Description:
I’m currently working on an application where I need to retrieve username details from a URL using a certain encoding format. To achieve this, I’m using a custom authenticator within Z2JH kubernets setup under extra config. Here’s the relevant code snippet:
extraConfig:
custom_login.py: |
from tornado import gen, web
from jupyterhub.handlers import BaseHandler
from jupyterhub.auth import Authenticator
class MyAuthenticator(Authenticator):
login_service = "My Service"
@gen.coroutine
def authenticate(self,handler,data):
print("Entered into authentication")
username = handler.get_argument("username", default="")
password = handler.get_argument("password", default="")
if username == "user" and password == "password":
# Return a dictionary with user information
return {
'name': username,
}
else:
return None # Authentication failed
c.JupyterHub.authenticator_class = MyAuthenticator
However, I’m encountering difficulties accessing the authenticate function. I’ve ensured that the necessary ‘username’ and ‘password’ fields are present in the data parameter, but I’m still unable to make it work.
using url like
http://192.168.49.2:30268/hub/login?next=&username=user&password=password
I observed logs to see print output and written some syntax error inside authenticate function still it is not detecting.
Could anyone provide insights into why I might be facing this issue? Any help would be greatly appreciated!
Could you share your logs? What errors are you getting?
It is not giving any error related logs.
Due to the absence of relevant logs and the lack of detection of the authenticate function, I realized the function might not be detected.
[I 2023-08-22 08:14:05.344 JupyterHub log:186] 200 GET /hub/login?next=&username=user&password=password (@::ffff:10.244.0.1) 1.44ms
[D 2023-08-22 08:14:05.383 JupyterHub log:186] 200 GET /hub/health (@10.244.0.1) 0.58ms
[D 2023-08-22 08:14:07.384 JupyterHub log:186] 200 GET /hub/health (@10.244.0.1) 0.97ms
[D 2023-08-22 08:14:09.383 JupyterHub log:186] 200 GET /hub/health (@10.244.0.1) 0.96ms
[D 2023-08-22 08:14:11.383 JupyterHub log:186] 200 GET /hub/health (@10.244.0.1) 0.91ms
[D 2023-08-22 08:14:13.383 JupyterHub log:186] 200 GET /hub/health (@10.244.0.1) 0.89ms
still in the same login page
I think the issue is that /hub/login must do a POST request with user credentials to trigger auth flow. That is why you authenticate function never gets called.
Then what changes should I make?
You must do a POST request to /hub/login<url_params> instead of GET.
Thankyou, now I can able detect authenticate function with POST request.
But How Can I make a POST request from another server and skip the login page?
In browser it is taking default GET request.
What are you exactly trying to achieve? There are other ways to do authentication. Check documentation.
I have a server that authenticates a user with his or her institutional login. After logging into the institution server/website, the users’ data are encoded – only some details to identify the user. They are then redirected to a the jupyterhub domain in the following way https://<mydomain>/hub/login?data=<here go the encrypted data>
Now, if a request gets sent like this to my jupyterhub-domain, I’d like to decrypt the submitted data, and authenticate the user.
Well, it seems to me that you should use OpenID connect, SAML flow or JWT based auth to achieve depending on your institutional SSO. There are authenticators available on JupyterHub GitHub wiki. Maybe they can help you!
1 Like
Thank you, for your inputs @mahendrapaipuri
I successfully fulfilled my requirements by employing the auto_login method in conjunction with the authenticate method.