complete tutorial
(without HANA step)
This commit is contained in:
parent
775ac7b58c
commit
3752e20313
2 changed files with 16 additions and 2 deletions
|
@ -1,2 +1,3 @@
|
||||||
Flask==2.3.*
|
Flask==2.3.*
|
||||||
cfenv==0.5.3
|
cfenv==0.5.3
|
||||||
|
sap-xssec==4.*
|
15
server.py
15
server.py
|
@ -1,14 +1,27 @@
|
||||||
import os
|
import os
|
||||||
from flask import Flask
|
from flask import Flask
|
||||||
from cfenv import AppEnv
|
from cfenv import AppEnv
|
||||||
|
from flask import request
|
||||||
|
from flask import abort
|
||||||
|
|
||||||
|
from sap import xssec
|
||||||
|
|
||||||
app = Flask(__name__)
|
app = Flask(__name__)
|
||||||
env = AppEnv()
|
env = AppEnv()
|
||||||
|
|
||||||
port = int(os.environ.get('PORT', 3000))
|
port = int(os.environ.get('PORT', 3000))
|
||||||
@app.route('/')
|
uaa_service = env.get_service(name='pyuaa').credentials
|
||||||
|
|
||||||
|
@app.route('/')
|
||||||
def hello():
|
def hello():
|
||||||
|
if 'authorization' not in request.headers:
|
||||||
|
abort(403)
|
||||||
|
access_token = request.headers.get('authorization')[7:]
|
||||||
|
security_context = xssec.create_security_context(access_token, uaa_service)
|
||||||
|
isAuthorized = security_context.check_scope('openid')
|
||||||
|
if not isAuthorized:
|
||||||
|
abort(403)
|
||||||
|
|
||||||
return "Hello World!"
|
return "Hello World!"
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
|
|
Loading…
Reference in a new issue