From 67ca4e5e7a57cc3474409136d8bc3361bf45b88c Mon Sep 17 00:00:00 2001
From: DerekRushton <41486484+DerekRushton@users.noreply.github.com>
Date: Tue, 27 Aug 2024 10:10:39 -0300
Subject: [PATCH] Added the ability to enable trusted_env. (#1727)

* Added the ability to enable trusted_env.

Signed-off-by: DerekRushton <derek.rushton1@ibm.com>

* Fixed an issue with False and added a comment.

Signed-off-by: DerekRushton <derek.rushton1@ibm.com>

* Default changed to string.

Signed-off-by: DerekRushton <derek.rushton1@ibm.com>

---------

Signed-off-by: DerekRushton <derek.rushton1@ibm.com>
---
 .../stix_transmission/utils/RestApiClientAsync.py   | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/stix_shifter_utils/stix_transmission/utils/RestApiClientAsync.py b/stix_shifter_utils/stix_transmission/utils/RestApiClientAsync.py
index d414d95ba..b14a146ea 100644
--- a/stix_shifter_utils/stix_transmission/utils/RestApiClientAsync.py
+++ b/stix_shifter_utils/stix_transmission/utils/RestApiClientAsync.py
@@ -57,6 +57,17 @@ def __init__(self, host, port=None, headers={}, url_modifier_function=None, cert
         unique_file_handle = uuid.uuid4()
         self.server_cert_name = "/tmp/{0}-server_cert.pem".format(unique_file_handle)
         server_ip = host
+        
+        #To enable proxy, set the environment variable "STIX_SHIFTER_ENABLE_TRUST_ENV" to true. This option will allow the connection
+        #to use the system environments proxy settings. This can be done by setting the "https_proxy" environment variable to 
+        #"http(s)://[username]:[password]@[hostname]/[ipaddress]:[port]". Alternative proxy schema's may or may not work.
+        self.trust_env_enabled = os.environ.get("STIX_SHIFTER_ENABLE_TRUST_ENV", "False").lower()
+        if self.trust_env_enabled == "true":
+            self.trust_env_enabled = True
+        else:
+            self.trust_env_enabled = False
+        self.logger.debug(f"Proxy Environment - Trusted_Env Enabled : {self.trust_env_enabled}")
+
         if port is not None:
             server_ip += ":" + str(port)
         self.server_ip = server_ip
@@ -101,7 +112,7 @@ async def call_api(self, endpoint, method, headers=None, cookies=None, data=None
         try:
             client_timeout = ClientTimeout(connect=self.connect_timeout, total=timeout) # https://docs.aiohttp.org/en/stable/client_reference.html?highlight=timeout#aiohttp.ClientTimeout
             retry_options = ExponentialRetry(attempts=self.retry_max, statuses=[429, 500, 502, 503, 504])
-            async with RetryClient(retry_options=retry_options) as client:
+            async with RetryClient(trust_env=self.trust_env_enabled, retry_options=retry_options) as client:
                 call = getattr(client, method.lower()) 
 
                 async with call(url, headers=actual_headers, params=urldata, data=data,