def make_server(db_dir='/tmp/fake_mesh_dir',
host='0.0.0.0',
port=8829,
ca_cert=default_ca_cert,
server_cert=default_server_cert,
server_key=default_server_key,
debug=False,
logging=False):
app = FakeMeshApplication(db_dir)
if debug:
app = DebugMiddleware(app)
elif logging:
app = LoggingMiddleware(app, logger=LOGGER_NAME)
httpd = Server((host, port), app)
server_context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH,
cafile=ca_cert)
server_context.load_cert_chain(server_cert, server_key)
server_context.check_hostname = False
server_context.verify_mode = ssl.CERT_REQUIRED
ssl_adapter = BuiltinSSLAdapter(server_cert, server_key, ca_cert)
ssl_adapter.context = server_context
httpd.ssl_adapter = ssl_adapter
return httpd
def e2e_test_context():
app = DomainDispatcherApplication(create_backend_app)
aws_server = Server((FAKE_AWS_HOST, FAKE_AWS_PORT), app)
aws_httpd = ThreadedHttpd(aws_server)
aws_httpd.start()
mesh_dir = TemporaryDirectory()
forwarder_dir = TemporaryDirectory()
app = FakeMeshApplication(mesh_dir.name,
FAKE_MESH_SHARED_KEY.encode("utf-8"),
FAKE_MESH_CLIENT_PASSWORD)
mesh_server = Server((FAKE_MESH_HOST, FAKE_MESH_PORT), app)
server_context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH,
cafile=CA_CERT_PATH)
server_context.load_cert_chain(SERVER_CERT_PATH, SERVER_KEY_PATH)
server_context.check_hostname = False
server_context.verify_mode = ssl.CERT_REQUIRED
ssl_adapter = BuiltinSSLAdapter(SERVER_CERT_PATH, SERVER_KEY_PATH,
CA_CERT_PATH)
ssl_adapter.context = server_context
mesh_server.ssl_adapter = ssl_adapter
mesh_httpd = ThreadedHttpd(mesh_server)
mesh_httpd.start()
yield E2ETestContext(
fowarder_home=forwarder_dir.name,
fake_aws_endpoint=f"http://{FAKE_AWS_HOST}:{FAKE_AWS_PORT}",
)
mesh_httpd.stop()
aws_httpd.stop()
mesh_dir.cleanup()
forwarder_dir.cleanup()
def initiate():
log_main.info('Iniciando a API versão: {}'.format(app_version))
signal.signal(signal.SIGTERM, finalize)
signal.signal(signal.SIGINT, finalize)
global token, database, sms
token = conf.get('Auth',
'Token',
fallback='14acd1c3b2f50c1e7354668f7d0b4057')
ttvToken = open(
os.path.join(workdir, conf.get('Auth', 'TokenTTV', fallback=False)),
'r')
sms = SMS(ttvToken.readline())
ttvToken.close()
log_main.warning('Iniciando conexão com banco de dados ...')
try:
db = os.path.join(workdir,
conf.get('Database', 'Database', fallback='data.db'))
database = Database(db)
except Exception as e:
log_main.exception(
'Erro ao iniciar a conexão com o banco de dados: [{}]'.format(e))
_port = conf.getint('Flask', 'Port', fallback=8860)
_host = conf.get('Flask', 'Host', fallback='0.0.0.0')
_threads = conf.getint('Flask', 'Threads', fallback=100)
_ssl_cert = os.path.join(workdir, 'SSL',
conf.get('Flask', 'SSL_Cert', fallback=''))
_ssl_key = os.path.join(workdir, 'SSL',
conf.get('Flask', 'SSL_Key', fallback=''))
try:
_ssl_enabled = os.path.isfile(_ssl_cert) and os.path.isfile(_ssl_key)
except Exception:
_ssl_enabled = False
if len(sys.argv) > 1:
if sys.argv[1] in ('-v', '--version'):
print('API')
print('Versão: {}'.format(app_version))
sys.exit(0)
elif sys.argv[1] in ('-d', '--debug'):
app.run(host=_host, port=_port, threaded=True, debug=True)
else:
print('ERRO | Parâmetro desconhecido: {}'.format(sys.argv))
sys.exit(2)
else:
global server
server = WSGIServer(bind_addr=(_host, _port),
wsgi_app=app,
numthreads=_threads)
if _ssl_enabled:
server.ssl_adapter = BuiltinSSLAdapter(_ssl_cert, _ssl_key)
log_main.warning('Iniciando flask ...')
