tmp 4

Signed-off-by: kvmw <mshamsi@broadcom.com>

Author: kvmw

greeter-messages/app.py

@@ -8,10 +8,8 @@
 
 app = Flask(__name__)
 
-port = int(os.getenv('PORT', '8080'))
-
 try:
-    init_client(port)
+    init_client()
     logger.info("Eureka client initialized successfully")
 except Exception as e:
     logger.error(f"Failed to initialize Eureka client: {e}")
@@ -25,4 +23,5 @@ def greeting():
     return f"{salutation}, {name}!"
 
 if __name__ == '__main__':
+    port = int(os.getenv('PORT', '8080'))
     app.run(host='0.0.0.0', port=port)

greeter-messages/eureka.py

@@ -42,7 +42,7 @@ def _on_err(err_type: str, err: Exception):
     if err_type in (eureka_client.ERROR_REGISTER, eureka_client.ERROR_DISCOVER):
         eureka_client.stop()
 
-def init_client(port: int):
+def init_client():
     """
     Initializes the eureka client.
     """
@@ -63,9 +63,11 @@ def init_client(port: int):
                 instance_ip=os.getenv('CF_INSTANCE_INTERNAL_IP'),
                 instance_id=f"{env.uris[0]}:{env.app.get('instance_id') or '0'}",
                 instance_unsecure_port_enabled=True,
-                instance_port=port,
+                instance_port=80,
                 instance_secure_port_enabled=True,
-                instance_secure_port=port,
+                instance_secure_port=443,
+                vip_adr='UNKNOWN',
+                secure_vip_addr='UNKNOWN',
                 eureka_server=credentials['uri'],
                 on_error=_on_err
             )

greeter/app.py

@@ -1,16 +1,26 @@
 import os
+import logging
 from flask import Flask, request
-from shared import EurekaServerClient
+from eureka import init_client, call_service
+
+logging.basicConfig(level=logging.INFO)
+logger = logging.getLogger(__name__)
 
 app = Flask(__name__)
 
-@app.route('/greet')
-def greet():
-    name = request.args.get('name', 'World')
-    return f"Greetings, {name}!"
+try:
+    init_client()
+    logger.info("Eureka client initialized successfully")
+except Exception as e:
+    logger.error(f"Failed to initialize Eureka client: {e}")
+
+@app.route('/hello')
+def hello():
+    salutation = request.args.get('salutation', 'Hello')
+    name = request.args.get('name', 'Bob')
+    
+    return call_service("GREETER-MESSAGES", f"/greeting?salutation={salutation}&name={name}")
 
 if __name__ == '__main__':
-    port = int(os.getenv("PORT", '8080'))
-    eureka_client = EurekaServerClient(port)
-    eureka_client.start()
-    app.run(host='0.0.0.0', port=port) 
+    port = int(os.getenv('PORT', '8080'))
+    app.run(host='0.0.0.0', port=port)

greeter/eureka.py

@@ -0,0 +1,83 @@
+import os
+import urllib.request
+import logging
+from cfenv import AppEnv
+from oauth2 import OAuth2Client
+import py_eureka_client.eureka_client as eureka_client
+import py_eureka_client.http_client as http_client
+from urllib.error import URLError
+from typing import Union
+
+logger = logging.getLogger(__name__)
+
+class _OAuth2HttpClient(http_client.HttpClient):
+    """
+    A custom http client that uses OAuth2 to authenticate requests.
+    """
+
+    def __init__(self, credentials: dict):
+        self.oauth_client = OAuth2Client(
+            client_id=credentials['client_id'],
+            client_secret=credentials['client_secret'],
+            access_token_uri=credentials['access_token_uri']
+        )
+
+    async def urlopen(self, request: Union[str, http_client.HttpRequest] = None,
+                      data: bytes = None, timeout: float = None) -> http_client.HttpResponse:
+        if isinstance(request, http_client.HttpRequest):
+            req = request
+        elif isinstance(request, str):
+            req = http_client.HttpRequest(request, headers={'Accept-Encoding': 'gzip'})
+        else:
+            raise URLError("Invalid URL")
+
+        req = req._to_urllib_request()
+        req.add_header("Connection", "close")
+        req.add_header("Authorization", f"Bearer {self.oauth_client.get_access_token()}")
+        res = urllib.request.urlopen(req, data=data, timeout=timeout)
+        return http_client.HttpResponse(res)
+
+def _on_err(err_type: str, err: Exception):
+    logger.error(f"Eureka client error - Type: {err_type}, Error: {err}")
+    if err_type in (eureka_client.ERROR_REGISTER, eureka_client.ERROR_DISCOVER):
+        eureka_client.stop()
+
+def init_client():
+    """
+    Initializes the eureka client.
+    """
+
+    env = AppEnv()
+
+    service_registry = env.get_service(label="p.service-registry")
+    if not service_registry:
+        raise ValueError("No 'p.service-registry' service instance found.")
+
+    credentials = service_registry.credentials
+
+    http_client.set_http_client(_OAuth2HttpClient(credentials))
+
+    eureka_client.init(
+                app_name=env.name,
+                instance_host=env.uris[0],
+                instance_ip=os.getenv('CF_INSTANCE_INTERNAL_IP'),
+                instance_id=f"{env.uris[0]}:{env.app.get('instance_id') or '0'}",
+                instance_unsecure_port_enabled=True,
+                instance_port=80,
+                instance_secure_port_enabled=True,
+                instance_secure_port=443,
+                vip_adr='UNKNOWN',
+                secure_vip_addr='UNKNOWN',
+                eureka_server=credentials['uri'],
+                on_error=_on_err
+            )
+
+def call_service(name: str, path: str):
+    """
+    Calls a service with the given name and path.
+    """
+    try:
+        return eureka_client.do_service(app_name=name, service=path, prefer_https=True)
+    except urllib.request.HTTPError as e:
+        logger.error(f"Error calling service {name} at {path}: {e}")
+        raise e

