mirror of
https://github.com/openziti/zrok.git
synced 2024-11-25 01:23:49 +01:00
align Py SDK with permission model
This commit is contained in:
parent
de1ebdc333
commit
e6fc45b2ce
@ -1,48 +1,46 @@
|
||||
# "http-server" SDK Example
|
||||
|
||||
This `http-server` example is a minimal `zrok` application that surfaces a basic http server over a public zrok share.
|
||||
This `http-server` example is a minimal zrok application that surfaces a basic HTTP server over a public share.
|
||||
|
||||
## Implementation
|
||||
|
||||
```go
|
||||
root = zrok.environment.root.Load()
|
||||
root = zrok.environment.root.Load()
|
||||
```
|
||||
|
||||
The `root` is a structure that contains all of the user's environment detail and allows the SDK application to access the `zrok` service instance and the underlying OpenZiti network.
|
||||
The `root` is a structure that contains all of the user's environment details and allows the SDK application to access the zrok service instance and the underlying OpenZiti network.
|
||||
|
||||
```python
|
||||
try:
|
||||
shr = zrok.share.CreateShare(root=root, request=ShareRequest(
|
||||
BackendMode=zrok.model.TCP_TUNNEL_BACKEND_MODE,
|
||||
ShareMode=zrok.model.PUBLIC_SHARE_MODE,
|
||||
Frontends=['public'],
|
||||
Target="http-server"
|
||||
))
|
||||
shrToken = shr.Token
|
||||
print("Access server at the following endpoints: ", "\n".join(shr.FrontendEndpoints))
|
||||
|
||||
def removeShare():
|
||||
zrok.share.DeleteShare(root=root, shr=shr)
|
||||
print("Deleted share")
|
||||
atexit.register(removeShare)
|
||||
except Exception as e:
|
||||
print("unable to create share", e)
|
||||
sys.exit(1)
|
||||
try:
|
||||
shr = zrok.share.CreateShare(root=root, request=ShareRequest(
|
||||
BackendMode=zrok.model.TCP_TUNNEL_BACKEND_MODE,
|
||||
ShareMode=zrok.model.PUBLIC_SHARE_MODE,
|
||||
Frontends=['public'],
|
||||
Target="http-server"
|
||||
))
|
||||
shrToken = shr.Token
|
||||
print("Access server at the following endpoints: ", "\n".join(shr.FrontendEndpoints))
|
||||
|
||||
def removeShare():
|
||||
zrok.share.DeleteShare(root=root, shr=shr)
|
||||
print("Deleted share")
|
||||
atexit.register(removeShare)
|
||||
except Exception as e:
|
||||
print("unable to create share", e)
|
||||
sys.exit(1)
|
||||
```
|
||||
|
||||
The `sdk.CreateShare` call uses the loaded `environment` root along with the details of the share request (`sdk.ShareRequest`) to create the share that will be used to access the `http-server`.
|
||||
|
||||
We are using the `sdk.TcpTunnelBackendMode` to handle tcp traffic. This time we are using `sdk.PublicShareMode` to take advantage of a public share that is running. With that we set which frontends to listen on, so we use whatever is configured, `public` here.
|
||||
|
||||
|
||||
Next we populate our cfg options for our decorator
|
||||
Next, we populate our `cfg` options for our decorator.
|
||||
|
||||
```python
|
||||
zrok_opts['cfg'] = zrok.decor.Opts(root=root, shrToken=shrToken, bindPort=bindPort)
|
||||
```
|
||||
|
||||
Next we run the server which ends up calling the following:
|
||||
Next, we run the server which ends up calling the following:
|
||||
|
||||
```python
|
||||
@zrok.decor.zrok(opts=zrok_opts)
|
||||
@ -51,4 +49,3 @@ def runApp():
|
||||
# the port is only used to integrate Zrok with frameworks that expect a "hostname:port" combo
|
||||
serve(app, port=bindPort)
|
||||
```
|
||||
|
||||
|
@ -16,7 +16,7 @@ The zrok SDK requires Python 3.10 or later.
