Rename versioned module and drop Client class

bjoernricks · bjoernricks · commit 10cf6171941c · 2025-07-08T09:34:37.000+02:00
The client class just creates a httpx.Client instance. Therefore it
should be a function. Rename the module and remove the v from the name
to be consistent with other module names.
diff --git a/gvm/protocols/http/openvasd/_client.py b/gvm/protocols/http/openvasd/_client.py
@@ -3,79 +3,78 @@
 # SPDX-License-Identifier: GPL-3.0-or-later
 
 """
-Client wrapper for initializing a connection to the openvasd HTTP API using optional mTLS authentication.
+http client for initializing a connection to the openvasd HTTP API using optional mTLS authentication.
 """
 
 import ssl
+from os import PathLike
 from typing import Optional, Tuple, Union
 
 from httpx import Client
 
+StrOrPathLike = Union[str, PathLike[str]]
 
-class OpenvasdClient:
+
+def create_openvasd_http_client(
+    host_name: str,
+    *,
+    api_key: Optional[str] = None,
+    server_ca_path: Optional[StrOrPathLike] = None,
+    client_cert_paths: Optional[
+        Union[StrOrPathLike, Tuple[StrOrPathLike, StrOrPathLike]]
+    ] = None,
+    port: int = 3000,
+) -> Client:
     """
-    The client wrapper around `httpx.Client` configured for mTLS-secured access or API KEY
+    Create a `httpx.Client` configured for mTLS-secured or API KEY access
     to an openvasd HTTP API instance.
-    """
-
-    def __init__(
-        self,
-        host_name: str,
-        *,
-        api_key: Optional[str] = None,
-        server_ca_path: Optional[str] = None,
-        client_cert_paths: Optional[Union[str, Tuple[str, str]]] = None,
-        port: int = 3000,
-    ):
-        """
-        Initialize the OpenVASD HTTP client with optional mTLS and API key.
 
-        Args:
-            host_name: Hostname or IP of the OpenVASD server (e.g., "localhost").
-            api_key: Optional API key used for authentication via HTTP headers.
-            server_ca_path: Path to the server's CA certificate (for verifying the server).
-            client_cert_paths: Path to the client certificate (str) or a tuple of
-                               (cert_path, key_path) for mTLS authentication.
-            port: The port to connect to (default: 3000).
+    Args:
+        host_name: Hostname or IP of the OpenVASD server (e.g., "localhost").
+        api_key: Optional API key used for authentication via HTTP headers.
+        server_ca_path: Path to the server's CA certificate (for verifying the server).
+        client_cert_paths: Path to the client certificate (str) or a tuple of
+                            (cert_path, key_path) for mTLS authentication.
+        port: The port to connect to (default: 3000).
 
-        Behavior:
-            - If both `server_ca_path` and `client_cert_paths` are set, an mTLS connection
-              is established using an SSLContext.
-            - If not, `verify` is set to False (insecure), and HTTP is used instead of HTTPS.
-              HTTP connection needs api_key for authorization.
-        """
-        headers = {}
+    Behavior:
+        - If both `server_ca_path` and `client_cert_paths` are set, an mTLS connection
+            is established using an SSLContext.
+        - If not, `verify` is set to False (insecure), and HTTP is used instead of HTTPS.
+            HTTP connection needs api_key for authorization.
+    """
+    headers = {}
 
-        context: Optional[ssl.SSLContext] = None
+    context: Optional[ssl.SSLContext] = None
 
-        # Prepare mTLS SSL context if needed
-        if client_cert_paths and server_ca_path:
-            context = ssl.create_default_context(
-                ssl.Purpose.SERVER_AUTH, cafile=server_ca_path
+    # Prepare mTLS SSL context if needed
+    if client_cert_paths and server_ca_path:
+        context = ssl.create_default_context(
+            ssl.Purpose.SERVER_AUTH, cafile=server_ca_path
+        )
+        if isinstance(client_cert_paths, tuple):
+            context.load_cert_chain(
+                certfile=client_cert_paths[0], keyfile=client_cert_paths[1]
             )
-            if isinstance(client_cert_paths, tuple):
-                context.load_cert_chain(
-                    certfile=client_cert_paths[0], keyfile=client_cert_paths[1]
-                )
-            else:
-                context.load_cert_chain(certfile=client_cert_paths)
+        else:
+            context.load_cert_chain(certfile=client_cert_paths)
 
