From e6fc45b2ce99d32376b0e3d635b846ec17132c88 Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Mon, 11 Mar 2024 15:36:24 -0400 Subject: [PATCH] align Py SDK with permission model --- sdk/python/examples/http-server/README.md | 47 +++++++++++------------ sdk/python/examples/pastebin/README.md | 4 +- sdk/python/examples/pastebin/pastebin.py | 9 +++-- sdk/python/sdk/zrok/zrok/share.py | 8 ++-- 4 files changed, 34 insertions(+), 34 deletions(-) diff --git a/sdk/python/examples/http-server/README.md b/sdk/python/examples/http-server/README.md index 25b353672..a8d9088dd 100644 --- a/sdk/python/examples/http-server/README.md +++ b/sdk/python/examples/http-server/README.md @@ -1,48 +1,46 @@ # "http-server" SDK Example -This `http-server` example is a minimal `zrok` application that surfaces a basic http server over a public zrok share. +This `http-server` example is a minimal zrok application that surfaces a basic HTTP server over a public share. ## Implementation ```go - root = zrok.environment.root.Load() +root = zrok.environment.root.Load() ``` -The `root` is a structure that contains all of the user's environment detail and allows the SDK application to access the `zrok` service instance and the underlying OpenZiti network. +The `root` is a structure that contains all of the user's environment details and allows the SDK application to access the zrok service instance and the underlying OpenZiti network. ```python - try: - shr = zrok.share.CreateShare(root=root, request=ShareRequest( - BackendMode=zrok.model.TCP_TUNNEL_BACKEND_MODE, - ShareMode=zrok.model.PUBLIC_SHARE_MODE, - Frontends=['public'], - Target="http-server" - )) - shrToken = shr.Token - print("Access server at the following endpoints: ", "\n".join(shr.FrontendEndpoints)) - - def removeShare(): - zrok.share.DeleteShare(root=root, shr=shr) - print("Deleted share") - atexit.register(removeShare) - except Exception as e: - print("unable to create share", e) - sys.exit(1) - +try: + shr = zrok.share.CreateShare(root=root, request=ShareRequest( + BackendMode=zrok.model.TCP_TUNNEL_BACKEND_MODE, + ShareMode=zrok.model.PUBLIC_SHARE_MODE, + Frontends=['public'], + Target="http-server" + )) + shrToken = shr.Token + print("Access server at the following endpoints: ", "\n".join(shr.FrontendEndpoints)) + + def removeShare(): + zrok.share.DeleteShare(root=root, shr=shr) + print("Deleted share") + atexit.register(removeShare) +except Exception as e: + print("unable to create share", e) + sys.exit(1) ``` The `sdk.CreateShare` call uses the loaded `environment` root along with the details of the share request (`sdk.ShareRequest`) to create the share that will be used to access the `http-server`. We are using the `sdk.TcpTunnelBackendMode` to handle tcp traffic. This time we are using `sdk.PublicShareMode` to take advantage of a public share that is running. With that we set which frontends to listen on, so we use whatever is configured, `public` here. - -Next we populate our cfg options for our decorator +Next, we populate our `cfg` options for our decorator. ```python zrok_opts['cfg'] = zrok.decor.Opts(root=root, shrToken=shrToken, bindPort=bindPort) ``` -Next we run the server which ends up calling the following: +Next, we run the server which ends up calling the following: ```python @zrok.decor.zrok(opts=zrok_opts) @@ -51,4 +49,3 @@ def runApp(): # the port is only used to integrate Zrok with frameworks that expect a "hostname:port" combo serve(app, port=bindPort) ``` - diff --git a/sdk/python/examples/pastebin/README.md b/sdk/python/examples/pastebin/README.md index 4e25156c3..be0161355 100644 --- a/sdk/python/examples/pastebin/README.md +++ b/sdk/python/examples/pastebin/README.md @@ -16,7 +16,7 @@ The zrok SDK requires Python 3.10 or later. If you haven't already installed them, you'll need the dependent libraries used in the examples. ```bash -pip install -r ./sdk/python/examples/requirements.txt +pip install -r ./sdk/python/examples/pastebin/requirements.txt ``` ## Running the Example :arrow_forward: @@ -25,7 +25,7 @@ This example contains a `copyto` server portion and `pastefrom` client portion. ### copyto -The server portion expects to get data you want to send via stdin. It can be evoked by: +The server portion expects to get the data you want to send via stdin. It can be invoked by: ```bash echo "this is a cool test" | python pastebin.py copyto diff --git a/sdk/python/examples/pastebin/pastebin.py b/sdk/python/examples/pastebin/pastebin.py index 85c8fd893..96cc23912 100755 --- a/sdk/python/examples/pastebin/pastebin.py +++ b/sdk/python/examples/pastebin/pastebin.py @@ -12,14 +12,16 @@ exit_signal = threading.Event() + def signal_handler(signum, frame): print("\nCtrl-C detected. Next connection will close server") exit_signal.set() + class copyto: def handle(self, *args, **kwargs): root = zrok.environment.root.Load() - + try: shr = zrok.share.CreateShare(root=root, request=ShareRequest( BackendMode=zrok.model.TCP_TUNNEL_BACKEND_MODE, @@ -48,7 +50,6 @@ def removeShare(): conn.sendall(data.encode('utf-8')) print("Server stopped.") - def loadData(self): if not os.isatty(sys.stdin.fileno()): @@ -56,6 +57,7 @@ def loadData(self): else: raise Exception("'copyto' requires input from stdin; direct your paste buffer into stdin") + def pastefrom(options): root = zrok.environment.root.Load() @@ -66,7 +68,7 @@ def pastefrom(options): except Exception as e: print("unable to create access", e) sys.exit(1) - + def removeAccess(): try: zrok.access.DeleteAccess(root, acc) @@ -79,6 +81,7 @@ def removeAccess(): data = client.recv(1024) print(data.decode('utf-8')) + if __name__ == "__main__": parser = argparse.ArgumentParser() subparsers = parser.add_subparsers() diff --git a/sdk/python/sdk/zrok/zrok/share.py b/sdk/python/sdk/zrok/zrok/share.py index 3c122afe8..b61af2fb2 100644 --- a/sdk/python/sdk/zrok/zrok/share.py +++ b/sdk/python/sdk/zrok/zrok/share.py @@ -68,8 +68,8 @@ def __newPrivateShare(root: Root, request: model.ShareRequest) -> ShareRequest: backend_mode=request.BackendMode, backend_proxy_endpoint=request.Target, auth_scheme=model.AUTH_SCHEME_NONE, - permission_mode=request.permission_mode, - access_grants=request.access_grants + permission_mode=request.PermissionMode, + access_grants=request.AccessGrants ) @@ -82,8 +82,8 @@ def __newPublicShare(root: Root, request: model.ShareRequest) -> ShareRequest: auth_scheme=model.AUTH_SCHEME_NONE, oauth_email_domains=request.OauthEmailAddressPatterns, oauth_authorization_check_interval=request.OauthAuthorizationCheckInterval, - permission_mode=request.permission_mode, - access_grants=request.access_grants + permission_mode=request.PermissionMode, + access_grants=request.AccessGrants ) if request.OauthProvider != "": ret.oauth_provider = request.OauthProvider