Skip to main content

Client library for accessing GaaP services

Project description

Accessing GaaP Services Client

Test result

Python package providing a WSGI middleware for accessing GaaP services.

Installation

pip3 install ags_client

Usage

Registration

You will need a client ID and client secret from the GaaP Identity Broker. You can’t get these yet, but soon will by emailing us with a brief summary of:

  • who you are

  • what project you’re going to be using it on

Quick Start

Flask

For example: given your Flask app is defined in webservice.py in a variable named app, create a file called wsgi.py:

import ags

from webservice import app


app.wsgi_app = ags.Client(app.wsgi_app)

Then start your app with a WSGI server such as Gunicorn or uWSGI. Eg:

gunicorn wsgi:app

Configuration

The middleware looks for certain environment variables for settings. The following variables are REQUIRED:

AGS_CLIENT_ISSUER

The URL of the OIDC identity broker

AGS_CLIENT_ID

The client ID that you have been issued

AGS_CLIENT_SECRET

The client secret that you have been issued

AGS_CLIENT_AUTHENTICATED_PATHS

Comma separated list of paths in your web application that require authentication. May include regular expressions.

AGS_CLIENT_SIGN_OUT_PATH

Path to sign out view in your application - default: sign-out

The following variables are OPTIONAL:

AGS_CLIENT_DEBUG

If set to True, errors will be handled by the Werkzeug debugger. DO NOT USE IN PRODUCTION!

AGS_CLIENT_LOG_PATH

Log to the specified file, in addition to console

AGS_CLIENT_SESSION_COOKIE

The name of the cookie used to store the session ID - default: ags_client_session

AGS_CLIENT_SESSION_SECRET

The secret key use to encrypt the session cookie - default: generates a new secret on start-up

The following variables can be used to override defaults, but usually should not be used:

AGS_CLIENT_CALLBACK_PATH

Overrides default OIDC callback path

AGS_CLIENT_FEATURE_FLAG_COOKIE

The name of the cookie used to store the feature flag status - default: ags_client_active

AGS_CLIENT_FEATURE_FLAG_DEFAULT

The default state of the feature flag if the cookie is not set - default: True

AGS_CLIENT_VERIFY_SSL

If False, verification of the broker’s SSL certificate is skipped

Usage

When activated, the middleware will intercept requests to the paths specified in the AGS_CLIENT_AUTHENTICATED_PATHS environment variable and perform OpenID Connect authentication before passing the user authentication details on to the wrapped application.

It will also intercept requests to the AGS_CLIENT_SIGN_OUT_PATH and end the session on the identity broker before passing through to the wrapped application.

Activation

The middleware is activated by default, unless the AGS_CLIENT_FEATURE_FLAG_DEFAULT environment variable is set to False.

The middleware is activated or deactivated via a feature flag cookie, which can be toggled by browsing to /toggle-feature/{FLAG}, where {FLAG} is the value of the AGS_CLIENT_FEATURE_FLAG_COOKIE environment variable or the default value ags_client_active.

Support

This source code is provided as-is, with no incident response or support levels. Please log all questions, issues, and feature requests in the Github issue tracker for this repo, and we’ll take a look as soon as we can. If you’re reporting a bug, then it really helps if you can provide the smallest possible bit of code that reproduces the issue. A failing test is even better!

Contributing

  • Check out the latest master to make sure the feature hasn’t been implemented or the bug hasn’t been fixed

  • Check the issue tracker to make sure someone hasn’t already requested and/or contributed the feature

  • Fork the project

  • Start a feature/bugfix branch

  • Commit and push until you are happy with your contribution

  • Make sure your changes are covered by unit tests, so that we don’t break it unintentionally in the future.

  • Please don’t mess with setup.py, version or history.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ags_client-0.1.12.tar.gz (11.4 kB view details)

Uploaded Source

File details

Details for the file ags_client-0.1.12.tar.gz.

File metadata

  • Download URL: ags_client-0.1.12.tar.gz
  • Upload date:
  • Size: 11.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for ags_client-0.1.12.tar.gz
Algorithm Hash digest
SHA256 4b65eac0768f1583101f8ffdb134b8ae090b3595f4b740bff9e8337f92241420
MD5 5eebb2f1900daaa681538abf191b8d7a
BLAKE2b-256 eab8b6cbfd4433456d50b52304814107ebac5c728da922d6780a792316b8df48

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page