Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding samples for Identity-Aware Proxy #17

Closed
wants to merge 26 commits into from
Closed
Changes from 1 commit
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
73aa267
initial commit for identity-aware proxy samples
Aug 16, 2017
709935e
Adding scripts to prog_auth_deploy.yaml that come from https://github…
danieldeleo Aug 17, 2017
fa723e6
adding dependencies necessary for cryptography library
danieldeleo Aug 17, 2017
66ea3a3
modifying deployemnt to use virtualenv
danieldeleo Aug 17, 2017
0c5edfa
removing virtualenv usage
danieldeleo Aug 17, 2017
f31c5e5
removing deprecated scripts
danieldeleo Aug 18, 2017
7037887
removing directories
danieldeleo Aug 18, 2017
0cc1ec7
adding main.py script for running prog auth sample
danieldeleo Aug 21, 2017
3efbd61
adding main.py script for running prog auth sample
danieldeleo Aug 21, 2017
30cb8d6
updating server script for iap signing verification
danieldeleo Aug 22, 2017
33349e3
updating server script for iap signing verification
danieldeleo Aug 22, 2017
92529c8
cleanup main.py for calling prog auth
danieldeleo Aug 22, 2017
86901f7
adding extra file to download for prog_auth deployment script
danieldeleo Aug 22, 2017
fa45c56
modifying prog_auth deployment script to not verify certs when using …
danieldeleo Aug 22, 2017
8738f6f
modifying prog_auth deployment script to not verify certs when using …
danieldeleo Aug 22, 2017
85d841b
modifying prog_auth deployment script to not verify certs when using …
danieldeleo Aug 22, 2017
0a7997c
print output of main.py
danieldeleo Aug 23, 2017
645dcfd
print headers in iap validating server
danieldeleo Aug 23, 2017
cdd0b34
removing sudo as startup script is already run as root
danieldeleo Aug 23, 2017
80f8150
adding github link for validate_jwt
danieldeleo Aug 23, 2017
f008031
Adding documentation to README
danieldeleo Aug 23, 2017
da24d18
Update README.md
danieldeleo Aug 23, 2017
d88ae63
Update README.md
danieldeleo Aug 23, 2017
9174b18
Update README.md
danieldeleo Aug 23, 2017
367cd09
Update README.md
danieldeleo Aug 23, 2017
9302763
Update README.md
danieldeleo Aug 23, 2017
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Update README.md
danieldeleo authored Aug 23, 2017
commit 9174b189f66c57802c1c2b2b9108c2e9308b5352
16 changes: 13 additions & 3 deletions infrastructure/identity-aware-proxy/README.md
Original file line number Diff line number Diff line change
@@ -2,7 +2,11 @@

## Running iap_validating_server.py

This sample script runs a simple python web server which validates all GET requests to verify if they're being proxied through Google's Identity-Aware Proxy. This sample depends on and uses the [validate_iap_jwt_from_compute_engine](https://github.com/GoogleCloudPlatform/python-docs-samples/blob/3f5de8c8857784e90935379b63c352c0a5f7f8da/iap/validate_jwt.py#L49) function found in the [validate_jwt.py](https://github.com/GoogleCloudPlatform/python-docs-samples/blob/master/iap/validate_jwt.py) file. Make sure you install the necessary libraries by following [these instructions](https://github.com/GoogleCloudPlatform/python-docs-samples/tree/master/iap#using-validate_jwt).
This sample script runs a simple python web server which validates all GET requests to verify if they're being proxied through Google's Identity-Aware Proxy. This sample depends on and uses the [validate_iap_jwt_from_compute_engine](https://github.com/GoogleCloudPlatform/python-docs-samples/blob/3f5de8c8857784e90935379b63c352c0a5f7f8da/iap/validate_jwt.py#L49) function found in the [validate_jwt.py](https://github.com/GoogleCloudPlatform/python-docs-samples/blob/master/iap/validate_jwt.py) file. Make sure you install the necessary libraries found in [requirements.txt](https://github.com/GoogleCloudPlatform/python-docs-samples/blob/master/iap/requirements.txt) by running:

pip install -r requirements.txt

Once the libraries are installed, you can run the server by calling:

python iap_validating_server.py

@@ -13,9 +17,15 @@ This sample script takes in two runtime arguments
* URL - The URL corresponding to the resource sitting behind the Identity-Aware Proxy
* IAP Client Id - The OAuth Client Id of the service account assigned to Identity-Aware Proxy

and passes them to the [make_iap_request](https://github.com/GoogleCloudPlatform/python-docs-samples/blob/3f5de8c8857784e90935379b63c352c0a5f7f8da/iap/make_iap_request.py#L33) function found in [make_iap_request.py](https://github.com/GoogleCloudPlatform/python-docs-samples/blob/master/iap/make_iap_request.py)
and passes them to the [make_iap_request](https://github.com/GoogleCloudPlatform/python-docs-samples/blob/3f5de8c8857784e90935379b63c352c0a5f7f8da/iap/make_iap_request.py#L33) function found in [make_iap_request.py](https://github.com/GoogleCloudPlatform/python-docs-samples/blob/master/iap/make_iap_request.py). Make sure you install the necessary libraries found in [requirements.txt](https://github.com/GoogleCloudPlatform/python-docs-samples/blob/master/iap/requirements.txt) by running:

pip install -r requirements.txt

Once the libraries are installed, you can run the sample by calling:

python main.py https://yourdomain.com projectNumber-randomchars.apps.googleusercontent.com
python main.py URL IAP_CLIENT_ID

making sure to replace the URL and IAP_CLIENT_ID placeholders with appropriate values.

## Deploying with prog_auth_deploy.yaml