server.start()
def run(self, handler):
cert = SSL_CERT
#cert_chain = SSL_CERT_CHAIN
privkey = SSL_PRIVKEY
server = WSGIServer((self.host, self.port), handler)
server.ssl_adapter = SecuredSSLServer(cert, privkey) #, cert_chain)
try:
server.start()
finally:
server.stop()
def run(self, handler):
from cheroot.wsgi import Server as WSGIServer
from cheroot.ssl.pyopenssl import pyOpenSSLAdapter
server = WSGIServer((self.host, self.port), handler)
server.ssl_adapter = pyOpenSSLAdapter(
certificate=SolUtils.AppConfig().get('solserver_certificate'),
private_key=SolUtils.AppConfig().get('solserver_private_key'),
)
try:
server.start()
log.info("Server started")
finally:
server.stop()
def _build_fake_mesh(mesh_dir):
app = FakeMeshApplication(mesh_dir, _utf_8(FAKE_MESH_SHARED_KEY),
FAKE_MESH_CLIENT_PASSWORD)
httpd = Server((FAKE_MESH_HOST, FAKE_MESH_PORT), app)
server_context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH,
cafile=CA_CERT_PATH)
server_context.load_cert_chain(SERVER_CERT_PATH, SERVER_KEY_PATH)
server_context.check_hostname = False
server_context.verify_mode = ssl.CERT_REQUIRED
ssl_adapter = BuiltinSSLAdapter(SERVER_CERT_PATH, SERVER_KEY_PATH,
CA_CERT_PATH)
ssl_adapter.context = server_context
httpd.ssl_adapter = ssl_adapter
return ThreadedHttpd(httpd)
def run(self, handler):
"""
Runs a CherryPy Server using the SSL certificate.
"""
from cheroot.wsgi import Server as CherryPyWSGIServer
from cheroot.ssl.builtin import BuiltinSSLAdapter
server = CherryPyWSGIServer((self.host, self.port), handler)
server.ssl_adapter = BuiltinSSLAdapter(
certificate=get_ssl_certificate(),
private_key=get_ssl_private_key(),
certificate_chain=get_ssl_certificate_chain()
if get_ssl_certificate_chain() != "" else None)
try:
server.start()
except Exception as ex:
LOG.error('Unable to start SSL server: %s' % ex)
server.stop()
sign_alg = None
digest_alg = None
try:
sign_alg = CONFIG.SIGN_ALG
except AttributeError:
pass
try:
digest_alg = CONFIG.DIGEST_ALG
except AttributeError:
pass
ds.DefaultSignature(sign_alg, digest_alg)
SRV = WSGIServer((HOST, PORT), application)
_https = ""
if CONFIG.HTTPS:
https = "using HTTPS"
# SRV.ssl_adapter = ssl_pyopenssl.pyOpenSSLAdapter(
# config.SERVER_CERT, config.SERVER_KEY, config.CERT_CHAIN)
SRV.ssl_adapter = BuiltinSSLAdapter(
CONFIG.SERVER_CERT, CONFIG.SERVER_KEY, CONFIG.CERT_CHAIN
)
logger.info("Server starting")
print("IDP listening on %s:%s%s" % (HOST, PORT, _https))
try:
SRV.start()
except KeyboardInterrupt:
SRV.stop()
def cherrypy_server_runner(app,
global_conf=None,
host='127.0.0.1',
port=None,
ssl_pem=None,
protocol_version=None,
numthreads=None,
server_name=None,
max=None,
request_queue_size=None,
timeout=None): # pragma: no cover
"""
Entry point for CherryPy's WSGI server
Serves the specified WSGI app via CherryPyWSGIServer.
