{ "info": { "author": "Rackspace Developers for Operational Tooling", "author_email": "dot@rackspace.com", "bugtrack_url": null, "classifiers": [ "Intended Audience :: Developers", "License :: OSI Approved :: Apache Software License", "Operating System :: POSIX", "Operating System :: Unix", "Programming Language :: Python :: 3.4", "Programming Language :: Python :: 3.5", "Topic :: Internet :: WWW/HTTP :: Dynamic Content", "Topic :: Internet :: WWW/HTTP :: WSGI :: Middleware", "Topic :: Software Development :: Libraries :: Python Modules" ], "description": "Flask Keystone\n==============\n\n[![Build Status](https://travis-ci.org/Rackspace-DOT/flask_keystone.svg?branch=master)](https://travis-ci.org/Rackspace-DOT/flask_keystone)[![Coverage Status](https://coveralls.io/repos/github/Rackspace-DOT/flask_keystone/badge.svg?branch=master)](https://coveralls.io/github/Rackspace-DOT/flask_keystone?branch=master)\n\nFlask Keystone is a flask extension which wraps the [keystonemiddleware](https://github.com/openstack/keystonemiddleware \"KeystoneMiddleware's Github Page\") project, and provides access to Keystone\nusers, project, and roles in a familiar, Flask-y manner. During development, you will find that most constructs appear very similar to flask-login.\n\nDocumentation\n-------------\n\nCOMING SOON\n\nInstallation\n------------\nThis package can be installed like any other python packages:\n1. Clone this Repo\n2. ```python setup.py install```\n\nGetting Started with Flask Rax Keystone\n=======================================\n\nFlask Keystone is a Flask Extension which adds the ability to control users and role-base access control in a `Flask` like way. Once the extension is installed, initialized, and configured, it exposes some fairly standard Flask constructs to interact with Keystone Users and application specific roles.\n\nConfiguring the Extension\n-------------------------\n\nJust add some basic configuration items to your `oslo_config` configuration file, like so:\n\n```ini\n[keystone_authtoken]\ndebug=True\nlog_level=debug\nidentity_uri = https://identity.api.rackspacecloud.com\nauth_uri = https://identity.api.rackspacecloud.com\nadmin_tenant_name = 123456\nadmin_user = your_admin_user\nadmin_password = your_admin_user\nauth_version = 2.0\nauth_protocol = https\ndelay_auth_decision = True\n\n[rax_access]\nroles = your_keystone_role:your_flask_role\n```\n\nInitializing the Extension\n--------------------------\n\nSimply wrap the application object during instantiation:\n```python\n from flask import Flask\n\n from flask_rax_keystone import RaxKeystone\n\n app = RaxKeystone(Flask(__name__))\n\n if __name__ == \"__main__\": # pragma: nocover\n app = create_app(app_name=__name__)\n app.run(host=\"0.0.0.0\", port=5000\n```\n\nAccessing the application\n-------------------------\n\nOnce the application is instantiated, you will automatically be requiring a valid token for *all* requests to the application. These tokens should be passed in the *X-Auth-Token* header, as is consistent with Openstack.\n\nYou can see this behavior here:\n```bash\n~ [ curl -i localhost:5000/\nHTTP/1.0 401 UNAUTHORIZED\nContent-Type: application/json\nContent-Length: 114\nWWW-Authenticate: Keystone uri='https://identity.api.rackspacecloud.com'\nServer: Werkzeug/0.11.11 Python/3.5.2\nDate: Thu, 15 Dec 2016 21:56:53 GMT\n\n{\n \"code\": 401,\n \"message\": \"The request you have made requires authentication.\",\n \"title\": \"Unauthorized\"\n}\n\n~ [ curl -i localhost:5000/ -H \"X-Auth-Token: $A_VALID_TOKEN\"\nHTTP/1.0 200 OK\nContent-Type: application/json\nContent-Length: 63\nServer: Werkzeug/0.11.11 Python/3.5.2\nDate: Thu, 15 Dec 2016 21:56:43 GMT\n\n{\n \"message\": \"Looks like access was successfully granted.\"\n}\n```\n\nRestricting Endpoints\n---------------------\n\nOnce we have our roles configured, we can start restricting endpoints to only be accessible by users with certain configured roles. In the following Example assume an \"admin\" role was configured as shown in the \"Configuring the Extension\" section of this guide.\n\n```python\nfrom flask import Blueprint\n\nblueprint = Blueprint('blueprint', __name__)\n\n@blueprint.route(\"/test\")\n@key.requires_role(\"admin\")\ndef test_endpoint():\n return jsonify(message=\"Looks like access was successfully granted.