Adding a gRPC server example written in Python. (#11)

README.md

@@ -5,34 +5,35 @@ This is a repository that contains examples of [Tyk Plugins](https://tyk.io/docs
 Here's the [different phases you can inject plugins](https://tyk.io/docs/concepts/middleware-execution-order/) in the request lifecycle.  A [response plugin](https://tyk.io/docs/plugins/response-plugins/) is also possible.
 
 ## Examples
-Language | Phase | Description | Link 
--------- | ----- |------------ | --- 
-Golang	|	All	|	Go plugin for v3.2.2 which uses Go Mods	|	[Link](plugins/go-plugin-v322-example)
-Golang	|	Pre	|	Injects client certificate attributes as a Header	|	[Link](plugins/go-pre-cert_inject_dn)
-GoLang	|	Post-Auth	|	OAuth2 Introspection	|	[Link](plugins/go-postauth-oauth2_introspection)
-GoLang	|	Post-Auth	|	Authorizes request against OPA	|	[Link](plugins/go-postauth-opa_integration)
-Golang	|	Post + Auth	|	Dummy one to test the 2 hooks in go	|	[Link](plugins/go-auth-multiple_hook_example)
-Golang	|	Pre	|	Checks Basic Auth creds  against an AWS DynamoDB instance	|	[Link](plugins/go-auth-basicauth_dynamodb)
-gRPC (GoLang)	|	Pre	|	Header Injection & Auth example	|	[Link](plugins/grpc_go-auth-pre_headerinject_authhook) 
-gRPC (GoLang)	|	Pre	|	Invokes an AWS Lambda	|	[Link](plugins/grpc_go-pre-aws_lambda) 
-gRPC (Java)	|	Auth	|	Decodes JWT, inserts a claim and resigns it	|	[Link](plugins/grpc_java-auth-jwt_decoder_repackager) 
-gRPC (Java)	|	Post	|	Inserts Metadata from the portal requested key as an HTTP header	|	[Link](plugins/grpc_java-post-insert_metadata_as_header) 
-gRPC (.NET)	|	Auth	|	Performs auth check against a SQL server	|	[Link](plugins/grpc_dotnet-auth_sql_basicauth ) 
-gRPC (Ruby)	|	Pre  |	Modifies HTTP header	|	[Link](plugins/grpc_ruby-pre-header_modify) 
-Javascript	|	Pre	|	Inserts tracing ID in header	|	[Link](plugins/js-pre-insert_header)
-Javascript	|	Pre	|	Auth Token & mTLS protection	|	[Link](plugins/js-pre-mtls_token_auth)
-Javascript	|	Pre	|	Evaluates the validity of a Tyk Token	|	[Link](plugins/js-pre-token_inspection)
-Javascript	|	Post	|	Checks API requests against a WAF	|	[Link](plugins/js-pre-post-waf)
-Javascript	|	Post-Auth	|	Checks the request path against the user's meta data.  If there is a cross-over, will deny the request	|	[Link](plugins/js-post_auth-checks_path_against_metadata)
-Lua	|	Pre	|	header injection	|	[Link](plugins/lua-pre-header_injection) 
-Python	|	Auth	|	Checks API requests against a hard-coded token	|	[Link](plugins/py-auth_example) 
-Python	|	Auth	|	Validates credentials against an LDAP server	|	[Link](plugins/py-auth-ldap_example) 
-Python	|	Pre	|	This plugin sends a message to a queue server, it uses kombu as the messaging library	|	[Link](plugins/py-pre-message_queue_kombo) 
-Python	|	Pre	|	This plugin sends log data to a Datadog agent.	|	[Link](plugins/py-pre-datadog_logger) 
-Python	|	Pre	|	This plugin sends log data to a Loggly HTTPS endpoint	|	[Link](plugins/py-pre-loggly_integration) 
-Python	|	Pre	|	This plugin will block requests from specific user agents, using regular expressions.	|	[Link](plugins/py-pre-bot_detection) 
-Python	|	Pre  +  Post	|	Inserts a correlation ID as a header	|	[Link](plugins/py-pre_post-correlation_id_insert)
-Python	|	Post	|	Injects a signed JWT as Authorization Header	|	[Link](plugins/py-post-jwt-injection) 
+Language | Phase | Description                                                                                              | Link 
+-------- | ----- |----------------------------------------------------------------------------------------------------------| --- 
+Golang	|	All	| 	Go plugin for v3.2.2 which uses Go Mods	                                                                |	[Link](plugins/go-plugin-v322-example)
+Golang	|	Pre	| 	Injects client certificate attributes as a Header	                                                      |	[Link](plugins/go-pre-cert_inject_dn)
+GoLang	|	Post-Auth	| 	OAuth2 Introspection	                                                                                   |	[Link](plugins/go-postauth-oauth2_introspection)
+GoLang	|	Post-Auth	| 	Authorizes request against OPA	                                                                         |	[Link](plugins/go-postauth-opa_integration)
+Golang	|	Post + Auth	| 	Dummy one to test the 2 hooks in go	                                                                    |	[Link](plugins/go-auth-multiple_hook_example)
+Golang	|	Pre	| 	Checks Basic Auth creds  against an AWS DynamoDB instance	                                              |	[Link](plugins/go-auth-basicauth_dynamodb)
+gRPC (GoLang)	|	Pre	| 	Header Injection & Auth example	                                                                        |	[Link](plugins/grpc_go-auth-pre_headerinject_authhook) 
+gRPC (GoLang)	|	Pre	| 	Invokes an AWS Lambda	                                                                                  |	[Link](plugins/grpc_go-pre-aws_lambda) 
+gRPC (Java)	|	Auth	| 	Decodes JWT, inserts a claim and resigns it	                                                            |	[Link](plugins/grpc_java-auth-jwt_decoder_repackager) 
+gRPC (Java)	|	Post	| 	Inserts Metadata from the portal requested key as an HTTP header	                                       |	[Link](plugins/grpc_java-post-insert_metadata_as_header) 
+gRPC (.NET)	|	Auth	| 	Performs auth check against a SQL server	                                                               |	[Link](plugins/grpc_dotnet-auth_sql_basicauth ) 
+gRPC (Ruby)	|	Pre  | 	Modifies HTTP header	                                                                                   |	[Link](plugins/grpc_ruby-pre-header_modify) 
+gRPC (Python)	|	Pre  | 	Inserts a HTTP header	                                                                                  |	[Link](plugins/grpc_python-pre-insert_header) 
+Javascript	|	Pre	| 	Inserts tracing ID in header	                                                                           |	[Link](plugins/js-pre-insert_header)
+Javascript	|	Pre	| 	Auth Token & mTLS protection	                                                                           |	[Link](plugins/js-pre-mtls_token_auth)
+Javascript	|	Pre	| 	Evaluates the validity of a Tyk Token	                                                                  |	[Link](plugins/js-pre-token_inspection)
+Javascript	|	Post	| 	Checks API requests against a WAF	                                                                      |	[Link](plugins/js-pre-post-waf)
+Javascript	|	Post-Auth	| 	Checks the request path against the user's meta data.  If there is a cross-over, will deny the request	 |	[Link](plugins/js-post_auth-checks_path_against_metadata)
+Lua	|	Pre	| 	header injection	                                                                                       |	[Link](plugins/lua-pre-header_injection) 
+Python	|	Auth	| 	Checks API requests against a hard-coded token	                                                         |	[Link](plugins/py-auth_example) 
+Python	|	Auth	| 	Validates credentials against an LDAP server	                                                           |	[Link](plugins/py-auth-ldap_example) 
+Python	|	Pre	| 	This plugin sends a message to a queue server, it uses kombu as the messaging library	                  |	[Link](plugins/py-pre-message_queue_kombo) 
+Python	|	Pre	| 	This plugin sends log data to a Datadog agent.	                                                         |	[Link](plugins/py-pre-datadog_logger) 
+Python	|	Pre	| 	This plugin sends log data to a Loggly HTTPS endpoint	                                                  |	[Link](plugins/py-pre-loggly_integration) 
+Python	|	Pre	| 	This plugin will block requests from specific user agents, using regular expressions.	                  |	[Link](plugins/py-pre-bot_detection) 
+Python	|	Pre  +  Post	| 	Inserts a correlation ID as a header	                                                                   |	[Link](plugins/py-pre_post-correlation_id_insert)
+Python	|	Post	| 	Injects a signed JWT as Authorization Header	                                                           |	[Link](plugins/py-post-jwt-injection) 
 
 
 ## Virtual Endpoints

plugins/grpc_python-pre-insert_header/README.md

@@ -0,0 +1,56 @@
+# Tyk gRPC Plugin Demo (Python)
+This plugin will allow users to write gRPC middleware for Tyk using [Python](https://www.python.org/).
+
+## Requirements:
+Please find the pip3 requirements located in the `requirements.txt` file.
+* Python 3.*
+* Tyk Gateway 4.0.*
+
+## Deploying the gRPC Python Server
+Assuming you are in the `custom-plugins/plugins/grpc_python-pre-insert_header/` directory, install the requirements, navigate into the `proto/` directory and launch the Python 3 server.
+```bash
+pip3 install -r requirements.txt
+
+cd proto/ 
+
+python3 sample_server.py
+```
+Please note that you may also launch the sample_server.py process by attaching a debugger to it. This allows you to intercept calls that the Tyk-Gateway makes to your gRPC server and is useful for debugging purposes.
+
+## Enabling gRPC on the Tyk-Gateway
+The server now will be running on tcp://localhost:5555. Please find the documentation for enabling gRPC plugins [here](https://tyk.io/docs/plugins/supported-languages/rich-plugins/grpc/write-grpc-plugin/).  
+
+At minimum, the Tyk-Gateway needs to know that coprocess is enabled, as well as where the gRPC server lives. These options can be set in the configuration file with the following definitions:  
+```json
+"coprocess_options" : {
+  "enable_coprocess":   true,
+  "coprocess_grpc_server": "tcp://localhost:5555"
+}
+```
+
+However, if you prefer using [environment variables](https://tyk.io/docs/tyk-oss-gateway/configuration/), ensure that you have the following environment variables configured for the Tyk-Gateway. Environment variables supercede the configuration files when both are set. 
+
+```bash
+TYK_GW_COPROCESSOPTIONS_ENABLECOPROCESS=true
+TYK_GW_COPROCESSOPTIONS_COPROCESSGRPCSERVER=tcp://localhost:5555
+```
+
+## Adding gRPC to the API Definition
+You'll notice that in `sample_server.py` there are a few example functions such as `MyPreMiddleware`, `MyPostMiddleware` and `MyAuthCheck`. These functions are where you can add your custom logic. Supposing you wish to inject a header at the `Custom pre-middlewares` section of the [request middleware chain](https://tyk.io/docs/concepts/middleware-execution-order/), you can add the following to your Tyk API definition:
+```json
+    "custom_middleware": {
+      "pre": [
+        {
+          "name": "MyPreMiddleware",
+          "path": "",
+          "require_session": false,
+          "raw_body_only": false
+        }
+      ],
+      "driver": "grpc"
+    },
+```
+Essentially this specifies that we are invoking some gRPC function `MyPreMiddlware` at the `pre` stage of the request. When making calls to your Tyk managed API, you will find that the header `MyPreMiddleware` gets inserted in the API request to your upstream service. 
+
+## Updating protobuf definitions
+Should you need to update the protobuf definitions, you simply need to generate them from the Tyk-Gateway repository [located here](https://github.com/TykTechnologies/tyk). The script to update the protobuf bindings is located [here](https://github.com/TykTechnologies/tyk/blob/master/coprocess/proto/update_bindings.sh), and the resultant protobuf definitions can be located under the directory `tyk/coprocess/bindings/python/*`.

plugins/grpc_python-pre-insert_header/proto/.gitignore

@@ -0,0 +1,4 @@
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class