``app``
The WSGI 'application callable'; multiple WSGI applications
may be passed as (script_name, callable) pairs.
``host``
This is the ipaddress to bind to (or a hostname if your
nameserver is properly configured). This defaults to
127.0.0.1, which is not a public interface.
``port``
The port to run on, defaults to 8080 for HTTP, or 4443 for
HTTPS. This can be a string or an integer value.
``ssl_pem``
This an optional SSL certificate file (via OpenSSL) You can
generate a self-signed test PEM certificate file as follows:
$ openssl genrsa 1024 > host.key
$ chmod 400 host.key
$ openssl req -new -x509 -nodes -sha1 -days 365 \\
-key host.key > host.cert
$ cat host.cert host.key > host.pem
$ chmod 400 host.pem
``protocol_version``
The protocol used by the server, by default ``HTTP/1.1``.
``numthreads``
The number of worker threads to create.
``server_name``
The string to set for WSGI's SERVER_NAME environ entry.
``max``
The maximum number of queued requests. (defaults to -1 = no
limit).
``request_queue_size``
The 'backlog' argument to socket.listen(); specifies the
maximum number of queued connections.
``timeout``
The timeout in seconds for accepted connections.
"""
is_ssl = False
if ssl_pem:
port = port or 4443
is_ssl = True
if not port:
if ':' in host:
host, port = host.split(':', 1)
else:
port = 8080
bind_addr = (host, int(port))
kwargs = {}
for var_name in ('numthreads', 'max', 'request_queue_size', 'timeout'):
var = locals()[var_name]
if var is not None:
kwargs[var_name] = int(var)
try:
from cheroot.wsgi import Server as WSGIServer
except ImportError:
from cherrypy.wsgiserver import CherryPyWSGIServer as WSGIServer
server = WSGIServer(bind_addr, app, server_name=server_name, **kwargs)
if ssl_pem is not None:
if PY2:
server.ssl_certificate = server.ssl_private_key = ssl_pem
else:
# creates wsgiserver.ssl_builtin as side-effect
try:
from cheroot.server import get_ssl_adapter_class
from cheroot.ssl.builtin import BuiltinSSLAdapter
except ImportError:
from cherrypy.wsgiserver import get_ssl_adapter_class
from cherrypy.wsgiserver.ssl_builtin import BuiltinSSLAdapter
get_ssl_adapter_class()
server.ssl_adapter = BuiltinSSLAdapter(ssl_pem, ssl_pem)
if protocol_version:
server.protocol = protocol_version
try:
protocol = is_ssl and 'https' or 'http'
if host == '0.0.0.0':
print('serving on 0.0.0.0:%s view at %s://127.0.0.1:%s' %
(port, protocol, port))
else:
print('serving on %s://%s:%s' % (protocol, host, port))
server.start()
except (KeyboardInterrupt, SystemExit):
server.stop()
return server
status = '200 OK'
response_headers = [('Content-type', 'text/plain')]
start_response(status, response_headers)
return [b'Hello world!']