greeter/oauth2.py

@@ -0,0 +1,70 @@
+import time
+import logging
+from typing import Optional
+import requests
+
+logger = logging.getLogger(__name__)
+
+class OAuth2Client:
+    """OAuth 2.0 client for handling client credentials flow with token caching"""
+
+    def __init__(self, client_id: str, client_secret: str, access_token_uri: str):
+        self.client_id = client_id
+        self.client_secret = client_secret
+        self.access_token_uri = access_token_uri
+        self.access_token: Optional[str] = None
+        self.token_expires_at: Optional[float] = None
+
+    def _is_token_expired(self, buffer_seconds: int = 30) -> bool:
+        """Check if the current token is expired or will expire soon"""
+        if not self.access_token or not self.token_expires_at:
+            return True
+
+        # Add buffer time to refresh token before it actually expires
+        return time.time() >= (self.token_expires_at - buffer_seconds)
+
+    def _request_new_token(self) -> str:
+        """Request a new access token from the OAuth server"""
+        # Prepare token request
+        token_data = {
+            'grant_type': 'client_credentials',
+            'client_id': self.client_id,
+            'client_secret': self.client_secret
+        }
+
+        headers = {
+            'Content-Type': 'application/x-www-form-urlencoded'
+        }
+
+        try:
+            response = requests.post(
+                self.access_token_uri,
+                data=token_data,
+                headers=headers,
+                timeout=30
+            )
+            response.raise_for_status()
+
+            token_response = response.json()
+            self.access_token = token_response.get('access_token')
+
+            # Calculate expiration time
+            expires_in = token_response.get('expires_in', 3600)  # Default to 1 hour
+            self.token_expires_at = time.time() + expires_in
+
+            if not self.access_token:
+                logger.error("No access token received")
+                raise ValueError("No access token received")
+
+            return self.access_token
+        except requests.exceptions.RequestException as e:
+            logger.error(f"Failed to get access token: {e}")
+            raise ValueError(f"Failed to get access token: {e}") from e
+
+    def get_access_token(self) -> str:
+        """Get OAuth 2.0 access token using client credentials flow"""
+        # Check if we have a valid cached token
+        if not self._is_token_expired():
+            return self.access_token
+        # Token is expired or doesn't exist, get a new one
+        return self._request_new_token()

greeter/requirements.txt

@@ -5,10 +5,12 @@ cfenv==0.5.3
 charset-normalizer==3.4.2
 click==8.2.1
 dill==0.4.0
+dnspython==2.7.0
 Flask==3.1.1
 furl==2.1.4
 gunicorn==23.0.0
 idna==3.10
+ifaddr==0.2.0
 isort==6.0.1
 itsdangerous==2.2.0
 Jinja2==3.1.6
@@ -17,10 +19,11 @@ mccabe==0.7.0
 orderedmultidict==1.0.1
 packaging==25.0
 platformdirs==4.3.8
+py_eureka_client==0.11.13
 pylint==3.3.7
 python-dotenv==1.0.0
 requests==2.31.0
 six==1.17.0
 tomlkit==0.13.3
 urllib3==2.5.0
-Werkzeug==3.1.3
+Werkzeug==3.1.3

manifest.yml

@@ -6,8 +6,6 @@ applications:
     path: greeter-messages
     services:
       - greeter-service-registry
-    env:
-      PROFILES: development
 
   - name: greeter
     random-route: true
@@ -16,5 +14,3 @@ applications:
     path: greeter 
     services:
       - greeter-service-registry
-    env:
-      PROFILES: development