Improve code based on review feedback: use _create_local_ssl_context directly and clarify mypy comment

Co-authored-by: iMicknl <1424596+iMicknl@users.noreply.github.com>

Author: Copilot

pyoverkiz/client.py

@@ -166,12 +166,8 @@ def __init__(
         if self.server_config.type == APIType.LOCAL and verify_ssl:
             # To avoid security issues while authentication to local API, we add the following authority to
             # our HTTPS client trust store: https://ca.overkiz.com/overkiz-root-ca-2048.crt
-            # Create a copy of the SSL context to avoid mutating the shared global context
-            self._ssl = ssl.SSLContext(SSL_CONTEXT_LOCAL_API.protocol)
-            self._ssl.load_verify_locations(
-                cafile=os.path.dirname(os.path.realpath(__file__))
-                + "/overkiz-root-ca-2048.crt"
-            )
+            # Create a new SSL context to avoid mutating the shared global context
+            self._ssl = _create_local_ssl_context()
 
             # Disable strict validation introduced in Python 3.13, which doesn't
             # work with Overkiz self-signed gateway certificates

pyoverkiz/utils.py

@@ -37,8 +37,9 @@ def create_server_config(
     configuration_url: str | None = None,
 ) -> ServerConfig:
     """Generate server configuration with the provided endpoint and metadata."""
-    # ServerConfig.__init__ handles the enum conversion, but mypy doesn't see it
-    # due to attrs @define decorator, so we need type: ignore comments.
+    # ServerConfig.__init__ handles the enum conversion, but mypy doesn't recognize
+    # this due to attrs @define decorator generating __init__ with stricter signatures,
+    # so we need type: ignore comments.
     return ServerConfig(
         server=server,  # type: ignore[arg-type]
         name=name,

tests/test_auth.py

@@ -3,8 +3,7 @@
 from __future__ import annotations
 
 import datetime
-import ssl
-from unittest.mock import AsyncMock, MagicMock, Mock, patch
+from unittest.mock import AsyncMock, MagicMock
 
 import pytest
 from aiohttp import ClientSession
@@ -108,9 +107,7 @@ def test_ensure_username_password_valid(self):
     def test_ensure_username_password_invalid(self):
         """Test that invalid credentials raise TypeError."""
         creds = TokenCredentials("token")
-        with pytest.raises(
-            TypeError, match="UsernamePasswordCredentials are required"
-        ):
+        with pytest.raises(TypeError, match="UsernamePasswordCredentials are required"):
             _ensure_username_password(creds)
 
     def test_ensure_token_valid(self):
@@ -332,9 +329,7 @@ async def test_build_auth_strategy_wrong_credentials_type(self):
         credentials = TokenCredentials("token")  # Wrong type for Somfy
         session = AsyncMock(spec=ClientSession)
 
-        with pytest.raises(
-            TypeError, match="UsernamePasswordCredentials are required"
-        ):
+        with pytest.raises(TypeError, match="UsernamePasswordCredentials are required"):
             build_auth_strategy(
                 server_config=server_config,
                 credentials=credentials,