def verify_callback(connection, x509, errnum, errdepth, ok):
print("in callback, cert result %d" % (ok))
print("in callback, x509 cert")
Utils.print_cert_info(x509.to_cryptography())
return True
if __name__ == '__main__':
server = CherryPyWSGIServer(('0.0.0.0', 8070),
my_crazy_app,
server_name='www.cherrypy.example')
server.ssl_adapter = pyOpenSSLAdapter(certificate=CERT_PATH,
certificate_chain=CERT_CHAIN_PATH,
private_key=CERT_PRIVATE_KEY_PATH)
server.ssl_adapter.context = SSL.Context(SSL.SSLv23_METHOD)
server.ssl_adapter.context.use_certificate_file(CERT_PATH)
server.ssl_adapter.context.load_verify_locations(CERT_CHAIN_PATH)
server.ssl_adapter.context.use_privatekey_file(CERT_PRIVATE_KEY_PATH)
server.ssl_adapter.context.set_verify(
SSL.VERIFY_PEER | SSL.VERIFY_FAIL_IF_NO_PEER_CERT, verify_callback)
try:
server.start()
except KeyboardInterrupt:
server.stop()
parser.add_argument('--certificate', nargs='?', help='TLS cert location')
parser.add_argument('--key', nargs='?', help='TLS private key location')
args = parser.parse_args()
bp_perf = BPPerformance(classifiers, endpoint=args.nodeos_url)
thread = threading.Thread(target=bp_perf.watch)
thread.start()
app = cache_middleware(60)(
PathInfoDispatcher({
'/': index(bp_perf),
'/chart': transaction_chart(bp_perf),
'/transactions.csv': transaction_csv(bp_perf),
'/missed_slots': missed_slots(bp_perf),
'/missed_slots_by_time': missed_slots_by_time(bp_perf),
'/missed_slots.csv': missed_slots_csv(bp_perf),
'/transactions_per_block': transactions_per_block(bp_perf)
})
)
httpd = Server((args.host, args.port), app)
if args.certificate:
from cheroot.ssl.builtin import BuiltinSSLAdapter
httpd.ssl_adapter = BuiltinSSLAdapter(args.certificate, args.key)
try:
print(f"Serving on {args.host}:{args.port}")
httpd.safe_start()
finally:
bp_perf.stop()
SP = Saml2Client(config_file="%s" % CNFBASE)
POLICY = service_conf.POLICY
add_urls()
sign_alg = None
digest_alg = None
try:
sign_alg = service_conf.SIGN_ALG
except:
pass
try:
digest_alg = service_conf.DIGEST_ALG
except:
pass
ds.DefaultSignature(sign_alg, digest_alg)
SRV = WSGIServer((HOST, PORT), application)
_https = ""
if service_conf.HTTPS:
SRV.ssl_adapter = pyopenssl.pyOpenSSLAdapter(SERVER_CERT, SERVER_KEY,
CERT_CHAIN)
_https = " using SSL/TLS"
logger.info("Server starting")
print("SP listening on %s:%s%s" % (HOST, PORT, _https))
try:
SRV.start()
except KeyboardInterrupt:
SRV.stop()
def main():
parser = argparse.ArgumentParser(description='Example OIDC Provider.')
parser.add_argument("-p", "--port", default=80, type=int)
parser.add_argument("-b", "--base", default="https://0.0.0.0", type=str)
parser.add_argument("-d", "--debug", action="store_true")
parser.add_argument("settings")
args = parser.parse_args()
# Load configuration
with open(args.settings, "r") as f:
settings = yaml.load(f)
issuer = args.base.rstrip("/")
template_dirs = settings["server"].get("template_dirs", "templates")
jinja_env = Environment(loader=FileSystemLoader(template_dirs))
authn_broker, auth_routing = setup_authentication_methods(
settings["authn"], jinja_env)
# Setup userinfo
userinfo_conf = settings["userinfo"]
cls = make_cls_from_name(userinfo_conf["class"])
i = cls(**userinfo_conf["kwargs"])
userinfo = UserInfo(i)
client_db = {}
session_db = create_session_db(issuer,
secret=rndstr(32),
password=rndstr(32))
provider = Provider(issuer,
session_db,
client_db,
authn_broker,
userinfo,
AuthzHandling(),
verify_client,
None,
extra_claims=["faculty", "is_rich", "profyle_member"],
extra_scope_dict={
'profile': [
"is_rich", "faculty", "profyle_member",
"given_name", "_claim_names", "_claim_sources"
],
'roles': ["faculty", "profyle_member"]
})
provider.baseurl = issuer
provider.symkey = rndstr(16)
# Setup keys
path = os.path.join(os.path.dirname(__file__), "static")
try:
os.makedirs(path)
except OSError as e:
if e.errno != errno.EEXIST:
raise e
pass
jwks = keyjar_init(provider, settings["provider"]["keys"])
name = "jwks.json"
with open(os.path.join(path, name), "w") as f:
f.write(json.dumps(jwks))
# Mount the WSGI callable object (app) on the root directory
app_routing = setup_endpoints(provider)
app_routing["/.well-known/openid-configuration"] = pyoidcMiddleware(
provider.providerinfo_endpoint)
app_routing["/.well-known/webfinger"] = pyoidcMiddleware(
partial(_webfinger, provider))
routing = dict(list(auth_routing.items()) + list(app_routing.items()))
routing["/static"] = make_static_handler(path)
dispatcher = WSGIPathInfoDispatcher(routing)
server = WSGIServer(('0.0.0.0', args.port), dispatcher)
server.ssl_adapter = BuiltinSSLAdapter(settings["server"]["cert"],
settings["server"]["key"],
settings["server"]["cert_chain"])
# Start the CherryPy WSGI web server
try:
print("Server started: {}".format(issuer))
server.start()
except KeyboardInterrupt:
server.stop()
def start():
#NOTE: bots directory should always be on PYTHONPATH - otherwise it will not start.
