Project description

Flask-OPA

Simple to use Flask extension that lets you use Open Policy Agent in your project.

How to run the application

If you want to try a demo check the code in examples, but for development:

Run OPA in server mode
- Check the latest OPA release and download it.
- Put the binary file in the path of your system
- Allow its execution with something like
- Run opa in server mode with the sample policies
```
cd examples
opa run -s -w data.json app.rego
```
- -s is to run it in server mode instead of opening the REPL
- -w is for watching the changes of the data/policy files
Specify configuration variables
- OPA_URL url string that specifies the OPA url to evaluate your input. It includes the path of the policy. E.g http://localhost:8181/v1/data/examples/allow.
- OPA_SECURED boolean to specify if OPA will be enabled to your application.
See more at the rest api reference
Bind the OPA class to your Flask application

Its easy to bind the Flask-OPA library to your application. Just follow the following steps:
Create the OPA instance
```
app = Flask(__name__)
app.config.from_pyfile('app.cfg')
opa = OPA(app, parse_input)
```
Lets see the parameters that we passed to the OPA class:
- parse_input (Required) contains a method that returns the input data json to be evaluated by the policy, e.g.:
```
{
    "input": {
      "method": "GET",
      "path": ["data", "jon"],
      "user": "paul"
    }
}
```
- url (Optional) to use an specific url instead of the OPA_URL optionally specified in the app configuration.
- allow_function (Optional) predicate that determinate if the response from OPA allows (True) or denies (False) the request
If you want enforce the OPA security in your application you can create the OPA instance like this:
```
opa = OPA.secured(app, parse_input, url="http://localhost:8181/v1/data/package_name/allow")
```
or
```
opa = OPA(app, parse_input, url="http://localhost:8181/v1/data/package_name/allow").secured()
```
otherwise OPA will enforce your security only if OPA_SECURED is True.

Specify the logging level to DEBUG if you want to get access to Flask-OPA logs of its operations using
```
app.logger.setLevel(logging.DEBUG)
```
Run your Flask application.

Status

Pre-release or Beta: The project has gone through multiple rounds of active development with a goal of reaching a stable release version, but is not there yet.

Path of Development: Active (October 16st 2018)

Author

Eliecer Hernandez - eliecerhdz@gmail.com. To know more of me please visit my website.

License

This project is licensed under the MIT License - see the LICENSE.md file for details.

Project details

These details have not been verified by PyPI

Project links

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Release history Release notifications | RSS feed

1.0.0

Mar 16, 2021

0.6

Nov 5, 2018

0.5

Nov 4, 2018

0.5b0 pre-release

Oct 31, 2018

0.4

Nov 1, 2018

0.3

Oct 17, 2018

This version

0.2

Oct 17, 2018

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Flask-OPA-0.2.tar.gz (4.1 kB view hashes)

Uploaded Oct 17, 2018 Source

Built Distribution

Flask_OPA-0.2-py2.py3-none-any.whl (4.7 kB view hashes)

Uploaded Oct 17, 2018 Python 2 Python 3

Hashes for Flask-OPA-0.2.tar.gz

Hashes for Flask-OPA-0.2.tar.gz
Algorithm	Hash digest
SHA256	`0665f106f7348d751c8728dcfa1010bd58caf2237e25790cdc0e9ec71f3b298c`
MD5	`78ade9a2923f407879fd7ba1610cba8c`
BLAKE2b-256	`9d38bf09440782ef3f61e625030a830286d84eeec440f61293a4904c1a0f09c2`

Hashes for Flask_OPA-0.2-py2.py3-none-any.whl

Hashes for Flask_OPA-0.2-py2.py3-none-any.whl
Algorithm	Hash digest
SHA256	`7666fa29af6543bc96f7c67671d0006d47aa4c21978c7ffd9b408884c45e3660`
MD5	`02da822ca99eb2216dc76624f7c6661c`
BLAKE2b-256	`3bffd286831d59a440d90c43ee829e98ac8274fb17d6f6fc35bfdabfe2815d4f`