gcloud-flask-oauth-cors

A tiny utility to authenticate requests using GCP OAuth and send CORS headers in Flask


License
Apache-2.0
Install
pip install gcloud-flask-oauth-cors==0.1.1

Documentation

Flask OAuth CORS PyPI version

A small class that helps with authentication and CORS for HTTP-triggered cloud functions written in Python and hosted on GCP.

Please note: This is not an officially supported Google product.

If you are using OAuth to authenticate to a Cloud Function written in Python and hosted on GCP, and your client is running in a browser, this is for you. If not, you probably won't find this useful.

Features

  • Responds correctly and configurably to the HTTP OPTIONS method used by browsers to do pre-flight checks as part of CORS
  • Retrieves an OAuth2 token supplied in the Authorization HTTP header, validates it, and then fetches the information encoded by the token
  • Gives you back either a valid token, or a response to send back to the user in case a valid token can't be found

Installation

Install using pip:

python3 -m pip install --user gcloud-flask-oauth-cors

Usage

To use this package:

Then, you can use the following:

import gcloud_flask_oauth_cors as oauth

def my_function_name(request):
    auth = oauth.Auth(os.getenv("OAUTH_CLIENT_ID"))
    id_info = auth.get_id_info(request)
    if id_info is None:
        # If we were called with the HTTP OPTIONS method, this will return the relevant CORS headers.
        # If another HTTP method was used and we can't authenticate, this will return a 401 (Unauthorized)
        return auth.get_response()

    # Do something with the id_info, for example:
    print(id_info["sub"])

On the client side, you can use Google Sign-in. Make sure you pass your id_token in any requests like this:

let xhr = new XMLHttpRequest();
xhr.setRequestHeader('Authorization', `Bearer ${id_token}`);