Fixed mTLS certificate verification

bbpay.py

@@ -21,24 +21,12 @@ CORS(app)
 api = Api(app)
 
 class BBPay(Resource):        
-    def __init__(self):
-        super().__init__()
-        self.setup_oauth()
-        
     def setup_oauth(self):
         client = BackendApplicationClient(client_id=getenv("CLIENT_ID"))
         self.oauth = OAuth2Session(client=client)
 
-        scope = ['checkout.solicitacoes-requisicao', 
-            'checkout.participantes-requisicao', 
-            'checkout.solicitacoes-info', 
-            'checkout.participantes-info']
-
-        self.oauth.fetch_token(
-            token_url='https://oauth.hm.bb.com.br/oauth/token',
-            client_id=getenv("CLIENT_ID"),
-            client_secret=getenv("CLIENT_SECRET"), scope=scope,
-            cert='cert.pem')
+        self.cert = 'key.pem'
+        self.verify_ssl = 'bb.pem'
 
         # Url de homologação com autenticação mTLS.
         self.baseUrl = "https://api-bbpay.hm.bb.com.br/checkout/v2"
@@ -49,13 +37,25 @@ class BBPay(Resource):
         # Url de produção com autenticação mTLS.
         #self.baseUrl = "https://api-bbpay.bb.com.br/checkout/v2"
 
-        self.verify_ssl = False
-
         self.params = {
             'numeroConvenio': 701,
             'gw-dev-app-key': getenv("DEV_APP_KEY")
         }
 
+        self.scope = ['checkout.solicitacoes-requisicao', 
+            'checkout.participantes-requisicao', 
+            'checkout.solicitacoes-info', 
+            'checkout.participantes-info']
+
+        self.oauth.fetch_token(
+            token_url='https://oauth.hm.bb.com.br/oauth/token',
+            client_id=getenv("CLIENT_ID"),
+            client_secret=getenv("CLIENT_SECRET"), scope=self.scope)
+
+    def __init__(self):
+        super().__init__()
+        self.setup_oauth()
+
 class Register(BBPay):
     def post(self):
         data = request.get_json()
@@ -74,7 +74,7 @@ class Register(BBPay):
             params=self.params, 
             json=body,
             verify=self.verify_ssl,
-            cert='cert.pem')
+            cert=self.cert)
         return response.json()
 
 class Request(BBPay):
@@ -104,7 +104,8 @@ class Request(BBPay):
             self.baseUrl+"/solicitacoes",
             params=self.params,
             json=body,
-            verify=self.verify_ssl)
+            verify=self.verify_ssl,
+            cert=self.cert)
         return response.json()
 
 class Release(BBPay):
@@ -112,7 +113,8 @@ class Release(BBPay):
         response = self.oauth.get(
             self.baseUrl+f"/solicitacoes/{numeroSolicitacao}",
             params=self.params,
-            verify=self.verify_ssl)
+            verify=self.verify_ssl,
+            cert=self.cert)
         if response.status_code != 200:
             return 'Upstream error', response.status_code
         data = response.json()
@@ -125,7 +127,8 @@ class Release(BBPay):
         response = self.oauth.get(
             self.baseUrl+f"/participantes/{numeroParticipante}",
             params=self.params,
-            verify=self.verify_ssl)
+            verify=self.verify_ssl,
+            cert=self.cert)
         if response.status_code != 200:
             return 'Upstream error', response.status_code
         chainID = response.json()['nomeParticipante']