@@ -111,7 +111,8 @@ def _get_endpoint_certificate(self, endpoint_id: str) -> key_agreement_client:
111111 if (self .ak is None or self .sk is None ) and cert_path is None and self .api_key is None :
112112 raise ArkAPIError ("must set (ak and sk) or (E2E_CERTIFICATE_PATH) \
113113
114- self ._certificate_manager = E2ECertificateManager (self .ak , self .sk , self .region , self , self ._base_url , self .api_key )
114+ self ._certificate_manager = E2ECertificateManager (self .ak , self .sk , self .region ,
115+ self ._base_url , self .api_key )
115116 return self ._certificate_manager .get (endpoint_id )
116117
117118 def _get_bot_sts_token (self , bot_id : str ):
@@ -205,7 +206,7 @@ def _get_endpoint_certificate(self, endpoint_id: str) -> key_agreement_client:
205206 if (self .ak is None or self .sk is None ) and cert_path is None and self .api_key is None :
206207 raise ArkAPIError ("must set (ak and sk) or (E2E_CERTIFICATE_PATH) \
207208
208- self ._certificate_manager = E2ECertificateManager (self .ak , self .sk , self .region , self , self ._base_url , self .api_key )
209+ self ._certificate_manager = E2ECertificateManager (self .ak , self .sk , self .region , self ._base_url , self .api_key )
209210 return self ._certificate_manager .get (endpoint_id )
210211
211212 @property
@@ -309,6 +310,7 @@ class CertificateResponse():
309310
310311 def __init__ (self , ak : str , sk : str , region : str , base_url : str | URL = BASE_URL , api_key : str | None = None ):
311312 self ._certificate_manager : Dict [str , key_agreement_client ] = {}
313+ self ._init_local_cert_cache ()
312314
313315 import volcenginesdkcore
314316
@@ -355,15 +357,43 @@ def _sync_load_cert_by_auth(self, ep: str) -> str:
355357 except Exception as e :
356358 raise ArkAPIError ("Getting Certificate failed: %s\n " % e )
357359 return resp ['Certificate' ]
360+
361+ def _save_cert_to_file (self , ep : str , cert_pem : str ):
362+ cert_file_path = os .path .join (self ._cert_storage_path , f"{ ep } )
363+ with open (cert_file_path , 'w' ) as f :
364+ f .write (cert_pem )
365+
366+ def _load_cert_locally (self , ep : str ) -> str | None :
367+ cert_file_path = os .path .join (self ._cert_storage_path , f"{ ep } )
368+ if os .path .exists (cert_file_path ):
369+ last_modified_time = os .path .getmtime (cert_file_path )
370+ current_time = time .time ()
371+ time_difference = current_time - last_modified_time
372+ if time_difference <= self ._cert_expiration_seconds :
373+ with open (cert_file_path , 'r' ) as f :
374+ return f .read ()
375+ else :
376+ os .remove (cert_file_path )
377+ return None
378+
379+ def _init_local_cert_cache (self ):
380+ self ._cert_storage_path = "/tmp/ark/certificates"
381+ self ._cert_expiration_seconds = 14 * 24 * 60 * 60 # 14 days
382+
383+ if not os .path .exists (self ._cert_storage_path ):
384+ os .makedirs (self ._cert_storage_path )
358385
359386 def get (self , ep : str ) -> key_agreement_client :
360387 if ep not in self ._certificate_manager :
361- if self .cert_path is not None :
362- cert_pem = self ._load_cert_by_cert_path ()
363- elif self ._api_instance_enabled :
364- cert_pem = self ._load_cert_by_ak_sk (ep )
365- else :
366- cert_pem = self ._sync_load_cert_by_auth (ep )
388+ cert_pem = self ._load_cert_locally (ep )
389+ if cert_pem is None :
390+ if self .cert_path is not None :
391+ cert_pem = self ._load_cert_by_cert_path ()
392+ elif self ._api_instance_enabled :
393+ cert_pem = self ._load_cert_by_ak_sk (ep )
394+ else :
395+ cert_pem = self ._sync_load_cert_by_auth (ep )
396+ self ._save_cert_to_file (ep , cert_pem )
367397 self ._certificate_manager [ep ] = key_agreement_client (
368398 certificate_pem_string = cert_pem
369399 )
0 commit comments