#***command line arguments**************************
usage = '''
This is "%(name)s" version %(version)s, part of Bots open source edi translator (http://bots.sourceforge.net).
The %(name)s is the web server for bots; the interface (bots-monitor) can be accessed in a
browser, eg 'http://localhost:8080'.
Usage:
%(name)s -c<directory>
Options:
-c<directory> directory for configuration files (default: config).
''' % {
'name': os.path.basename(sys.argv[0]),
'version': botsglobal.version
}
configdir = 'config'
for arg in sys.argv[1:]:
if arg.startswith('-c'):
configdir = arg[2:]
if not configdir:
print(
'Error: configuration directory indicated, but no directory name.'
)
sys.exit(1)
else:
print(usage)
sys.exit(0)
#***end handling command line arguments**************************
botsinit.generalinit(
configdir) #find locating of bots, configfiles, init paths etc.
process_name = 'webserver'
botsglobal.logger = botsinit.initserverlogging(
process_name
) #initialise file-logging for web-server. This logging only contains the logging from bots-webserver, not from cherrypy.
#***init cherrypy as webserver*********************************************
#global configuration for cherrypy
cherrypy.config.update({
'global': {
'log.screen':
False,
'server.environment':
botsglobal.ini.get('webserver', 'environment', 'production')
}
})
#cherrypy handling of static files
conf = {
'/': {
'tools.staticdir.on': True,
'tools.staticdir.dir': 'media',
'tools.staticdir.root': botsglobal.ini.get('directories',
'botspath')
}
}
servestaticfiles = cherrypy.tree.mount(
None, '/media', conf
) #None: no cherrypy application (as this only serves static files)
#cherrypy handling of django
servedjango = WSGIHandler(
) #was: servedjango = AdminMediaHandler(WSGIHandler()) - django does not need the AdminMediaHandler.
#cherrypy uses a dispatcher in order to handle the serving of static files and django.
dispatcher = WSGIPathInfoDispatcher({
'/': servedjango,
str('/media'): servestaticfiles
}) #UNICODEPROBLEM: needs to be binary
botswebserver = WSGIServer(
bind_addr=('0.0.0.0', botsglobal.ini.getint('webserver', 'port',
8080)),
wsgi_app=dispatcher,
server_name=botsglobal.ini.get('webserver', 'name', 'bots-webserver'))
#botswebserver = wsgiserver.CherryPyWSGIServer(bind_addr=('0.0.0.0', botsglobal.ini.getint('webserver','port',8080)), wsgi_app=dispatcher, server_name=botsglobal.ini.get('webserver','name','bots-webserver'))
botsglobal.logger.log(25, _('Bots %(process_name)s started.'),
{'process_name': process_name})
botsglobal.logger.log(
25, _('Bots %(process_name)s configdir: "%(configdir)s".'), {
'process_name': process_name,
'configdir': botsglobal.ini.get('directories', 'config')
})
botsglobal.logger.log(
25, _('Bots %(process_name)s serving at port: "%(port)s".'), {
'process_name': process_name,
'port': botsglobal.ini.getint('webserver', 'port', 8080)
})
#handle ssl: cherrypy < 3.2 always uses pyOpenssl. cherrypy >= 3.2 uses python buildin ssl (python >= 2.6 has buildin support for ssl).