-            context.check_hostname = False
-            context.verify_mode = ssl.CERT_REQUIRED
+        context.check_hostname = False
+        context.verify_mode = ssl.CERT_REQUIRED
 
-        # Set verify based on context presence
-        verify: Union[bool, ssl.SSLContext] = context if context else False
+    # Set verify based on context presence
+    verify: Union[bool, ssl.SSLContext] = context if context else False
 
-        if api_key:
-            headers["X-API-KEY"] = api_key
+    if api_key:
+        headers["X-API-KEY"] = api_key
 
-        protocol = "https" if context else "http"
-        base_url = f"{protocol}://{host_name}:{port}"
+    protocol = "https" if context else "http"
+    base_url = f"{protocol}://{host_name}:{port}"
 
-        self.client = Client(
-            base_url=base_url,
-            headers=headers,
-            verify=verify,
-            http2=True,
-            timeout=10.0,
-        )
+    return Client(
+        base_url=base_url,
+        headers=headers,
+        verify=verify,
+        http2=True,
+        timeout=10.0,
+    )
diff --git a/gvm/protocols/http/openvasd/openvasd1.py b/gvm/protocols/http/openvasd/openvasd1.py
@@ -11,7 +11,7 @@
 
 from typing import Optional, Tuple, Union
 
-from ._client import OpenvasdClient
+from ._client import StrOrPathLike, create_openvasd_http_client
 from .health import HealthAPI
 from .metadata import MetadataAPI
 from .notus import NotusAPI
@@ -35,8 +35,10 @@ def __init__(
         port: int = 3000,
         *,
         api_key: Optional[str] = None,
-        server_ca_path: Optional[str] = None,
-        client_cert_paths: Optional[Union[str, Tuple[str, str]]] = None,
+        server_ca_path: Optional[StrOrPathLike] = None,
+        client_cert_paths: Optional[
+            Union[StrOrPathLike, Tuple[StrOrPathLike, StrOrPathLike]]
+        ] = None,
     ):
         """
         Initialize the OpenvasdHttpApiV1 entry point.
@@ -52,13 +54,13 @@ def __init__(
             - Sets up an underlying `httpx.Client` using `OpenvasdClient`.
             - Initializes sub-API modules with the shared client instance.
         """
-        self._client = OpenvasdClient(
+        self._client = create_openvasd_http_client(
             host_name=host_name,
             port=port,
             api_key=api_key,
             server_ca_path=server_ca_path,
             client_cert_paths=client_cert_paths,
-        ).client
+        )
 
         # Sub-API modules
         self.health = HealthAPI(self._client)
diff --git a/tests/protocols/http/openvasd/test_client.py b/tests/protocols/http/openvasd/test_client.py
@@ -6,29 +6,26 @@
 import unittest
 from unittest.mock import MagicMock, patch
 
-from gvm.protocols.http.openvasd._client import OpenvasdClient
+from gvm.protocols.http.openvasd._client import create_openvasd_http_client
 
 
 class TestOpenvasdClient(unittest.TestCase):
-
     @patch("gvm.protocols.http.openvasd._client.Client")
     def test_init_without_tls_or_api_key(self, mock_httpx_client):
-        client = OpenvasdClient("localhost")
+        create_openvasd_http_client("localhost")
         mock_httpx_client.assert_called_once()
-        args, kwargs = mock_httpx_client.call_args
+        _, kwargs = mock_httpx_client.call_args
         self.assertEqual(kwargs["base_url"], "http://localhost:3000")
         self.assertFalse(kwargs["verify"])
         self.assertNotIn("X-API-KEY", kwargs["headers"])
-        self.assertEqual(client.client, mock_httpx_client())
 
