GoogleCloudPlatform · jmdobry · Apr 29, 2016 · Apr 29, 2016 · Apr 29, 2016 · Apr 29, 2016
diff --git a/appengine/endpoints/README.md b/appengine/endpoints/README.md
@@ -0,0 +1,35 @@
+# Google Cloud Endpoints sample for Google App Engine
+
+This sample demonstrates how to use Google Cloud Endpoints on Google App Engine Flexible Environment using Node.js.
+
+## Running locally
+
+Refer to the [appengine/README.md](../README.md) file for instructions on
+running and deploying.
+
+## Send an echo request
+
+Choose your local or production server:
+
+```
+# If you're running locally, you won't need an API key.
+$ export ENDPOINTS_HOST=http://localhost:8080
+
+$ export ENDPOINTS_HOST=https://PROJECT-ID.appspot.com
+$ export ENDPOINTS_KEY=AIza...
+```
+
+Send the request:
+
+```
+$ curl -vv -d '{"message":"foo"}' -H 'Content-Type: application/json' "${ENDPOINTS_HOST}/echo?key=${ENDPOINTS_KEY}"
+```
+
+If you're running locally, you won't need an API key.
+
+## Sending authenticated requests
+
+No Node.js client is written yet, but you can try the Python client found [here][python-client].
+It will send authenticated JWT requests using a Google Cloud service account, or using a three-legged OAuth flow.
+
+[python-client]: https://github.com/GoogleCloudPlatform/python-docs-samples/tree/master/managed_vms/endpoints
diff --git a/appengine/endpoints/app.js b/appengine/endpoints/app.js
@@ -0,0 +1,44 @@
+// Copyright 2015-2016, Google, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+'use strict';
+
+var express = require('express');
+var bodyParser = require('body-parser');
+
+var app = express();
+app.use(bodyParser.json());
+
+app.post('/echo', function(req, res) {
+  res.status(200).json({message: req.body.message});
+});
+
+function authInfoHandler(req, res) {
+  var authUser = {id: 'anonymous'};
+  var encodedInfo = req.get('X-Endpoint-API-UserInfo');
+  if (encodedInfo) {
+    authUser = JSON.parse(new Buffer(encodedInfo, 'base64'));
+  }
+  res.status(200).json(authUser);
+}
+
+app.get('/auth/info/googlejwt', authInfoHandler);
+app.get('/auth/info/googleidtoken', authInfoHandler);
+
+// Start the server
+var server = app.listen(process.env.PORT || '8080', '0.0.0.0', function() {
+  console.log('App listening at http://%s:%s', server.address().address,
+    server.address().port);
+  console.log('Press Ctrl+C to quit.');
+});
diff --git a/appengine/endpoints/app.yaml b/appengine/endpoints/app.yaml
@@ -0,0 +1,24 @@
+# Copyright 2015-2016, Google, Inc.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+runtime: nodejs
+vm: true
+
+skip_files:
+  - ^(.*/)?.*/node_modules/.*$
+
+beta_settings:
+  # Enable Google Cloud Endpoints API management.
+  use_endpoints_api_management: true
+  # Specify the Swagger API specification.
+  endpoints_swagger_spec_file: swagger.yaml
diff --git a/appengine/endpoints/package.json b/appengine/endpoints/package.json
@@ -0,0 +1,20 @@
+{
+  "name": "appengine-endpoints",
+  "description": "Endpoints Node.js sample for Google App Engine",
+  "version": "0.0.1",
+  "private": true,
+  "license": "Apache Version 2.0",
+  "author": "Google Inc.",
+  "engines": {
+    "node": "~4.2"
+  },
+  "scripts": {
+    "start": "node app.js",
+    "monitor": "nodemon app.js",
+    "deploy": "gcloud preview app deploy"
+  },
+  "dependencies": {
+    "express": "^4.13.4",
+    "body-parser": "^1.15.0"
+  }
+}
diff --git a/appengine/endpoints/swagger.yaml b/appengine/endpoints/swagger.yaml
@@ -0,0 +1,106 @@
+swagger: "2.0"
+info:
+  description: "A simple Google Cloud Endpoints API example."
+  title: "Endpoints Example"
+  version: "1.0.0"
+host: "YOUR-PROJECT-ID.appspot.com"
+basePath: "/"
+consumes:
+- "application/json"
+produces:
+- "application/json"
+schemes:
+- "https"
+paths:
+  "/echo":
+    post:
+      description: "Echo back a given message."
+      operationId: "echo"
+      produces:
+      - "application/json"
+      responses:
+        200:
+          description: "Echo"
+          schema:
+            $ref: "#/definitions/echoMessage"
+      parameters:
+      - description: "Message to echo"
+        in: body
+        name: message
+        required: true
+        schema:
+          $ref: "#/definitions/echoMessage"
+  "/auth/info/googlejwt":
+    get:
+      description: "Returns the requests' authentication information."
+      operationId: "auth_info_google_jwt"
+      produces:
+      - "application/json"
+      responses:
+        200:
+          description: "Authenication info."
+          schema:
+            $ref: "#/definitions/authInfoResponse"
+      x-security:
+      - google_jwt:
+          audiences:
+          # This must match the "aud" field in the JWT. You can add multiple
+          # audiences to accept JWTs from multiple clients.
+          - "echo.endpoints.sample.google.com"
+  "/auth/info/googleidtoken":
+    get:
+      description: "Returns the requests' authentication information."
+      operationId: "authInfoGoogleIdToken"
+      produces:
+      - "application/json"
+      responses:
+        200:
+          description: "Authenication info."
+          schema:
+            $ref: "#/definitions/authInfoResponse"
+      x-security:
+      - google_id_token:
+          audiences:
+          # Your OAuth2 client's Client ID must be added here. You can add
+          # multiple client IDs to accept tokens from multiple clients.
+          - "YOUR-CLIENT-ID"
+definitions:
+  echoMessage:
+    properties:
+      message:
+        type: "string"
+  authInfoResponse:
+    properties:
+      id:
+        type: "string"
+      email:
+        type: "string"
+# This section requires all requests to any path to require an API key.
+security:
+- api_key: []
+securityDefinitions:
+  # This section configures basic authentication with an API key.
+  api_key:
+    type: "apiKey"
+    name: "key"
+    in: "query"
+  # This section configures authentication using Google API Service Accounts
+  # to sign a json web token. This is mostly used for server-to-server
+  # communication.
+  google_jwt:
+    authorizationUrl: ""
+    flow: "implicit"
+    type: "oauth2"
+    # This must match the 'iss' field in the JWT.
+    x-issuer: "jwt-client.endpoints.sample.google.com"
+    # Update this with your service account's email address.
+    x-jwks_uri: "https://www.googleapis.com/service_accounts/v1/jwk/YOUR-SERVICE-ACCOUNT-EMAIL"
+  # This section configures authentication using Google OAuth2 ID Tokens.
+  # ID Tokens can be obtained using OAuth2 clients, and can be used to access
+  # your API on behalf of a particular user.
+  google_id_token:
+    authorizationUrl: ""
+    flow: "implicit"
+    type: "oauth2"
+    x-issuer: "accounts.google.com"
+    x-jwks_uri: "https://www.googleapis.com/oauth2/v1/certs"