1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
from flask import Flask, request
from flask_restful import Api, Resource
from flask_jwt_extended import create_access_token, JWTManager
from flask_cors import CORS
app = Flask(__name__)
cors = CORS(
app,
resources={r"/api/*": {"origins": "*"}},
expose_headers=["Content-Type", "Authorization", "X-Total-Count"],
)
api = Api(app, prefix='/api/v1.0')
jwt = JWTManager(app)
PEM_PRIVATE = '/opt/auth-server-poc/cert/private.pem'
PEM_PUBLIC = '/opt/auth-server-poc/cert/public.pem'
app.config['JWT_PRIVATE_KEY'] = open(PEM_PRIVATE).read()
app.config['JWT_PUBLIC_KEY'] = open(PEM_PUBLIC).read()
app.config['JWT_ALGORITHM'] = 'ES256'
app.config['JWT_IDENTITY_CLAIM'] = 'sub'
app.config['JWT_ACCESS_TOKEN_EXPIRES'] = False
class AuthApi(Resource):
def post(self):
additional_claims = {"type": "access", "domains": ["sunet.se"]}
access_token = create_access_token(
identity=request.environ.get('REMOTE_USER'),
additional_claims=additional_claims,
)
return {'access_token': access_token}, 200
@app.route('/')
def index():
return "<p>Username: {}</p><p>Auth type: {}</p>".format(
request.environ.get('REMOTE_USER'), request.environ.get('AUTH_TYPE')
)
api.add_resource(AuthApi, '/auth')
|