ssl_certificate = botsglobal.ini.get('webserver', 'ssl_certificate', None)
ssl_private_key = botsglobal.ini.get('webserver', 'ssl_private_key', None)
if ssl_certificate and ssl_private_key:
if StrictVersion(cherrypy.__version__) >= StrictVersion('3.2.0'):
botswebserver.ssl_adapter = BuiltinSSLAdapter(
ssl_certificate, ssl_private_key)
else:
#but: pyOpenssl should be there!
botswebserver.ssl_certificate = ssl_certificate
botswebserver.ssl_private_key = ssl_private_key
botsglobal.logger.log(25, _('Bots %(process_name)s uses ssl (https).'),
{'process_name': process_name})
else:
botsglobal.logger.log(
25, _('Bots %(process_name)s uses plain http (no ssl).'),
{'process_name': process_name})
#***start the cherrypy webserver.************************************************
try:
botswebserver.start()
except KeyboardInterrupt:
botswebserver.stop()
db.session.commit()
fmt = request.args.get('format')
if fmt == 'json':
return jsonify(task.dict()), 200
return redirect('/')
if __name__ == '__main__':
if len(argv) > 1:
password = argv[1]
ssl_cert = "fullchain.pem"
ssl_key = "privkey.pem"
if os.path.isfile(ssl_cert) and os.path.isfile(ssl_key):
from cheroot.wsgi import Server as WSGIServer
from cheroot.wsgi import PathInfoDispatcher as WSGIPathInfoDispatcher
from cheroot.ssl.builtin import BuiltinSSLAdapter
my_app = WSGIPathInfoDispatcher({'/': app})
server = WSGIServer(('0.0.0.0', 5000), my_app)
server.ssl_adapter = BuiltinSSLAdapter(ssl_cert, ssl_key, None)
try:
server.start()
except KeyboardInterrupt:
server.stop()
else:
app.run(host='0.0.0.0')
POLICY = service_conf.POLICY
add_urls()
sign_alg = None
digest_alg = None
try:
sign_alg = service_conf.SIGN_ALG
except:
pass
try:
digest_alg = service_conf.DIGEST_ALG
except:
pass
ds.DefaultSignature(sign_alg, digest_alg)
SRV = WSGIServer((HOST, PORT), ToBytesMiddleware(application))
_https = ""
if service_conf.HTTPS:
SRV.ssl_adapter = pyopenssl.pyOpenSSLAdapter(
SERVER_CERT, SERVER_KEY, CERT_CHAIN
)
_https = " using SSL/TLS"
logger.info("Server starting")
print("SP listening on %s:%s%s" % (HOST, PORT, _https))
try:
SRV.start()
except KeyboardInterrupt:
SRV.stop()
def cherrypy_server_runner(
app, global_conf=None, host='127.0.0.1', port=None,
ssl_pem=None, protocol_version=None, numthreads=None,
server_name=None, max=None, request_queue_size=None,
timeout=None
): # pragma: no cover
"""
Entry point for CherryPy's WSGI server
Serves the specified WSGI app via CherryPyWSGIServer.
``app``
The WSGI 'application callable'; multiple WSGI applications
may be passed as (script_name, callable) pairs.
``host``
This is the ipaddress to bind to (or a hostname if your
nameserver is properly configured). This defaults to
127.0.0.1, which is not a public interface.
``port``
The port to run on, defaults to 8080 for HTTP, or 4443 for
HTTPS. This can be a string or an integer value.
``ssl_pem``
This an optional SSL certificate file (via OpenSSL) You can
generate a self-signed test PEM certificate file as follows:
$ openssl genrsa 1024 > host.key
$ chmod 400 host.key
$ openssl req -new -x509 -nodes -sha1 -days 365 \\
-key host.key > host.cert
$ cat host.cert host.key > host.pem
$ chmod 400 host.pem
``protocol_version``
The protocol used by the server, by default ``HTTP/1.1``.
