extern/zrok
1
1
Fork 0
mirror of https://github.com/openziti/zrok.git synced 2024-11-25 01:23:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

align Py SDK with permission model

Browse Source
This commit is contained in:
Kenneth Bingham 2024-03-11 15:36:24 -04:00
parent de1ebdc333
commit e6fc45b2ce
No known key found for this signature in database
GPG Key ID: 31709281860130B6
4 changed files with 33 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
sdk/python/examples/http-server/README.md
View File

@ -1,48 +1,46 @@
# "http-server" SDK Example # "http-server" SDK Example
This `http-server` example is a minimal `zrok` application that surfaces a basic http server over a public zrok share. This `http-server` example is a minimal zrok application that surfaces a basic HTTP server over a public share.
## Implementation ## Implementation
```go ```go
root = zrok.environment.root.Load() root = zrok.environment.root.Load()
``` ```
The `root` is a structure that contains all of the user's environment detail and allows the SDK application to access the `zrok` service instance and the underlying OpenZiti network. The `root` is a structure that contains all of the user's environment details and allows the SDK application to access the zrok service instance and the underlying OpenZiti network.
```python ```python
try: try:
shr = zrok.share.CreateShare(root=root, request=ShareRequest( shr = zrok.share.CreateShare(root=root, request=ShareRequest(
BackendMode=zrok.model.TCP_TUNNEL_BACKEND_MODE, BackendMode=zrok.model.TCP_TUNNEL_BACKEND_MODE,
ShareMode=zrok.model.PUBLIC_SHARE_MODE, ShareMode=zrok.model.PUBLIC_SHARE_MODE,
Frontends=['public'], Frontends=['public'],
Target="http-server" Target="http-server"
)) ))
shrToken = shr.Token shrToken = shr.Token
print("Access server at the following endpoints: ", "\n".join(shr.FrontendEndpoints)) print("Access server at the following endpoints: ", "\n".join(shr.FrontendEndpoints))
def removeShare():
zrok.share.DeleteShare(root=root, shr=shr)
print("Deleted share")
atexit.register(removeShare)
except Exception as e:
print("unable to create share", e)
sys.exit(1)
def removeShare():
zrok.share.DeleteShare(root=root, shr=shr)
print("Deleted share")
atexit.register(removeShare)
except Exception as e:
print("unable to create share", e)
sys.exit(1)
``` ```
The `sdk.CreateShare` call uses the loaded `environment` root along with the details of the share request (`sdk.ShareRequest`) to create the share that will be used to access the `http-server`. The `sdk.CreateShare` call uses the loaded `environment` root along with the details of the share request (`sdk.ShareRequest`) to create the share that will be used to access the `http-server`.
We are using the `sdk.TcpTunnelBackendMode` to handle tcp traffic. This time we are using `sdk.PublicShareMode` to take advantage of a public share that is running. With that we set which frontends to listen on, so we use whatever is configured, `public` here. We are using the `sdk.TcpTunnelBackendMode` to handle tcp traffic. This time we are using `sdk.PublicShareMode` to take advantage of a public share that is running. With that we set which frontends to listen on, so we use whatever is configured, `public` here.
Next, we populate our `cfg` options for our decorator.
Next we populate our cfg options for our decorator
```python ```python
zrok_opts['cfg'] = zrok.decor.Opts(root=root, shrToken=shrToken, bindPort=bindPort) zrok_opts['cfg'] = zrok.decor.Opts(root=root, shrToken=shrToken, bindPort=bindPort)
``` ```
Next we run the server which ends up calling the following: Next, we run the server which ends up calling the following:
```python ```python
@zrok.decor.zrok(opts=zrok_opts) @zrok.decor.zrok(opts=zrok_opts)
@ -51,4 +49,3 @@ def runApp():
# the port is only used to integrate Zrok with frameworks that expect a "hostname:port" combo # the port is only used to integrate Zrok with frameworks that expect a "hostname:port" combo
serve(app, port=bindPort) serve(app, port=bindPort)
``` ```