|
||||
If you haven't already installed them, you'll need the dependent libraries used in the examples.
|
||||
|
||||
```bash
|
||||
pip install -r ./sdk/python/examples/requirements.txt
|
||||
pip install -r ./sdk/python/examples/pastebin/requirements.txt
|
||||
```
|
||||
|
||||
## Running the Example :arrow_forward:
|
||||
@ -25,7 +25,7 @@ This example contains a `copyto` server portion and `pastefrom` client portion.
|
||||
|
||||
### copyto
|
||||
|
||||
The server portion expects to get data you want to send via stdin. It can be evoked by:
|
||||
The server portion expects to get the data you want to send via stdin. It can be invoked by:
|
||||
|
||||
```bash
|
||||
echo "this is a cool test" | python pastebin.py copyto
|
||||
|
@ -12,14 +12,16 @@ import threading
|
||||
|
||||
exit_signal = threading.Event()
|
||||
|
||||
|
||||
def signal_handler(signum, frame):
|
||||
print("\nCtrl-C detected. Next connection will close server")
|
||||
exit_signal.set()
|
||||
|
||||
|
||||
class copyto:
|
||||
def handle(self, *args, **kwargs):
|
||||
root = zrok.environment.root.Load()
|
||||
|
||||
|
||||
try:
|
||||
shr = zrok.share.CreateShare(root=root, request=ShareRequest(
|
||||
BackendMode=zrok.model.TCP_TUNNEL_BACKEND_MODE,
|
||||
@ -48,7 +50,6 @@ class copyto:
|
||||
conn.sendall(data.encode('utf-8'))
|
||||
|
||||
print("Server stopped.")
|
||||
|
||||
|
||||
def loadData(self):
|
||||
if not os.isatty(sys.stdin.fileno()):
|
||||
@ -56,6 +57,7 @@ class copyto:
|
||||
else:
|
||||
raise Exception("'copyto' requires input from stdin; direct your paste buffer into stdin")
|
||||
|
||||
|
||||
def pastefrom(options):
|
||||
root = zrok.environment.root.Load()
|
||||
|
||||
@ -66,7 +68,7 @@ def pastefrom(options):
|
||||
except Exception as e:
|
||||
print("unable to create access", e)
|
||||
sys.exit(1)
|
||||
|
||||
|
||||
def removeAccess():
|
||||
try:
|
||||
zrok.access.DeleteAccess(root, acc)
|
||||
@ -79,6 +81,7 @@ def pastefrom(options):
|
||||
data = client.recv(1024)
|
||||
print(data.decode('utf-8'))
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
parser = argparse.ArgumentParser()
|
||||
subparsers = parser.add_subparsers()
|
||||
|
@ -68,8 +68,8 @@ def __newPrivateShare(root: Root, request: model.ShareRequest) -> ShareRequest:
|
||||
backend_mode=request.BackendMode,
|
||||
backend_proxy_endpoint=request.Target,
|
||||
auth_scheme=model.AUTH_SCHEME_NONE,
|
||||
permission_mode=request.permission_mode,
|
||||
access_grants=request.access_grants
|
||||
permission_mode=request.PermissionMode,
|
||||
access_grants=request.AccessGrants
|
||||
)
|
||||
|
||||
|
||||
@ -82,8 +82,8 @@ def __newPublicShare(root: Root, request: model.ShareRequest) -> ShareRequest:
|
||||
auth_scheme=model.AUTH_SCHEME_NONE,
|
||||
oauth_email_domains=request.OauthEmailAddressPatterns,
|
||||
oauth_authorization_check_interval=request.OauthAuthorizationCheckInterval,
|
||||
permission_mode=request.permission_mode,
|
||||
access_grants=request.access_grants
|
||||
permission_mode=request.PermissionMode,
|
||||
access_grants=request.AccessGrants
|
||||
)
|
||||
if request.OauthProvider != "":
|
||||
ret.oauth_provider = request.OauthProvider
|
||||
|
Loading…
Reference in New Issue
Block a user