Support skipping SSL certification verification

in Ruby clients by e.g.:

    SwaggerClient::Swagger.configure do |config|
      config.verify_ssl = false
    end

Author: xhh

modules/swagger-codegen/src/main/resources/ruby/swagger/configuration.mustache

@@ -1,7 +1,7 @@
 module {{moduleName}}
   module Swagger
     class Configuration
-      attr_accessor :format, :api_key, :api_key_prefix, :username, :password, :auth_token, :scheme, :host, :base_path, :user_agent, :logger, :inject_format, :force_ending_format, :camelize_params, :user_agent
+      attr_accessor :format, :api_key, :api_key_prefix, :username, :password, :auth_token, :scheme, :host, :base_path, :user_agent, :logger, :inject_format, :force_ending_format, :camelize_params, :user_agent, :verify_ssl
 
       # Defaults go in here..
       def initialize
@@ -13,8 +13,16 @@ module {{moduleName}}
         @inject_format = false
         @force_ending_format = false
         @camelize_params = true
+
+        # keys for API key authentication (param-name => api-key)
         @api_key = {}
+        # api-key prefix for API key authentication, e.g. "Bearer" (param-name => api-key-prefix)
         @api_key_prefix = {}
+
+        # whether to verify SSL certificate, default to true
+        # Note: do NOT set it to false in production code, otherwise you would
+        #   face multiple types of cryptographic attacks
+        @verify_ssl = true
       end
     end
   end

modules/swagger-codegen/src/main/resources/ruby/swagger/request.mustache

@@ -160,39 +160,40 @@ module {{moduleName}}
         #TODO use configuration setting to determine if debugging
         #logger = Logger.new STDOUT
         #logger.debug self.url
+
+        request_options = {
+          :ssl_verifypeer => Swagger.configuration.verify_ssl,
+          :headers => self.headers.stringify_keys
+        }
         response = case self.http_method.to_sym
         when :get,:GET
           Typhoeus::Request.get(
             self.url,
-            :headers => self.headers.stringify_keys,
+            request_options
           )
 
         when :post,:POST
           Typhoeus::Request.post(
             self.url,
-            :body => self.outgoing_body,
-            :headers => self.headers.stringify_keys,
+            request_options.merge(:body => self.outgoing_body)
           )
 
         when :patch,:PATCH
           Typhoeus::Request.patch(
             self.url,
-            :body => self.outgoing_body,
-            :headers => self.headers.stringify_keys,
+            request_options.merge(:body => self.outgoing_body)
           )
 
         when :put,:PUT
           Typhoeus::Request.put(
             self.url,
-            :body => self.outgoing_body,
-            :headers => self.headers.stringify_keys,
+            request_options.merge(:body => self.outgoing_body)
           )
 
         when :delete,:DELETE
           Typhoeus::Request.delete(
             self.url,
-            :body => self.outgoing_body,
-            :headers => self.headers.stringify_keys,
+            request_options.merge(:body => self.outgoing_body)
           )
         end
         Response.new(response)

samples/client/petstore/ruby/lib/swagger_client/swagger/configuration.rb

@@ -1,7 +1,7 @@
 module SwaggerClient
   module Swagger
     class Configuration
-      attr_accessor :format, :api_key, :api_key_prefix, :username, :password, :auth_token, :scheme, :host, :base_path, :user_agent, :logger, :inject_format, :force_ending_format, :camelize_params, :user_agent
+      attr_accessor :format, :api_key, :api_key_prefix, :username, :password, :auth_token, :scheme, :host, :base_path, :user_agent, :logger, :inject_format, :force_ending_format, :camelize_params, :user_agent, :verify_ssl
 
       # Defaults go in here..
       def initialize
@@ -13,8 +13,16 @@ def initialize
         @inject_format = false
         @force_ending_format = false
         @camelize_params = true
+
+        # keys for API key authentication (param-name => api-key)
         @api_key = {}
+        # api-key prefix for API key authentication, e.g. "Bearer" (param-name => api-key-prefix)
         @api_key_prefix = {}
+
+        # whether to verify SSL certificate, default to true
+        # Note: do NOT set it to false in production code, otherwise you would
+        #   face multiple types of cryptographic attacks
+        @verify_ssl = true
       end
     end
   end

samples/client/petstore/ruby/lib/swagger_client/swagger/request.rb

@@ -159,39 +159,40 @@ def make
         #TODO use configuration setting to determine if debugging
         #logger = Logger.new STDOUT
         #logger.debug self.url
+
+        request_options = {
+          :ssl_verifypeer => Swagger.configuration.verify_ssl,
+          :headers => self.headers.stringify_keys
+        }
         response = case self.http_method.to_sym
         when :get,:GET
           Typhoeus::Request.get(
             self.url,
-            :headers => self.headers.stringify_keys,
+            request_options
           )
 
         when :post,:POST
           Typhoeus::Request.post(
             self.url,
-            :body => self.outgoing_body,
-            :headers => self.headers.stringify_keys,
+            request_options.merge(:body => self.outgoing_body)
           )
 
         when :patch,:PATCH
           Typhoeus::Request.patch(
             self.url,
-            :body => self.outgoing_body,
-            :headers => self.headers.stringify_keys,
+            request_options.merge(:body => self.outgoing_body)
           )
 
         when :put,:PUT
           Typhoeus::Request.put(
             self.url,
-            :body => self.outgoing_body,
-            :headers => self.headers.stringify_keys,
+            request_options.merge(:body => self.outgoing_body)
           )
 
         when :delete,:DELETE
           Typhoeus::Request.delete(
             self.url,
-            :body => self.outgoing_body,
-            :headers => self.headers.stringify_keys,
+            request_options.merge(:body => self.outgoing_body)
           )
         end
         Response.new(response)