Last active
November 1, 2017 21:25
-
-
Save taion/bf610defa6e10be948d76591252f92f8 to your computer and use it in GitHub Desktop.
Token exchange
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [[source]] | |
| url = "https://pypi.python.org/simple" | |
| verify_ssl = true | |
| name = "pypi" | |
| [packages] | |
| flask = "*" | |
| [dev-packages] | |
| [requires] | |
| python_version = "3.6" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "_meta": { | |
| "hash": { | |
| "sha256": "cbf8e638e8cd1a98e1008cd9f9ead22772a784d607fbc4e41b89de5b19011179" | |
| }, | |
| "host-environment-markers": { | |
| "implementation_name": "cpython", | |
| "implementation_version": "3.6.3", | |
| "os_name": "posix", | |
| "platform_machine": "x86_64", | |
| "platform_python_implementation": "CPython", | |
| "platform_release": "16.7.0", | |
| "platform_system": "Darwin", | |
| "platform_version": "Darwin Kernel Version 16.7.0: Thu Jun 15 17:36:27 PDT 2017; root:xnu-3789.70.16~2/RELEASE_X86_64", | |
| "python_full_version": "3.6.3", | |
| "python_version": "3.6", | |
| "sys_platform": "darwin" | |
| }, | |
| "pipfile-spec": 6, | |
| "requires": { | |
| "python_version": "3.6" | |
| }, | |
| "sources": [ | |
| { | |
| "name": "pypi", | |
| "url": "https://pypi.python.org/simple", | |
| "verify_ssl": true | |
| } | |
| ] | |
| }, | |
| "default": { | |
| "click": { | |
| "hashes": [ | |
| "sha256:29f99fc6125fbc931b758dc053b3114e55c77a6e4c6c3a2674a2dc986016381d", | |
| "sha256:f15516df478d5a56180fbf80e68f206010e6d160fc39fa508b65e035fd75130b" | |
| ], | |
| "version": "==6.7" | |
| }, | |
| "flask": { | |
| "hashes": [ | |
| "sha256:0749df235e3ff61ac108f69ac178c9770caeaccad2509cb762ce1f65570a8856", | |
| "sha256:49f44461237b69ecd901cc7ce66feea0319b9158743dd27a2899962ab214dac1" | |
| ], | |
| "version": "==0.12.2" | |
| }, | |
| "itsdangerous": { | |
| "hashes": [ | |
| "sha256:cbb3fcf8d3e33df861709ecaf89d9e6629cff0a217bc2848f1b41cd30d360519" | |
| ], | |
| "version": "==0.24" | |
| }, | |
| "jinja2": { | |
| "hashes": [ | |
| "sha256:2231bace0dfd8d2bf1e5d7e41239c06c9e0ded46e70cc1094a0aa64b0afeb054", | |
| "sha256:ddaa01a212cd6d641401cb01b605f4a4d9f37bfc93043d7f760ec70fb99ff9ff" | |
| ], | |
| "version": "==2.9.6" | |
| }, | |
| "markupsafe": { | |
| "hashes": [ | |
| "sha256:a6be69091dac236ea9c6bc7d012beab42010fa914c459791d627dad4910eb665" | |
| ], | |
| "version": "==1.0" | |
| }, | |
| "werkzeug": { | |
| "hashes": [ | |
| "sha256:e8549c143af3ce6559699a01e26fa4174f4c591dbee0a499f3cd4c3781cdec3d", | |
| "sha256:903a7b87b74635244548b30d30db4c8947fe64c5198f58899ddcd3a13c23bb26" | |
| ], | |
| "version": "==0.12.2" | |
| } | |
| }, | |
| "develop": {} | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 8080; | |
| allow 127.0.0.1; | |
| deny all; | |
| access_by_lua_block { | |
| -- Contra the docs, as this is a GET, we don't need to explicitly read | |
| -- the request body here. | |
| local res = ngx.location.capture("/exchange") | |
| if res.truncated then | |
| return ngx.exit(ngx.HTTP_BAD_GATEWAY) | |
| elseif res.status ~= ngx.HTTP_NO_CONTENT then | |
| ngx.status = res.status | |
| for field_key, field_value in pairs(res.header) do | |
| -- This shouldn't include the private authorization header. | |
| ngx.header[field_key] = field_value | |
| end | |
| ngx.print(res.body) | |
| return ngx.exit(res.status) | |
| end | |
| ngx.req.set_header("Authorization", res.header["Authorization"]) | |
| } | |
| location = / { | |
| proxy_pass http://127.0.0.1:5000; | |
| } | |
| location = /exchange { | |
| internal; | |
| proxy_pass http://127.0.0.1:5000; | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import flask | |
| from flask import Flask | |
| # ----------------------------------------------------------------------------- | |
| app = Flask('token_exchange') | |
| # ----------------------------------------------------------------------------- | |
| @app.route('/', methods=('GET', 'POST', 'PUT')) | |
| def root(): | |
| authorization = flask.request.headers['Authorization'] | |
| body = flask.request.data | |
| return f"Authorization is {authorization}, body is {body}" | |
| @app.route('/exchange') | |
| def exchange(): | |
| try: | |
| authorization = flask.request.headers['Authorization'] | |
| except KeyError: | |
| return "foo", 401, { | |
| 'foo': 'bar', | |
| } | |
| return '', 204, { | |
| 'Authorization': f'Exchanged{authorization}', | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment