Approov is an API security solution used to verify that requests received by your backend services originate from trusted versions of your mobile apps, and here you can find the Hello servers examples that are the base for the Approov quickstarts for the Python Fast API framework.
For more information about how Approov works and why you should use it you can read the Approov Overview at the root of this repo.
If you are looking for the Approov quickstarts to integrate Approov in your Python Fast API server then you can find them here.
To learn more about each Hello server example you need to read the README for each one at:
- Unprotected Server
- Approov Protected Server - Token Check
- Approov Protected Server - Token Binding Check
The docker stack provided via the docker-compose.yml
file in this folder is used for development proposes and if you are familiar with docker then feel free to also use it to follow along the examples on the README of each server.
If you decide to use the docker stack then you need to bear in mind that the Postman collections, used to test the servers examples, will connect to port 8002
therefore you cannot start all docker compose services at once, for example with docker-compose up
, instead you need to run one at a time as exemplified below.
Do not forget to properly setup the .env
file in the root of each Approov protected server example before you run the server with the docker stack.
cp src/approov-protected-server/token-check/.env.example src/approov-protected-server/token-check/.env
cp src/approov-protected-server/token-binding-check/.env.example src/approov-protected-server/token-binding-check/.env
Edit each file and add the dummy secret to it in order to be able to test the Approov integration with the provided Postman collection.
The three services in the docker-compose.yml
use the same Dockerfile, therefore to build the Docker image we just need to used one of them:
sudo docker-compose build approov-token-binding-check
Now, you are ready to start using the Docker stack for Python.
To run each of the Hello servers with docker compose you just need to follow the respective example below.
Run the container attached to your machine bash shell:
sudo docker-compose up unprotected-server
or get a bash shell inside the container:
sudo docker-compose run --rm --service-ports unprotected-server zsh
Run the container attached to the shell:
sudo docker-compose up approov-token-check
or get a bash shell inside the container:
sudo docker-compose run --rm --service-ports approov-token-check zsh
Run the container attached to the shell:
sudo docker-compose up approov-token-binding-check
or get a bash shell inside the container:
sudo docker-compose run --rm --service-ports approov-token-binding-check zsh
If you find any issue while following our instructions then just report it here, with the steps to reproduce it, and we will sort it out and/or guide you to the correct path.
If you wish to explore the Approov solution in more depth, then why not try one of the following links as a jumping off point: