Handling Cross-Origin Resource Sharing
If you're hosting a Live Experience application in a third party container system such as Google App Engine, you may not be able to directly host the sample JWT Bourne shell script.
To retrieve a JWT token from the sample script, you'll need to deploy a mechanism to handle Cross-origin Resource Sharing (CORS). The CORS mechanism will enable you to pull a JWT from the JWT script within your container service.
The example below shows a simple Python script that you can deploy in your container
service to handle CORS issues. You'll need to note the following:
- If you've renamed the sample JWT script to
auth.cgi
, update the appropriate lines referencingauth.sh
. - Likewise on the final line, set the IP address of the hosting system and the port on which the python script is listening (default: 8000).
- You can then run the sample JWT script from the /cgi-bin of the web service.
Note: Use the CORS script for development purpose only.
import bottle
from bottle import response
import subprocess
class EnableCors(object):
name = 'enable_cors'
api = 2
def apply(self, fn, context):
def _enable_cors(*args, **kwargs):
# set CORS headers
response.headers['Access-Control-Allow-Origin'] = '*'
response.headers['Access-Control-Allow-Methods'] = 'GET, POST, PUT, OPTIONS'
response.headers['Access-Control-Allow-Headers'] = 'Origin, Accept,
Content-Type,
X-Requested-With,
X-CSRF-Token'
if bottle.request.method != 'OPTIONS':
# actual request; reply with the actual response
return fn(*args, **kwargs)
return _enable_cors
app = bottle.app()
@app.route('/auth.sh', method=['OPTIONS', 'GET'])
def auth():
response.set_header('Content-Type', 'application/json')
completed = subprocess.run(["/bin/bash","./auth.sh"], stdout=subprocess.PIPE)
print('auth.sh:', completed.returncode)
print('Have {} bytes in stdout:\n{}'.format(len(completed.stdout), completed.stdout.decode('utf-8')))
return completed.stdout.decode('utf-8')
app.install(EnableCors())
app.run(host="0.0.0.0", port=8000)