Skip to content

Instantly share code, notes, and snippets.

@taion

taion/Pipfile

Last active November 1, 2017 21:25
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save taion/bf610defa6e10be948d76591252f92f8 to your computer and use it in GitHub Desktop.
Save taion/bf610defa6e10be948d76591252f92f8 to your computer and use it in GitHub Desktop.
Download ZIP
Token exchange
Raw
Pipfile
[[source]]
url = "https://pypi.python.org/simple"
verify_ssl = true
name = "pypi"
[packages]
flask = "*"
[dev-packages]
[requires]
python_version = "3.6"
Raw
Pipfile.lock
{
"_meta": {
"hash": {
"sha256": "cbf8e638e8cd1a98e1008cd9f9ead22772a784d607fbc4e41b89de5b19011179"
},
"host-environment-markers": {
"implementation_name": "cpython",
"implementation_version": "3.6.3",
"os_name": "posix",
"platform_machine": "x86_64",
"platform_python_implementation": "CPython",
"platform_release": "16.7.0",
"platform_system": "Darwin",
"platform_version": "Darwin Kernel Version 16.7.0: Thu Jun 15 17:36:27 PDT 2017; root:xnu-3789.70.16~2/RELEASE_X86_64",
"python_full_version": "3.6.3",
"python_version": "3.6",
"sys_platform": "darwin"
},
"pipfile-spec": 6,
"requires": {
"python_version": "3.6"
},
"sources": [
{
"name": "pypi",
"url": "https://pypi.python.org/simple",
"verify_ssl": true
}
]
},
"default": {
"click": {
"hashes": [
"sha256:29f99fc6125fbc931b758dc053b3114e55c77a6e4c6c3a2674a2dc986016381d",
"sha256:f15516df478d5a56180fbf80e68f206010e6d160fc39fa508b65e035fd75130b"
],
"version": "==6.7"
},
"flask": {
"hashes": [
"sha256:0749df235e3ff61ac108f69ac178c9770caeaccad2509cb762ce1f65570a8856",
"sha256:49f44461237b69ecd901cc7ce66feea0319b9158743dd27a2899962ab214dac1"
],
"version": "==0.12.2"
},
"itsdangerous": {
"hashes": [
"sha256:cbb3fcf8d3e33df861709ecaf89d9e6629cff0a217bc2848f1b41cd30d360519"
],
"version": "==0.24"
},
"jinja2": {
"hashes": [
"sha256:2231bace0dfd8d2bf1e5d7e41239c06c9e0ded46e70cc1094a0aa64b0afeb054",
"sha256:ddaa01a212cd6d641401cb01b605f4a4d9f37bfc93043d7f760ec70fb99ff9ff"
],
"version": "==2.9.6"
},
"markupsafe": {
"hashes": [
"sha256:a6be69091dac236ea9c6bc7d012beab42010fa914c459791d627dad4910eb665"
],
"version": "==1.0"
},
"werkzeug": {
"hashes": [
"sha256:e8549c143af3ce6559699a01e26fa4174f4c591dbee0a499f3cd4c3781cdec3d",
"sha256:903a7b87b74635244548b30d30db4c8947fe64c5198f58899ddcd3a13c23bb26"
],
"version": "==0.12.2"
}
},
"develop": {}
}
Raw
server.conf
server {
listen 8080;
allow 127.0.0.1;
deny all;
access_by_lua_block {
-- Contra the docs, as this is a GET, we don't need to explicitly read
-- the request body here.
local res = ngx.location.capture("/exchange")
if res.truncated then
return ngx.exit(ngx.HTTP_BAD_GATEWAY)
elseif res.status ~= ngx.HTTP_NO_CONTENT then
ngx.status = res.status
for field_key, field_value in pairs(res.header) do
-- This shouldn't include the private authorization header.
ngx.header[field_key] = field_value
end
ngx.print(res.body)
return ngx.exit(res.status)
end
ngx.req.set_header("Authorization", res.header["Authorization"])
}
location = / {
proxy_pass http://127.0.0.1:5000;
}
location = /exchange {
internal;
proxy_pass http://127.0.0.1:5000;
}
}
Raw
srv.py
import flask
from flask import Flask
# -----------------------------------------------------------------------------
app = Flask('token_exchange')
# -----------------------------------------------------------------------------
@app.route('/', methods=('GET', 'POST', 'PUT'))
def root():
authorization = flask.request.headers['Authorization']
body = flask.request.data
return f"Authorization is {authorization}, body is {body}"
@app.route('/exchange')
def exchange():
try:
authorization = flask.request.headers['Authorization']
except KeyError:
return "foo", 401, {
'foo': 'bar',
}
return '', 204, {
'Authorization': f'Exchanged{authorization}',
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment