[Python] Add ca_cert_data parameter (#20697)

* Add `ca_cert_data` parameter to Python client.

This lets a client validate a server's CA certificate chain using a
variable/constant containing PEM (`str`) or DER (`bytes`) data, rather than
needing to reference a file on disk.

* python: Fix `ca_cert_data` on Python 3.8

samples/openapi3/client/petstore/python-aiohttp/petstore_api/configuration.py

@@ -17,7 +17,7 @@ import http.client as httplib
 import logging
 from logging import FileHandler
 import sys
-from typing import Any, ClassVar, Dict, List, Literal, Optional, TypedDict
+from typing import Any, ClassVar, Dict, List, Literal, Optional, TypedDict, Union
 from typing_extensions import NotRequired, Self
 
 import urllib3
@@ -168,6 +168,8 @@ class Configuration:
     :param ssl_ca_cert: str - the path to a file of concatenated CA certificates
       in PEM format.
     :param retries: Number of retries for API requests.
+    :param ca_cert_data: verify the peer using concatenated CA certificate data
+      in PEM (str) or DER (bytes) format.
 
     :Example:
 
@@ -257,13 +259,14 @@ conf = petstore_api.Configuration(
         password: Optional[str]=None,
         access_token: Optional[str]=None,
         signing_info: Optional[HttpSigningConfiguration]=None,
-        server_index: Optional[int]=None, 
+        server_index: Optional[int]=None,
         server_variables: Optional[ServerVariablesT]=None,
         server_operation_index: Optional[Dict[int, int]]=None,
         server_operation_variables: Optional[Dict[int, ServerVariablesT]]=None,
         ignore_operation_servers: bool=False,
         ssl_ca_cert: Optional[str]=None,
         retries: Optional[int] = None,
+        ca_cert_data: Optional[Union[str, bytes]] = None,
         *,
         debug: Optional[bool] = None,
     ) -> None:
@@ -346,6 +349,10 @@ conf = petstore_api.Configuration(
         self.ssl_ca_cert = ssl_ca_cert
         """Set this to customize the certificate file to verify the peer.
         """
+        self.ca_cert_data = ca_cert_data
+        """Set this to verify the peer using PEM (str) or DER (bytes)
+           certificate data.
+        """
         self.cert_file = None
         """client certificate file
         """

samples/openapi3/client/petstore/python-aiohttp/petstore_api/rest.py

@@ -57,7 +57,8 @@ class RESTClientObject:
         self.maxsize = configuration.connection_pool_maxsize
 
         self.ssl_context = ssl.create_default_context(
-            cafile=configuration.ssl_ca_cert
+            cafile=configuration.ssl_ca_cert,
+            cadata=configuration.ca_cert_data,
         )
         if configuration.cert_file:
             self.ssl_context.load_cert_chain(