Reputation: 33
HTTPS with Flask-RESTful and mod_wsgi
I am trying to restrict a Google Apps API Python client to HTTPS, using Flask-RESTful and mod_wsgi. The API itself appears to work, but I am running into errors when I point web browsers to the HTTPS url.
I'm fairly new to Python, Flask, and mod_wsgi, but I have the following pared-down example code:
/home/myself/testgoogle/testgoogle.py
#!/usr/local/bin/python
import json
import os
import sys
from DirectoryServiceObject import DirectoryServiceObject
from flask import Flask, request
from flask.ext.restful import abort, Api, Resource
from apiclient import errors
from apiclient.discovery import build
directory_service_object = DirectoryServiceObject().service_object
app = Flask( __name__ )
app.debug = True
api = Api( app )
class OrgUnitsList( Resource ):
def get( self ):
all_org_units = {}
params = { "customerId": "my_customer" }
try:
all_org_units = directory_service_object.orgunits().list( **params ).execute()
except errors.HttpError, e:
error = json.loads(e.content)
return error
return all_org_units
api.add_resource( OrgUnitsList, "/orgunitslist" )
if __name__ == "__main__":
app.run( host="secured.example.com", port=5001 )
/home/myself/testgoogle/testgoogle.wsgi
import sys
sys.path.insert( 0, "/home/myself/testgoogle" )
from testgoogle import app as application
/path/to/apache/ssl.conf
<VirtualHost 256.256.256.256:5001>
ServerName secured.example.com:5001
WSGIScriptAlias / /home/myself/testgoogle/testgoogle.wsgi
ErrorLog /home/myself/error.log
LogLevel warn
CustomLog /home/myself/access.log combined
<Directory /home/myself/testgoogle>
WSGIProcessGroup testgoogle
WSGIApplicationGroup %{GLOBAL}
Order deny,allow
Allow from all
</Directory>
</VirtualHost>
When I point my web browser to https://secured.example.com:5001/orgunitslist to get a list of my Google domain's organization units, I have the error "can't connect to the server 'secured.example.com'".
If I first run "python testgoogle.py" the API starts, but using the web browser ends up with "code 400, message Bad request syntax", and the browser hangs. I am assuming it is because the script is expecting HTTP. Of course, as expected going to the same URL using HTTP works, and I get a list of the org units.
What am I missing? What else do I need, or need to do differently, in order to restrict API calls to HTTPS?
Upvotes: 1
Views: 2259
Answers (1)
Reputation: 33
I appear to have fixed the issue by making the following changes:
- testgoogle.py renamed to TestGoogleClient.py.
- testgoogle.wsgi renamed to TestGoogleWsgi.wsgi and I modified the last line to read
from TestGoogleClient import app as application.
For some reason, having both .wsgi and .py files with the same name seemed to give me "app not found" errors.
I also modified my Apache config:
- Added
Listen 256.256.256.256:5001andWSGISocketPrefix /var/run/wsgioutside of the<VirtualHost>section. - Added the following inside
<VirtualHost>:SSLEngine onSSLCertificateFile /path/to/my/certSSLCertificateKeyFile /path/to/my/keyWSGIDaemonProcess TestGoogleClient python-path=/path/to/python/site-packagesWSGIProcessGroup TestGoogleClientWSGIScriptAlias / /home/myself/testgoogle/TestGoogleWsgi.wsgi
And to top everything off, I needed my System Administrators to allow my app through the firewall.
Upvotes: 2
Related Questions
- can you add HTTPS functionality to a python flask web server?
- Serving Flask-RESTPlus on https server
- Https with Http in Flask Python
- how to redirect http to https in flask
- Enabling SSL on Flask + Google App Engine
- How to use SSL with Flask
- Using Python Flask-restful with mod-wsgi
- python requests does not work for https from apache with wsgi
- Python Flask webapp simple proxy configuration to enable SSL/HTTPS with Apache
- SSL based virtual host with django and mod_wsgi