4
sdk/python/examples/pastebin/README.md
View File

@ -16,7 +16,7 @@ The zrok SDK requires Python 3.10 or later.
If you haven't already installed them, you'll need the dependent libraries used in the examples. If you haven't already installed them, you'll need the dependent libraries used in the examples.
```bash ```bash
pip install -r ./sdk/python/examples/requirements.txt pip install -r ./sdk/python/examples/pastebin/requirements.txt
``` ```
## Running the Example :arrow_forward: ## Running the Example :arrow_forward:
@ -25,7 +25,7 @@ This example contains a `copyto` server portion and `pastefrom` client portion.
### copyto ### copyto
The server portion expects to get data you want to send via stdin. It can be evoked by: The server portion expects to get the data you want to send via stdin. It can be invoked by:
```bash ```bash
echo "this is a cool test" | python pastebin.py copyto echo "this is a cool test" | python pastebin.py copyto

9
sdk/python/examples/pastebin/pastebin.py
View File

@ -12,14 +12,16 @@ import threading
exit_signal = threading.Event() exit_signal = threading.Event()
def signal_handler(signum, frame): def signal_handler(signum, frame):
print("\nCtrl-C detected. Next connection will close server") print("\nCtrl-C detected. Next connection will close server")
exit_signal.set() exit_signal.set()
class copyto: class copyto:
def handle(self, *args, **kwargs): def handle(self, *args, **kwargs):
root = zrok.environment.root.Load() root = zrok.environment.root.Load()
try: try:
shr = zrok.share.CreateShare(root=root, request=ShareRequest( shr = zrok.share.CreateShare(root=root, request=ShareRequest(
BackendMode=zrok.model.TCP_TUNNEL_BACKEND_MODE, BackendMode=zrok.model.TCP_TUNNEL_BACKEND_MODE,
@ -48,7 +50,6 @@ class copyto:
conn.sendall(data.encode('utf-8')) conn.sendall(data.encode('utf-8'))
print("Server stopped.") print("Server stopped.")
def loadData(self): def loadData(self):
if not os.isatty(sys.stdin.fileno()): if not os.isatty(sys.stdin.fileno()):
@ -56,6 +57,7 @@ class copyto:
else: else:
raise Exception("'copyto' requires input from stdin; direct your paste buffer into stdin") raise Exception("'copyto' requires input from stdin; direct your paste buffer into stdin")
def pastefrom(options): def pastefrom(options):
root = zrok.environment.root.Load() root = zrok.environment.root.Load()
@ -66,7 +68,7 @@ def pastefrom(options):
except Exception as e: except Exception as e:
print("unable to create access", e) print("unable to create access", e)
sys.exit(1) sys.exit(1)
def removeAccess(): def removeAccess():
try: try:
zrok.access.DeleteAccess(root, acc) zrok.access.DeleteAccess(root, acc)
@ -79,6 +81,7 @@ def pastefrom(options):
data = client.recv(1024) data = client.recv(1024)
print(data.decode('utf-8')) print(data.decode('utf-8'))
if __name__ == "__main__": if __name__ == "__main__":
parser = argparse.ArgumentParser() parser = argparse.ArgumentParser()
subparsers = parser.add_subparsers() subparsers = parser.add_subparsers()

8
sdk/python/sdk/zrok/zrok/share.py
View File

@ -68,8 +68,8 @@ def __newPrivateShare(root: Root, request: model.ShareRequest) -> ShareRequest:
backend_mode=request.BackendMode, backend_mode=request.BackendMode,
backend_proxy_endpoint=request.Target, backend_proxy_endpoint=request.Target,
auth_scheme=model.AUTH_SCHEME_NONE, auth_scheme=model.AUTH_SCHEME_NONE,
permission_mode=request.permission_mode, permission_mode=request.PermissionMode,
access_grants=request.access_grants access_grants=request.AccessGrants
) )
@ -82,8 +82,8 @@ def __newPublicShare(root: Root, request: model.ShareRequest) -> ShareRequest:
auth_scheme=model.AUTH_SCHEME_NONE, auth_scheme=model.AUTH_SCHEME_NONE,
oauth_email_domains=request.OauthEmailAddressPatterns, oauth_email_domains=request.OauthEmailAddressPatterns,
oauth_authorization_check_interval=request.OauthAuthorizationCheckInterval, oauth_authorization_check_interval=request.OauthAuthorizationCheckInterval,
permission_mode=request.permission_mode, permission_mode=request.PermissionMode,
access_grants=request.access_grants access_grants=request.AccessGrants
) )
if request.OauthProvider != "": if request.OauthProvider != "":
ret.oauth_provider = request.OauthProvider ret.oauth_provider = request.OauthProvider