align Py SDK with permission model

This commit is contained in:
Kenneth Bingham 2024-03-11 15:36:24 -04:00
parent de1ebdc333
commit e6fc45b2ce
No known key found for this signature in database
GPG Key ID: 31709281860130B6
4 changed files with 33 additions and 33 deletions

View File

@ -1,48 +1,46 @@
# "http-server" SDK Example
This `http-server` example is a minimal `zrok` application that surfaces a basic http server over a public zrok share.
This `http-server` example is a minimal zrok application that surfaces a basic HTTP server over a public share.
## Implementation
```go
root = zrok.environment.root.Load()
root = zrok.environment.root.Load()
```
The `root` is a structure that contains all of the user's environment detail and allows the SDK application to access the `zrok` service instance and the underlying OpenZiti network.
The `root` is a structure that contains all of the user's environment details and allows the SDK application to access the zrok service instance and the underlying OpenZiti network.
```python
try:
shr = zrok.share.CreateShare(root=root, request=ShareRequest(
BackendMode=zrok.model.TCP_TUNNEL_BACKEND_MODE,
ShareMode=zrok.model.PUBLIC_SHARE_MODE,
Frontends=['public'],
Target="http-server"
))
shrToken = shr.Token
print("Access server at the following endpoints: ", "\n".join(shr.FrontendEndpoints))
def removeShare():
zrok.share.DeleteShare(root=root, shr=shr)
print("Deleted share")
atexit.register(removeShare)
except Exception as e:
print("unable to create share", e)
sys.exit(1)
try:
shr = zrok.share.CreateShare(root=root, request=ShareRequest(
BackendMode=zrok.model.TCP_TUNNEL_BACKEND_MODE,
ShareMode=zrok.model.PUBLIC_SHARE_MODE,
Frontends=['public'],
Target="http-server"
))
shrToken = shr.Token
print("Access server at the following endpoints: ", "\n".join(shr.FrontendEndpoints))
def removeShare():
zrok.share.DeleteShare(root=root, shr=shr)
print("Deleted share")
atexit.register(removeShare)
except Exception as e:
print("unable to create share", e)
sys.exit(1)
```
The `sdk.CreateShare` call uses the loaded `environment` root along with the details of the share request (`sdk.ShareRequest`) to create the share that will be used to access the `http-server`.
We are using the `sdk.TcpTunnelBackendMode` to handle tcp traffic. This time we are using `sdk.PublicShareMode` to take advantage of a public share that is running. With that we set which frontends to listen on, so we use whatever is configured, `public` here.
Next we populate our cfg options for our decorator
Next, we populate our `cfg` options for our decorator.
```python
zrok_opts['cfg'] = zrok.decor.Opts(root=root, shrToken=shrToken, bindPort=bindPort)
```
Next we run the server which ends up calling the following:
Next, we run the server which ends up calling the following:
```python
@zrok.decor.zrok(opts=zrok_opts)
@ -51,4 +49,3 @@ def runApp():
# the port is only used to integrate Zrok with frameworks that expect a "hostname:port" combo
serve(app, port=bindPort)
```

View File

@ -16,7 +16,7 @@ The zrok SDK requires Python 3.10 or later.
If you haven't already installed them, you'll need the dependent libraries used in the examples.
```bash
pip install -r ./sdk/python/examples/requirements.txt
pip install -r ./sdk/python/examples/pastebin/requirements.txt
```
## Running the Example :arrow_forward:
@ -25,7 +25,7 @@ This example contains a `copyto` server portion and `pastefrom` client portion.
### copyto
The server portion expects to get data you want to send via stdin. It can be evoked by:
The server portion expects to get the data you want to send via stdin. It can be invoked by:
```bash
echo "this is a cool test" | python pastebin.py copyto

View File

@ -12,14 +12,16 @@ import threading
exit_signal = threading.Event()
def signal_handler(signum, frame):
print("\nCtrl-C detected. Next connection will close server")
exit_signal.set()
class copyto:
def handle(self, *args, **kwargs):
root = zrok.environment.root.Load()
try:
shr = zrok.share.CreateShare(root=root, request=ShareRequest(
BackendMode=zrok.model.TCP_TUNNEL_BACKEND_MODE,
@ -48,7 +50,6 @@ class copyto:
conn.sendall(data.encode('utf-8'))
print("Server stopped.")
def loadData(self):
if not os.isatty(sys.stdin.fileno()):
@ -56,6 +57,7 @@ class copyto:
else:
raise Exception("'copyto' requires input from stdin; direct your paste buffer into stdin")
def pastefrom(options):
root = zrok.environment.root.Load()
@ -66,7 +68,7 @@ def pastefrom(options):
except Exception as e:
print("unable to create access", e)
sys.exit(1)
def removeAccess():
try:
zrok.access.DeleteAccess(root, acc)
@ -79,6 +81,7 @@ def pastefrom(options):
data = client.recv(1024)
print(data.decode('utf-8'))
if __name__ == "__main__":
parser = argparse.ArgumentParser()
subparsers = parser.add_subparsers()

View File

@ -68,8 +68,8 @@ def __newPrivateShare(root: Root, request: model.ShareRequest) -> ShareRequest:
backend_mode=request.BackendMode,
backend_proxy_endpoint=request.Target,
auth_scheme=model.AUTH_SCHEME_NONE,
permission_mode=request.permission_mode,
access_grants=request.access_grants
permission_mode=request.PermissionMode,
access_grants=request.AccessGrants
)
@ -82,8 +82,8 @@ def __newPublicShare(root: Root, request: model.ShareRequest) -> ShareRequest:
auth_scheme=model.AUTH_SCHEME_NONE,
oauth_email_domains=request.OauthEmailAddressPatterns,
oauth_authorization_check_interval=request.OauthAuthorizationCheckInterval,
permission_mode=request.permission_mode,
access_grants=request.access_grants
permission_mode=request.PermissionMode,
access_grants=request.AccessGrants
)
if request.OauthProvider != "":
ret.oauth_provider = request.OauthProvider