hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-18 15:33:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

authenticate API requests to the proxy

Browse Source 
and add configproxy cli via mininimist
This commit is contained in:
MinRK
2014-07-07 17:35:01 -05:00
parent d2c08b1611
commit 308209f71a
3 changed files with 74 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
multiuser/js/configproxy.js
View File

@@ -42,11 +42,28 @@ var json_handler = function (handler) {
}; };
}; };
var authorized = function (method) {
return function (req, res) {
console.log(req.headers);
auth = req.headers.authorization;
console.log(auth, this.auth_token);
if (!this.auth_token || auth == this.auth_token) {
return method.apply(this, arguments);
} else {
res.writeHead(403);
res.end();
}
};
};
var ConfigurableProxy = function (options) { var ConfigurableProxy = function (options) {
var that = this; var that = this;
this.options = options || {}; this.options = options || {};
this.auth_token = this.options.auth_token;
this.upstream_ip = this.options.upstream_ip || 'localhost';
this.upstream_port = this.options.upstream_port || 8001; this.upstream_port = this.options.upstream_port || 8001;
this.default_target = 'http://localhost:' + this.upstream_port;
this.default_target = "http://" + this.upstream_ip + ":" + this.upstream_port;
this.routes = {}; this.routes = {};
var proxy = this.proxy = httpProxy.createProxyServer({ var proxy = this.proxy = httpProxy.createProxyServer({
@@ -57,15 +74,15 @@ var ConfigurableProxy = function (options) {
this.handlers = [ this.handlers = [
[ /^\/api\/routes$/, { [ /^\/api\/routes$/, {
get : bound(this, this.get_routes) get : bound(this, authorized(this.get_routes))
} ], } ],
[ /^\/api\/routes(\/.*)$/, { [ /^\/api\/routes(\/.*)$/, {
post : json_handler(bound(this, this.post_routes)), post : json_handler(bound(this, authorized(this.post_routes))),
'delete' : bound(this, this.delete_routes) 'delete' : bound(this, authorized(this.delete_routes))
} ] } ]
]; ];
this.server = http.createServer( this.server = this.proxy_server = http.createServer(
function (req, res) { function (req, res) {
try { try {
return that.handle_request(req, res); return that.handle_request(req, res);
@@ -80,10 +97,6 @@ var ConfigurableProxy = function (options) {
this.server.on('upgrade', bound(this, this.handle_ws)); this.server.on('upgrade', bound(this, this.handle_ws));
}; };
ConfigurableProxy.prototype.listen = function (port) {
this.server.listen(port);
};
ConfigurableProxy.prototype.fail = function (res, code, msg) { ConfigurableProxy.prototype.fail = function (res, code, msg) {
res.writeHead(code); res.writeHead(code);
res.write(msg); res.write(msg);

48
multiuser/js/main.js
View File

@@ -1,6 +1,50 @@
#!/usr/bin/env node #!/usr/bin/env node
/*
cli entrypoint for starting a Configurable Proxy
*/
var fs = require('fs');
var minimist = require('minimist');
var ConfigurableProxy = require('./configproxy.js').ConfigurableProxy; var ConfigurableProxy = require('./configproxy.js').ConfigurableProxy;
var proxy = new ConfigurableProxy(); var argv = minimist(process.argv.slice(2), {boolean: ['h', 'help']});
proxy.listen(8000);
if (argv.h || argv.help) {
console.log("help!");
process.exit();
}
var options = {};
if (argv.ssl_key) {
options.key = fs.readFileSync(argv.ssl_key);
}
if (argv.ssl_cert) {
options.cert = fs.readFileSync(argv.ssl_cert);
}
options.upstream_ip = argv.upstream_ip;
options.upstream_port = argv.upstream_port;
options.api_token = process.env.CONFIGPROXY_AUTH_TOKEN;
var proxy = new ConfigurableProxy(options);
var listen = {};
listen.port = argv.port || 8000;
listen.ip = argv.ip;
listen.api_ip = argv.api_ip || 'localhost';
listen.api_port = argv.api_port || listen.port + 1;
proxy.proxy_server.listen(listen.port, listen.ip);
// proxy.api_server(listen.api_port, listen.api_ip);
console.log(
"Proxying " + (listen.ip || '*') + ":" + listen.port +
" to " + proxy.upstream_ip + ":" + proxy.upstream_port
);
if (options.api_ip || options.api_port) {
console.log("API entry points on " + (listen.api_ip || '*') + ":" + listen.api_port);
}

7
multiuser/multiuser.py
View File

@@ -146,6 +146,9 @@ class SingleUserManager(LoggingConfigurable):
users = Dict() users = Dict()
routes_t = Unicode('http://localhost:8000/api/routes{uri}') routes_t = Unicode('http://localhost:8000/api/routes{uri}')
single_user_t = Unicode('http://localhost:{port}') single_user_t = Unicode('http://localhost:{port}')
proxy_auth_token = Unicode()
def _proxy_auth_token_default(self):
return str(uuid.uuid4())
def _wait_for_port(self, port, timeout=2): def _wait_for_port(self, port, timeout=2):
tic = time.time() tic = time.time()
@@ -157,7 +160,6 @@ class SingleUserManager(LoggingConfigurable):
else: else:
break break
def get_session(self, user, **kwargs): def get_session(self, user, **kwargs):
if user not in self.users: if user not in self.users:
kwargs['user'] = user kwargs['user'] = user
@@ -178,6 +180,7 @@ class SingleUserManager(LoggingConfigurable):
target=self.single_user_t.format(port=port), target=self.single_user_t.format(port=port),
user=user, user=user,
)), )),
headers={'Authorization': self.proxy_auth_token},
) )
self._wait_for_port(port) self._wait_for_port(port)
r.raise_for_status() r.raise_for_status()
@@ -375,6 +378,8 @@ def main():
) )
http_server = tornado.httpserver.HTTPServer(application) http_server = tornado.httpserver.HTTPServer(application)
http_server.listen(options.port) http_server.listen(options.port)
env = os.environ.copy()
env['CONFIGPROXY_AUTH_TOKEN'] = user_manager.proxy_auth_token
proxy = Popen(["node", os.path.join(here, 'js', 'main.js')]) proxy = Popen(["node", os.path.join(here, 'js', 'main.js')])
try: try:
tornado.ioloop.IOLoop.instance().start() tornado.ioloop.IOLoop.instance().start()