An experimental project adding authorization to Jupyter's core services. This allows multiple users to access the same Jupyter Server.
Adds an authorized
wrapper (i.e. decorator) to Jupyter Server's tornado handlers to check which actions are allowed for the current_user
.
Currently, this project only provides Jupyter's Contents API—it acts like a shared drive. We can expand this to other Jupyter services, i.e. kernels.
jupyter_authorized_server
can be run as a JupyterHub Service. This enables JupyterHub to be the provider of authenticated users. Authorization is (currently) pulled from a policy.csv file. In the future, we can source this information from the authenticators in JupyterHub.
Run the following example from the /example
folder and follow these steps.
- Install JupyterHub and the jupyter_authorized_server:
pip install jupyterhub git clone https://github.com/Zsailer/jupyter_authorized_server cd jupyter_authorized_server pip install -e .
- Navigate to the
/example
folder - Run
sh hub.sh
. - Open your browser window, and go to the hub's homepage: http://localhost:8000
- Sign in as
alice
. - Visit http://localhost:8000/services/jhubshare/contents/hubconfig.py
You should see the server response with a JSON blog that contains the contents of the
hubconfig.py
file. - Return to the hub's homepage: http://localhost:8000/
- Sign out of
alice
's account and sign-in asbob
. - Visit http://localhost:8000/services/jhubshare/contents/hubconfig.py
You should see an
Unauthorized
error.