complete tutorial

(without HANA step)
2024-02-08 16:37:17 +01:00 · 2024-02-08 16:37:17 +01:00 · 3752e20313
commit 3752e20313
parent 775ac7b58c
2 changed files with 16 additions and 2 deletions
--- a/requirements.txt
+++ b/requirements.txt
@ -1,2 +1,3 @@
 Flask==2.3.*
-cfenv==0.5.3
+cfenv==0.5.3
+sap-xssec==4.*
--- a/server.py
+++ b/server.py
@ -1,14 +1,27 @@
 import os
 from flask import Flask
 from cfenv import AppEnv
+from flask import request
+from flask import abort
+
+from sap import xssec

 app = Flask(__name__)
 env = AppEnv()

 port = int(os.environ.get('PORT', 3000))
-@app.route('/')
+uaa_service = env.get_service(name='pyuaa').credentials

+@app.route('/')
 def hello():
+    if 'authorization' not in request.headers:
+        abort(403)
+    access_token = request.headers.get('authorization')[7:]
+    security_context = xssec.create_security_context(access_token, uaa_service)
+    isAuthorized = security_context.check_scope('openid')
+    if not isAuthorized:
+        abort(403)
+        
    return "Hello World!"

 if __name__ == '__main__':