Add support for client certificates

[quality-leftovers]

Support authenticating using client certificates (#84).

[quality-leftovers]

Set to client.client_cert if client_cert is None? Probably makes sense. Not sure

[Acconut]

Could you explain what you mean? I don't fully understand the problem.

[quality-leftovers]

I was just wondering about what should be done if this constructor is called with client_cert=None but the client already was constructed with a client certificate. But I think this should be considered incorrect use.

It's a bit complicated right now because baseuploader, uploader and TusRequest all do "HTTP" stuff and all need to use the client cert. But changing that would be more than I dare to touch atm. See: #77.

[Acconut]

Why does the BaseUploader class constructor needs its own client_cert argument at all? Couldn't it access it via client.client_cert? Then we don't have to deal with cases where client_cert on BaseUploader differs from client_cert on Client.

[Acconut]

Looking more at it, the reason seems to be that this way one can also set client_cert without providing a TusClient at all. However, I don't think that this is a use case we need to support. Just like headers can also be set through TusClient, we can also provide client_cert through a TusClient. Then we avoid having duplicate ways to achieve the same thing. Does that make sense?

[quality-leftovers]

I've changed it so certificate is only set via TusClient. Makes the code cleaner.

[Acconut]

Does this require the file to be present on the machine? Is there some code, which generates this file?

[quality-leftovers]

The test only checks if the property is passed along to the uploader. The requests "mock" does not care about it.
Not sure if doing further tests for client certificates in unit tests makes a lot of sense.

[Acconut]

I see now that this just tests the properties on our classes. Would it be possible to add a test ensuring that the client certificate is properly passed to requests? We have similar tests for verify_tls_cert and maybe that can serve as an inspiration:

tus-py-client/tests/test_request.py

Line 54 in 7b54f7a

def test_verify_tls_cert(self):

tus-py-client/tests/test_async_uploader.py

Line 120 in 7b54f7a

def test_upload_verify_tls_cert(self):

[quality-leftovers]

I've had a look at the test and also noticed that I forgot to add the certificate for the async upload because there the asyncio library is used for the patches.

Here in uploader:

tus-py-client/tusclient/uploader/uploader.py

Lines 154 to 160 in b04cf0b

	ssl_ctx = ssl.create_default_context()
	if (self.client_cert is not None):
	if self.client_cert is str:
	ssl_ctx.load_cert_chain(certfile=self.client_cert)
	else:
	ssl_ctx.load_cert_chain(certfile=self.client_cert[0], keyfile=self.client_cert[1])
	conn = aiohttp.TCPConnector(ssl=ssl_ctx)

And here in request:

tus-py-client/tusclient/request.py

Lines 115 to 122 in b04cf0b

	ssl_ctx = ssl.create_default_context()
	if (self.client_cert is not None):
	if self.client_cert is str:
	ssl_ctx.load_cert_chain(certfile=self.client_cert)
	else:
	ssl_ctx.load_cert_chain(certfile=self.client_cert[0], keyfile=self.client_cert[1])
	conn = aiohttp.TCPConnector(ssl=ssl_ctx)
	async with aiohttp.ClientSession(loop=self.io_loop, connector=conn) as session:

Need to test if that works and think about how that can be tested. It's getting more complicated than anticipated :/

[Acconut]

I am sorry to hear that is complicated. Where you able to get any progress on the tests? :)

[Acconut]

Could you explain what you mean? I don't fully understand the problem.

[quality-leftovers]

Wondering if you could have a look again. Still not sure what to do related to the tests since TLS cannot really be tested in the unit tests.

[Acconut]

Sure, I responded to your latest comments :)

[Acconut]

One additional thing: Please avoid force pushing to the branch. This makes it harder for us to review changes as we don't know what changes between commits. In the end, the entire branch will be squashed anyways, so the Git commits don't matter much.