     @patch("gvm.protocols.http.openvasd._client.Client")
     def test_init_with_api_key_only(self, mock_httpx_client):
-        client = OpenvasdClient("localhost", api_key="secret")
-        args, kwargs = mock_httpx_client.call_args
+        create_openvasd_http_client("localhost", api_key="secret")
+        _, kwargs = mock_httpx_client.call_args
         self.assertEqual(kwargs["headers"]["X-API-KEY"], "secret")
         self.assertEqual(kwargs["base_url"], "http://localhost:3000")
         self.assertFalse(kwargs["verify"])
-        self.assertEqual(client.client, mock_httpx_client())
 
     @patch("gvm.protocols.http.openvasd._client.ssl.create_default_context")
     @patch("gvm.protocols.http.openvasd._client.Client")
@@ -38,7 +35,7 @@ def test_init_with_mtls_tuple(
         mock_context = MagicMock(spec=ssl.SSLContext)
         mock_ssl_ctx_factory.return_value = mock_context
 
-        OpenvasdClient(
+        create_openvasd_http_client(
             "localhost",
             server_ca_path="/path/ca.pem",
             client_cert_paths=("/path/cert.pem", "/path/key.pem"),
@@ -51,7 +48,7 @@ def test_init_with_mtls_tuple(
             certfile="/path/cert.pem", keyfile="/path/key.pem"
         )
         mock_httpx_client.assert_called_once()
-        args, kwargs = mock_httpx_client.call_args
+        _, kwargs = mock_httpx_client.call_args
         self.assertEqual(kwargs["base_url"], "https://localhost:3000")
         self.assertEqual(kwargs["verify"], mock_context)
 
@@ -63,7 +60,7 @@ def test_init_with_mtls_single_cert(
         mock_context = MagicMock(spec=ssl.SSLContext)
         mock_ssl_ctx_factory.return_value = mock_context
 
-        OpenvasdClient(
+        create_openvasd_http_client(
             "localhost",
             server_ca_path="/path/ca.pem",
             client_cert_paths="/path/client.pem",
@@ -72,6 +69,6 @@ def test_init_with_mtls_single_cert(
         mock_context.load_cert_chain.assert_called_once_with(
             certfile="/path/client.pem"
         )
-        args, kwargs = mock_httpx_client.call_args
+        _, kwargs = mock_httpx_client.call_args
         self.assertEqual(kwargs["base_url"], "https://localhost:3000")
         self.assertEqual(kwargs["verify"], mock_context)
diff --git a/tests/protocols/http/openvasd/test_openvasd1.py b/tests/protocols/http/openvasd/test_openvasd1.py
@@ -5,17 +5,14 @@
 import unittest
 from unittest.mock import MagicMock, patch
 
-from gvm.protocols.http.openvasd.openvasdv1 import OpenvasdHttpApiV1
+from gvm.protocols.http.openvasd.openvasd1 import OpenvasdHttpApiV1
 
 
 class TestOpenvasdHttpApiV1(unittest.TestCase):
-
-    @patch("gvm.protocols.http.openvasd.openvasdv1.OpenvasdClient")
-    def test_initializes_all_sub_apis(self, mock_openvasd_client_class):
+    @patch("gvm.protocols.http.openvasd.openvasd1.create_openvasd_http_client")
+    def test_initializes_all_sub_apis(self, mock_crate_openvasd_client):
         mock_httpx_client = MagicMock()
-        mock_openvasd_client_instance = MagicMock()
-        mock_openvasd_client_instance.client = mock_httpx_client
-        mock_openvasd_client_class.return_value = mock_openvasd_client_instance
+        mock_crate_openvasd_client.return_value = mock_httpx_client
 
         api = OpenvasdHttpApiV1(
             host_name="localhost",
@@ -25,7 +22,7 @@ def test_initializes_all_sub_apis(self, mock_openvasd_client_class):
             client_cert_paths=("/path/to/client.pem", "/path/to/key.pem"),
         )
 
-        mock_openvasd_client_class.assert_called_once_with(
+        mock_crate_openvasd_client.assert_called_once_with(
             host_name="localhost",
             port=3000,
             api_key="test-key",