\")\n```\n\nAnd now, you'll see that even a good token, when it does not have the required role, will receive a 403 response:\n\n```json\n {\n \"code\": 403,\n \"message\": \"The provided credentials were accepted, but were not sufficient to access this resource.\",\n \"title\": \"Forbidden\"\n }\n```\nInitializing the Extension in an Application Factory app\n--------------------------------------------------------\n\nAs with all flask extensions, it is also accessible in an application Factory setting by initializing the extension separately from it's instantiation:\n```python\n from flask import Flask\n\n from flask_keystone import Keystone\n\n key = Keystone()\n\n def create_app(app_name):\n app = Flask(app_name)\n key.init_app(app)\n\n return app\n\n\n if __name__ == \"__main__\": # pragma: nocover\n app = create_app(app_name=__name__)\n app.run(host=\"0.0.0.0\", port=5000)\n```\n\nFlask Keystone\n==============\n\n[![Build Status](https://travis-ci.org/Rackspace-DOT/flask_keystone.svg?branch=master)](https://travis-ci.org/Rackspace-DOT/flask_keystone)[![Coverage Status](https://coveralls.io/repos/github/Rackspace-DOT/flask_keystone/badge.svg?branch=master)](https://coveralls.io/github/Rackspace-DOT/flask_keystone?branch=master)\n\nFlask Keystone is a flask extension which wraps the [keystonemiddleware](https://github.com/openstack/keystonemiddleware \"KeystoneMiddleware's Github Page\") project, and provides access to Keystone\nusers, project, and roles in a familiar, Flask-y manner. During development, you will find that most constructs appear very similar to flask-login.\n\nDocumentation\n-------------\n\nCOMING SOON\n\nInstallation\n------------\nThis package can be installed like any other python packages:\n1. Clone this Repo\n2. ```python setup.py install```\n\nGetting Started with Flask Rax Keystone\n=======================================\n\nFlask Keystone is a Flask Extension which adds the ability to control users and role-base access control in a `Flask` like way. Once the extension is installed, initialized, and configured, it exposes some fairly standard Flask constructs to interact with Keystone Users and application specific roles.\n\nConfiguring the Extension\n-------------------------\n\nJust add some basic configuration items to your `oslo_config` configuration file, like so:\n\n```ini\n[keystone_authtoken]\ndebug=True\nlog_level=debug\nidentity_uri = https://identity.api.rackspacecloud.com\nauth_uri = https://identity.api.rackspacecloud.com\nadmin_tenant_name = 123456\nadmin_user = your_admin_user\nadmin_password = your_admin_user\nauth_version = 2.0\nauth_protocol = https\ndelay_auth_decision = True\n\n[rax_access]\nroles = your_keystone_role:your_flask_role\n```\n\nInitializing the Extension\n--------------------------\n\nSimply wrap the application object during instantiation:\n```python\n from flask import Flask\n\n from flask_rax_keystone import RaxKeystone\n\n app = RaxKeystone(Flask(__name__))\n\n if __name__ == \"__main__\": # pragma: nocover\n app = create_app(app_name=__name__)\n app.run(host=\"0.0.0.0\", port=5000\n```\n\nAccessing the application\n-------------------------\n\nOnce the application is instantiated, you will automatically be requiring a valid token for *all* requests to the application. These tokens should be passed in the *X-Auth-Token* header, as is consistent with Openstack.\n\nYou can see this behavior here:\n```bash\n~ [ curl -i localhost:5000/\nHTTP/1.0 401 UNAUTHORIZED\nContent-Type: application/json\nContent-Length: 114\nWWW-Authenticate: Keystone uri='https://identity.api.rackspacecloud.com'\nServer: Werkzeug/0.11.11 Python/3.5.2\nDate: Thu, 15 Dec 2016 21:56:53 GMT\n\n{\n \"code\": 401,\n \"message\": \"The request you have made requires authentication.\",\n \"title\": \"Unauthorized\"\n}\n\n~ [ curl -i localhost:5000/ -H \"X-Auth-Token: $A_VALID_TOKEN\"\nHTTP/1.0 200 OK\nContent-Type: application/json\nContent-Length: 63\nServer: Werkzeug/0.11.11 Python/3.5.2\nDate: Thu, 15 Dec 2016 21:56:43 GMT\n\n{\n \"message\": \"Looks like access was successfully granted.\"\n}\n```\n\nRestricting Endpoints\n---------------------\n\nOnce we have our roles configured, we can start restricting endpoints to only be accessible by users with certain configured roles. In the following Example assume an \"admin\" role was configured as shown in the \"Configuring the Extension\" section of this guide.\n\n```python\nfrom flask import Blueprint\n\nblueprint = Blueprint('blueprint', __name__)\n\n@blueprint.route(\"/test\")\n@key.requires_role(\"admin\")\ndef test_endpoint():\n return jsonify(message=\"Looks like access was successfully granted.\")\n```\n\nAnd now, you'll see that even a good token, when it does not have the required role, will receive a 403 response:\n\n```json\n {\n \"code\": 403,\n \"message\": \"The provided credentials were accepted, but were not sufficient to access this resource.\",\n \"title\": \"Forbidden\"\n }\n```\nInitializing the Extension in an Application Factory app\n--------------------------------------------------------\n\nAs with all flask extensions, it is also accessible in an application Factory setting by initializing the extension separately from it's instantiation:\n```python\n from flask import Flask\n\n from flask_keystone import Keystone\n\n key = Keystone()\n\n def create_app(app_name):\n app = Flask(app_name)\n key.init_app(app)\n\n return app\n\n\n if __name__ == \"__main__\": # pragma: nocover\n app = create_app(app_name=__name__)\n app.run(host=\"0.0.0.0\", port=5000)\n```\n\n\n", "description_content_type": null, "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/Rackspace-DOT/flask_keystone", "keywords": "flask,identity,auth", "license": "", "maintainer": "", "maintainer_email": "", "name": "flask-keystone", "package_url": "https://pypi.org/project/flask-keystone/", "platform": "any", "project_url": "https://pypi.org/project/flask-keystone/", "project_urls": { "Homepage": "https://github.com/Rackspace-DOT/flask_keystone" }, "release_url": "https://pypi.org/project/flask-keystone/0.2/", "requires_dist": [ "Flask", "keystoneauth1", "keystonemiddleware", "oslo.config", "oslo.log" ], "requires_python": "", "summary": "This project wraps the existing keystone middleware to provide courtesy user functions within an API.", "version": "0.2" }, "last_serial": 2876470, "releases": { "0.2": [ { "comment_text": "", "digests": { "md5": "27ca5d3ef74307b362dc73c40e02ddb2", "sha256": "9975984b75bdfbfe9869da2d55f943cc42070b6731bf834682e7b6f13ef7ba4d" }, "downloads": -1, "filename": "flask_keystone-0.2-py3-none-any.whl", "has_sig": false, "md5_digest": "27ca5d3ef74307b362dc73c40e02ddb2", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 18637, "upload_time": "2017-05-15T20:40:03", "url": "https://files.pythonhosted.org/packages/61/8d/c1412cdd3e9ad6a2395f8bdaecce05d2e1b4d67f4b9e81a23abeb24b9a41/flask_keystone-0.2-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "7fb7766421210ba5f02efb316b26ead4", "sha256": "d3841f339e9528491d5fcd18dad904e3f8e37128d2a333bf670038f27a786de3" }, "downloads": -1, "filename": "flask_keystone-0.2.tar.gz", "has_sig": false, "md5_digest": "7fb7766421210ba5f02efb316b26ead4", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 13224, "upload_time": "2017-05-15T20:40:05", "url": "https://files.pythonhosted.org/packages/1f/ca/3938de8c5f4a3d1c5dd4278bedb9d31d79816feba4d088293c620a366fb1/flask_keystone-0.2.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "27ca5d3ef74307b362dc73c40e02ddb2", "sha256": "9975984b75bdfbfe9869da2d55f943cc42070b6731bf834682e7b6f13ef7ba4d" }, "downloads": -1, "filename": "flask_keystone-0.2-py3-none-any.whl", "has_sig": false, "md5_digest": "27ca5d3ef74307b362dc73c40e02ddb2", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 18637, "upload_time": "2017-05-15T20:40:03", "url": "https://files.pythonhosted.org/packages/61/8d/c1412cdd3e9ad6a2395f8bdaecce05d2e1b4d67f4b9e81a23abeb24b9a41/flask_keystone-0.2-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "7fb7766421210ba5f02efb316b26ead4", "sha256": "d3841f339e9528491d5fcd18dad904e3f8e37128d2a333bf670038f27a786de3" }, "downloads": -1, "filename": "flask_keystone-0.2.tar.gz", "has_sig": false, "md5_digest": "7fb7766421210ba5f02efb316b26ead4", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 13224, "upload_time": "2017-05-15T20:40:05", "url": "https://files.pythonhosted.org/packages/1f/ca/3938de8c5f4a3d1c5dd4278bedb9d31d79816feba4d088293c620a366fb1/flask_keystone-0.2.tar.gz" } ] }