``numthreads``
The number of worker threads to create.
``server_name``
The string to set for WSGI's SERVER_NAME environ entry.
``max``
The maximum number of queued requests. (defaults to -1 = no
limit).
``request_queue_size``
The 'backlog' argument to socket.listen(); specifies the
maximum number of queued connections.
``timeout``
The timeout in seconds for accepted connections.
"""
is_ssl = False
if ssl_pem:
port = port or 4443
is_ssl = True
if not port:
if ':' in host:
host, port = host.split(':', 1)
else:
port = 8080
bind_addr = (host, int(port))
kwargs = {}
for var_name in ('numthreads', 'max', 'request_queue_size', 'timeout'):
var = locals()[var_name]
if var is not None:
kwargs[var_name] = int(var)
try:
from cheroot.wsgi import Server as WSGIServer
except ImportError:
from cherrypy.wsgiserver import CherryPyWSGIServer as WSGIServer
server = WSGIServer(bind_addr, app,
server_name=server_name, **kwargs)
if ssl_pem is not None:
if PY2:
server.ssl_certificate = server.ssl_private_key = ssl_pem
else:
# creates wsgiserver.ssl_builtin as side-effect
try:
from cheroot.server import get_ssl_adapter_class
from cheroot.ssl.builtin import BuiltinSSLAdapter
except ImportError:
from cherrypy.wsgiserver import get_ssl_adapter_class
from cherrypy.wsgiserver.ssl_builtin import BuiltinSSLAdapter
get_ssl_adapter_class()
server.ssl_adapter = BuiltinSSLAdapter(ssl_pem, ssl_pem)
if protocol_version:
server.protocol = protocol_version
try:
protocol = is_ssl and 'https' or 'http'
if host == '0.0.0.0':
print('serving on 0.0.0.0:%s view at %s://127.0.0.1:%s' %
(port, protocol, port))
else:
print('serving on %s://%s:%s' % (protocol, host, port))
server.start()
except (KeyboardInterrupt, SystemExit):
server.stop()
return server
sign_alg = None
digest_alg = None
try:
sign_alg = CONFIG.SIGN_ALG
except AttributeError:
pass
try:
digest_alg = CONFIG.DIGEST_ALG
except AttributeError:
pass
ds.DefaultSignature(sign_alg, digest_alg)
SRV = WSGIServer((HOST, PORT), application)
_https = ""
if CONFIG.HTTPS:
https = "using HTTPS"
# SRV.ssl_adapter = ssl_pyopenssl.pyOpenSSLAdapter(
# config.SERVER_CERT, config.SERVER_KEY, config.CERT_CHAIN)
SRV.ssl_adapter = BuiltinSSLAdapter(CONFIG.SERVER_CERT,
CONFIG.SERVER_KEY,
CONFIG.CERT_CHAIN)
logger.info("Server starting")
print("IDP listening on %s:%s%s" % (HOST, PORT, _https))
try:
SRV.start()
except KeyboardInterrupt:
SRV.stop()
if len(customers) == 0:
return '[]'
for customer in customers:
result += json.dumps(customer.to_dict()) + ','
result = result[:-1]
return result + ']'
#Take a look on running the cherry server:
# https://stackoverflow.com/questions/55366395/how-to-run-a-flask-app-on-cherrypy-wsgi-server-cheroot-using-https
# https://www.digitalocean.com/community/tutorials/how-to-deploy-python-wsgi-applications-using-a-cherrypy-web-server-behind-nginx
#
if __name__ == '__main__':
"""Run the cherry server"""
d = PathInfoDispatcher({'/': app})
server = WSGIServer(('0.0.0.0', 8000), d)
path = settings['sslPath']
server.ssl_adapter = BuiltinSSLAdapter(certificate=f'{path}cert.pem',
private_key=f'{path}privkey.pem')
try:
server.start()
except KeyboardInterrupt:
server.stop()
