GoogleCloudPlatform · theacodes · Sep 13, 2017 · May 4, 2017 · May 9, 2017 · Jun 15, 2017
diff --git a/iap/example_gce_backend.py b/iap/example_gce_backend.py
@@ -0,0 +1,30 @@
+CLOUD_PROJECT_ID = 'YOUR_PROJECT_ID'
+BACKEND_SERVICE_ID = 'YOUR_BACKEND_SERVICE_ID'
+
+from flask import Flask
+from flask import request
+
+import platform
+
+from validate_jwt import validate_iap_jwt_from_compute_engine
+
+app = Flask(__name__)
+
+@app.route('/')
+def root():
+    jwt = request.headers.get('x-goog-iap-jwt-assertion')
+    if jwt is None:
+        return 'Unauthorized request.', 401
+    user_id, user_email, error_str = validate_iap_jwt_from_compute_engine(
+            jwt, CLOUD_PROJECT_ID, BACKEND_SERVICE_ID)
+    if error_str:
+        return "Error: %s" % error_str
+    else:
+      return "Hi, {}. I am {}.".format(user_email, platform.node())
+
+@app.route('/healthz')
+def health():
+    return 'OK', 200
+
+if __name__ == '__main__':
+    app.run(host='0.0.0.0', port=80)
diff --git a/iap/requirements.txt b/iap/requirements.txt
@@ -1,5 +1,6 @@
 PyJWT==1.5.2
 cryptography==2.0.3
+flask
 google-auth==1.0.2
 requests==2.18.4
 requests_toolbelt==0.8.0