect/recipe.json index 5842cd0..ee84f57 100644 --- a/custom-recipes/api-connect/recipe.json +++ b/custom-recipes/api-connect/recipe.json @@ -291,6 +291,27 @@ "visibilityCondition": "model.auth_type!='secure_oauth' && model.auth_type!='secure_basic'", "defaultValue": false }, + { + "name": "use_mtls", + "label": "Use mTLS", + "description": "", + "type": "BOOLEAN", + "defaultValue": false + }, + { + "name": "mtls_certificate_path", + "label": "Path to certificate", + "description": "", + "type": "STRING", + "visibilityCondition": "model.use_mtls==true" + }, + { + "name": "mtls_key_path", + "label": "Path to key", + "description": "", + "type": "STRING", + "visibilityCondition": "model.use_mtls==true" + }, { "name": "redirect_auth_header", "label": "Redirect authorization header", diff --git a/python-connectors/api-connect_dataset/connector.json b/python-connectors/api-connect_dataset/connector.json index 754c507..ee987bc 100644 --- a/python-connectors/api-connect_dataset/connector.json +++ b/python-connectors/api-connect_dataset/connector.json @@ -238,6 +238,27 @@ "visibilityCondition": "model.auth_type!='secure_oauth' && model.auth_type!='secure_basic'", "defaultValue": false }, + { + "name": "use_mtls", + "label": " ", + "description": "Use mTLS", + "type": "BOOLEAN", + "defaultValue": false + }, + { + "name": "mtls_certificate_path", + "label": "Path to certificate", + "description": "", + "type": "STRING", + "visibilityCondition": "model.use_mtls==true" + }, + { + "name": "mtls_key_path", + "label": "Path to key", + "description": "", + "type": "STRING", + "visibilityCondition": "model.use_mtls==true" + }, { "name": "redirect_auth_header", "label": " ", diff --git a/python-lib/dku_utils.py b/python-lib/dku_utils.py index 3b65fa4..b16a8f8 100644 --- a/python-lib/dku_utils.py +++ b/python-lib/dku_utils.py @@ -39,7 +39,8 @@ def get_endpoint_parameters(configuration): "requests_per_minute", "pagination_type", "next_page_url_key", "is_next_page_url_relative", "next_page_url_base", - "top_key", "skip_key", "maximum_number_rows" + "top_key", "skip_key", "maximum_number_rows", + "use_mtls", "mtls_certificate_path", "mtls_key_path", ] parameters = { endpoint_parameter: configuration.get(endpoint_parameter) for endpoint_parameter in endpoint_parameters if configuration.get(endpoint_parameter) is not None diff --git a/python-lib/rest_api_client.py b/python-lib/rest_api_client.py index 170ad41..57a542e 100644 --- a/python-lib/rest_api_client.py +++ b/python-lib/rest_api_client.py @@ -59,6 +59,14 @@ def __init__(self, credential, secure_credentials, endpoint, custom_key_values={ self.requests_kwargs.update({"verify": False}) else: self.requests_kwargs.update({"verify": True}) + if endpoint.get("use_mtls", False): + mtls_certificate_path = endpoint.get("mtls_certificate_path") + mtls_key_path = endpoint.get("mtls_key_path") + self.requests_kwargs.update( + { + "cert": (mtls_certificate_path, mtls_key_path) + } + ) self.redirect_auth_header = endpoint.get("redirect_auth_header", False) self.timeout = endpoint.get("timeout", -1) if self.timeout > 0: