Giter Club home page Giter Club logo

jwtauthenticator_v2's Introduction

JupyterHub tokenauthenticator - A JWT Token Authenticator for JupyterHub

Authenticate to Jupyterhub using a query parameter for the JSONWebToken, or by an authenticating proxy that can set the Authorization header with the content of a JSONWebToken.

Installation

This package can be installed with pip:

pip install jupyterhub-jwtauthenticator-v2

Alternately, you can clone this repository and run:

cd jwtauthenticator
pip install -e .

Configuration

You should edit your :file:jupyterhub_config.py to set the authenticator class, the JSONWebTokenLocalAuthenticator provides features such as local user creation. If you already have local users then you may use the JSONWebTokenAuthenticator authenticator class:

For authentication and local user creation
c.JupyterHub.authenticator_class = 'jwtauthenticator.JSONWebTokenLocalAuthenticator'

This class is derived from LocalAuthenticator and therefore provides features such as the ability to add local accounts through the admin interface if configured to do so.

For authentication of the token only
c.JupyterHub.authenticator_class = 'jwtauthenticator.JSONWebTokenAuthenticator'
Required configuration

You'll also need to set some configuration options including the location of the signing certificate (in PEM format), field containing the userPrincipalName or sAMAccountName/username, and the expected audience of the JSONWebToken. This last part is optional, if you set audience to an empty string then the authenticator will skip the validation of that field.

# Only one of two following fields must be set.  
# If both, then "secret" will be the signing method used.
# The secrect key used to generate the given token
c.JSONWebTokenAuthenticator.secret = '<secret-key>'   
         
# -OR-
# The certificate used to sign the incoming JSONWebToken, must be in PEM Format
c.JSONWebTokenAuthenticator.signing_certificate = '/foo/bar/adfs-signature.crt'

# The claim field contianing the username/sAMAccountNAme/userPrincipalName
c.JSONWebTokenAuthenticator.username_claim_field = 'username'

# This config option should match the aud field of the JSONWebToken, empty string to disable the validation of this field.
c.JSONWebTokenAuthenticator.expected_audience = 'https://myApp.domain.local/'

# This will enable local user creation upon authentication, requires JSONWebTokenLocalAuthenticator
c.JSONWebLocalTokenAuthenticator.create_system_users = True

# Only the one of three follwing sources for JWT token must be set at the time. If you want to disable inspection
# of some of sources, set corresponding value to '' 

# URL for redirecting to in the case of invalid auth token
c.JSONWebTokenAuthenticator.auth_url = 'https://auth.example.com' 

# Name of query param for auth_url to pass return URL
c.JSONWebTokenAuthenticator.retpath_param = 'retpath' 

# Header name to retrieve JWT token
c.JSONWebTokenAuthenticator.header_name = 'X-Auth-Token'  
 
# Cookie name to retrieve JWT token                      
c.JSONWebTokenAuthenticator.cookie_name = 'auth_token'

# Query param to retrieve JWT token                         
c.JSONWebTokenAuthenticator.param_name = 'auth_token'

You should be able to start jupyterhub. :)

Issues

If you have any issues or bug reports, all are welcome in the issues section. I'll do my best to respond quickly.

Contribution

If you want to fix the bugs yourself then raise a PR and I'll take a look :)

jwtauthenticator_v2's People

Contributors

datamafia avatar glehmann avatar groodt avatar harschware avatar mogthesprog avatar morgan-jones-dunnhumby avatar thefrozenfire avatar yuvipanda avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.