Add an example for IAP on GCE#1099
Add an example for IAP on GCE#1099theacodes merged 19 commits intoGoogleCloudPlatform:masterfrom buserp:master
Conversation
Remove openapi-appengine.yaml.
googlebot
added
the
cla: yes
iap/example_gce_backend.py
Outdated
| @@ -0,0 +1,30 @@ | |||
| CLOUD_PROJECT_ID = 'YOUR_PROJECT_ID' | |||
There was a problem hiding this comment.
This file needs a license header.
iap/example_gce_backend.py
Outdated
| CLOUD_PROJECT_ID = 'YOUR_PROJECT_ID' | ||
| BACKEND_SERVICE_ID = 'YOUR_BACKEND_SERVICE_ID' | ||
|
|
||
| from flask import Flask |
There was a problem hiding this comment.
Import modules, not members, so just import flask and use flask.Flask and flask.request.
| from flask import Flask | ||
| from flask import request | ||
|
|
||
| import platform |
There was a problem hiding this comment.
Standard library imports go into the first section:
import platform
import flask
import validate_jwt
| return "Error: %s" % error_str | ||
| else: | ||
| return "Hi, {}. I am {}.".format(user_email, platform.node()) | ||
|
|
There was a problem hiding this comment.
style: two blank spaces between functions.
iap/example_gce_backend.py
Outdated
| return 'OK', 200 | ||
|
|
||
| if __name__ == '__main__': | ||
| app.run(host='0.0.0.0', port=80) |
There was a problem hiding this comment.
just use app.run(), do not bind to a specific port. Use gunicorn to run this in production.
iap/requirements.txt
Outdated
| @@ -1,5 +1,6 @@ | |||
| PyJWT==1.5.2 | |||
| cryptography==2.0.3 | |||
| flask | |||
iap/example_gce_backend.py
Outdated
| user_id, user_email, error_str = validate_iap_jwt_from_compute_engine( | ||
| jwt, CLOUD_PROJECT_ID, BACKEND_SERVICE_ID) | ||
| if error_str: | ||
| return "Error: %s" % error_str |
There was a problem hiding this comment.
Use single quotes everywhere (except docstrings), and use .format over %.
|
I've made the changes you requested (I used the "thumbs-up" to mean "done"). Please take another look and let me know what you think. |
iap/example_gce_backend.py
Outdated
| return 'Hi, {}. I am {}.'.format(user_email, platform.node()) | ||
|
|
||
|
|
||
| @app.route('/healthz') |
There was a problem hiding this comment.
It's not, actually. I've taken it out.
iap/example_gce_backend.py
Outdated
| # See the License for the specific language governing permissions and | ||
| # limitations under the License. | ||
|
|
||
| CLOUD_PROJECT_ID = 'YOUR_PROJECT_ID' |
There was a problem hiding this comment.
You need to put constant after imports to please the linter.
|
I don't have merge access, could you merge this if it looks good? |
|
Yep, there's still one small lint issue. I'll fix it and merge. |
3 participants
Using Flask, this app verifies the IAP-added headers and returns a greeting.