users-proxy/app/app.py

86 lines
2.6 KiB
Python
Raw Permalink Normal View History

2023-08-16 16:47:48 +00:00
#!/usr/bin/env python3
import os
import kopf
import prometheus_async
2023-08-16 17:39:40 +00:00
from functools import wraps
2023-08-16 16:47:48 +00:00
from sanic import Sanic, response
from sanic import exceptions
app = Sanic("users-proxy")
devenv = bool(os.getenv("DEV_ENV", False))
2023-08-16 17:39:40 +00:00
api_key = os.environ["API_KEY"]
2023-08-16 16:47:48 +00:00
users_lookup = {}
2023-10-13 12:13:17 +00:00
def resource_is_deleted(event, **_):
return event["type"] == "DELETED"
2023-08-16 17:39:40 +00:00
def authorized():
def decorator(f):
@wraps(f)
async def decorated_function(request, *args, **kwargs):
if request.token and request.token == api_key:
return await f(request, *args, **kwargs)
else:
return response.json({"status": "not_authorized"}, 403)
return decorated_function
return decorator
2023-08-16 16:47:48 +00:00
@app.route("/", methods=["GET"])
async def get_index(request):
return response.text("hello")
@app.route("/users", methods=["GET"])
2023-08-16 17:39:40 +00:00
@authorized()
2023-08-16 16:47:48 +00:00
async def get_users(request):
return response.json(list(users_lookup.values()))
@app.route("/users/<username:str>", methods=["GET"])
2023-08-16 17:39:40 +00:00
@authorized()
2023-08-16 16:47:48 +00:00
async def get_single_user(request, username: str):
user = users_lookup.get(username)
if user:
return response.json(user)
else:
raise exceptions.NotFound()
@kopf.on.startup()
async def configure(settings: kopf.OperatorSettings, **_):
settings.scanning.disabled = True
settings.posting.enabled = False
settings.persistence.finalizer = "users-proxy"
print("Kopf operator starting up")
@kopf.on.resume('oidcgatewayusers')
@kopf.on.create('oidcgatewayusers')
@kopf.on.update('oidcgatewayusers')
async def save_handler(body, **_):
username = body['metadata']['name']
groups = []
for group in body.get("status", {}).get("groups", []):
groups.append(f"{group['prefix']}:{group['name']}")
user = {
"username": username,
"display_name": body.get("spec", {}).get("customProfile", {}).get("name", None),
"slack_id": body.get("status", {}).get("slackId", None),
"groups": groups
}
print(f"Saving {username}")
users_lookup[username] = user
2023-10-13 12:13:17 +00:00
@kopf.on.event('', 'v1', 'oidcgatewayusers', when=resource_is_deleted)
2023-08-16 16:47:48 +00:00
async def delete_handler(body, **_):
username = body['metadata']['name']
print(f"Deleting {username}")
del users_lookup[username]
@app.listener("before_server_start")
async def do_setup(app, loop):
print("Setting up")
app.add_task(kopf.operator(clusterwide=True))
app.add_task(prometheus_async.aio.web.start_http_server(port=5000))
if __name__ == "__main__":
app.run(host="0.0.0.0", port=3001, single_process=False, motd=False, dev=devenv)