https://github.com/marcbperez/flask-restfuloauth2

A Flask REST endpoint protected with OAuth2.
https://github.com/marcbperez/flask-restfuloauth2

docker flask flask-restful gradle oauth2 python rest

Last synced: about 5 hours ago
JSON representation

A Flask REST endpoint protected with OAuth2.

• Host: GitHub
• URL: https://github.com/marcbperez/flask-restfuloauth2
• Owner: marcbperez
• License: apache-2.0
• Created: 2017-04-12T22:46:37.000Z (over 7 years ago)
• Default Branch: master
• Last Pushed: 2020-11-18T12:04:48.000Z (about 4 years ago)
• Last Synced: 2024-10-20T00:35:44.416Z (about 1 month ago)
• Topics: docker, flask, flask-restful, gradle, oauth2, python, rest
• Language: Python
• Homepage:
• Size: 152 KB
• Stars: 2
• Watchers: 1
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# flask-restfuloauth2

A Flask REST endpoint protected with OAuth2.

## Installation

Start by downloading and building the project when necessary. The following

commands will do the job on most Debian based Linux distributions.

```bash

git clone https://github.com/marcbperez/flask-restfuloauth2

cd flask-restfuloauth2

export FLASK_APP="restfuloauth2"

export SECRET_KEY="non-production-key"

export SQLALCHEMY_DATABASE_URI="sqlite:///db.sqlite3"

sudo -HE ./gradlew

```

## Usage

To start the service set the environment variables and run the Gradle wrapper as

shown above. The Swagger manifest can be found on `http://127.0.0.1:5000` and

its UI can be accessed via `http://127.0.0.1:5000/api`.

First, access `http://127.0.0.1:5000/oauth/management` and create a user and api

client. Then use the client id, username and password to generate a bearer token.

```bash

curl -X POST -d \

"grant_type=password&client_id=8diLQbKSkseuZ99Q3kwFAWugXjDvImrqTALeM7sd\

&username=user&password=pass" \

http://127.0.0.1:5000/v1/oauth/token

```

The bearer token can now be used to access the user's protected data.

```bash

curl -H "Authorization: Bearer nOVFSNUDoP2bC1ScMRuYz8zCXeTY8F" \

http://127.0.0.1:5000/v1/oauth/check

```

The example dummy api is protected and will need a valid user, client and bearer

token. To list, add, modify and delete tasks see the script below.

```bash

# GET the dummy list.

curl -H "Authorization: Bearer yIMqTV5zOGQlRpIMBMpZnyHFMR0QW3" \

http://127.0.0.1:5000/v1/dummy

# Paginate and sort de dummy list by ascending (asc) or descending (desc).

curl -H "Authorization: Bearer yIMqTV5zOGQlRpIMBMpZnyHFMR0QW3" \

"http://127.0.0.1:5000/v1/dummy?page=1&max_results=5&sort=id-desc"

# CREATE a new dummy.

curl -X POST -H "Authorization: Bearer yIMqTV5zOGQlRpIMBMpZnyHFMR0QW3" \

-d "public=0" \

http://127.0.0.1:5000/v1/dummy

# MODIFY a dummy stating its etag.

curl -X PUT -H "Authorization: Bearer yIMqTV5zOGQlRpIMBMpZnyHFMR0QW3" \

-d "etag=rz05FPx8qOIYJdmYZNLvcWupzh9qLlSoZnphpBFC\

    &public=1" \

http://127.0.0.1:5000/v1/dummy/1

# GET a dummy.

curl -H "Authorization: Bearer yIMqTV5zOGQlRpIMBMpZnyHFMR0QW3" \

http://127.0.0.1:5000/v1/dummy/1

# DELETE a dummy stating its etag.

curl -X DELETE -H "Authorization: Bearer yIMqTV5zOGQlRpIMBMpZnyHFMR0QW3" \

-d "etag=DMwVytdmg3CtwDgbm9wWOINjX73Iev2n4NFkRsV7" \

http://127.0.0.1:5000/v1/dummy/1

```

A search operation is also available. To use it send an url-encoded JSON

`search` parameter to an item endpoint such as `http://127.0.0.1:5000/v1/dummy`.

Valid column condition operators are `and` and `or`. As for column operators all

 `=`, `!=`, `<`, `<=`, `>`, `>=` and `like` are available.

```json

{

  "operator": "and",

  "conditions": [

    {

      "column": "id",

      "operator": "=",

      "value": 3

    },

    {

      "operator": "or",

      "conditions": [

        {

          "column": "public",

          "operator": "=",

          "value": 1

        },

        {

          "column": "etag",

          "operator": "!=",

          "value": ""

        }

      ]

    }

  ]

}

```

## Testing

Test checks are executed automatically every time the project is built. Builds

can be done remotely or continuously on a development context. For continuous

integration and development use docker-compose. This is recommended to keep the

system clean while the project is built every time the sources change.

```bash

sudo docker-compose up builder

```

For continuous integration and development without any dependencies use the

Gradle wrapper. This is the best option if the wrapper is available and the

Docker context is not valid. For a full list of tasks, see

`sudo ./gradlew tasks --all`. For a CI cycle use `sudo ./gradlew --continuous`.

For continuous integration and development without Docker or the project wrapper

use Gradle directly. This will create the wrapper in case it is not present.

Similar to the above, for a CI cycle use `sudo gradle --continuous`. Gradle

3.4.1 is required for this to work. Plain Docker is also available for remote

integration tasks and alike. Build the image with `sudo docker build .` and run

a new container with it. Information on how to install Docker and docker-compose

can be found in their [official page][install-docker-compose]. A similar

installation guide is available [for Gradle][install-gradle].

## Deployment

To deploy this service set the `SECRET_KEY` and `SQLALCHEMY_DATABASE_URI`

Docker environment variables and run the default Dockerfile.

```bash

sudo docker-compose up runner

```

## Troubleshooting

The [issue tracker][issue-tracker] intends to manage and compile bugs,

enhancements, proposals and tasks. Reading through its material or reporting to

its contributors via the platform is strongly recommended.

## Contributing

This project adheres to [Semantic Versioning][semver] and to certain syntax

conventions defined in [.editorconfig][editorconfig]. To get a list of changes

refer to the [CHANGELOG][changelog]. Only branches prefixed by *feature-*,

*hotfix-*, or *release-* will be considered:

  - Fork the project.

  - Create your new branch: `git checkout -b feature-my-feature develop`

  - Commit your changes: `git commit -am 'Added my new feature.'`

  - Push the branch: `git push origin feature-my-feature`

  - Submit a pull request.

## Credits

This project is created by [marcbperez][author] and maintained by its

[author][author] and contributors.

## License

This project is licensed under the [Apache License Version 2.0][license].

[author]: https://marcbperez.github.io

[issue-tracker]: https://github.com/marcbperez/flask-restfuloauth2/issues

[editorconfig]: .editorconfig

[changelog]: CHANGELOG.md

[license]: LICENSE

[semver]: http://semver.org

[install-docker-compose]: https://docs.docker.com/compose/install/

[install-gradle]: https://gradle.org/install