Skip to content
Snippets Groups Projects
Commit 23b95a05 authored by František Dvořák's avatar František Dvořák
Browse files

Token exchange with JWT + changes for EOSC

* token exchange with JWT
* exctract EOSC primary group
* enable debugging on development instance
parent c569178f
No related branches found
No related tags found
No related merge requests found
...@@ -110,8 +110,8 @@ hub: ...@@ -110,8 +110,8 @@ hub:
url: "http://jwt/" url: "http://jwt/"
display: false display: false
image: image:
name: valtri/hub name: eginotebooks/hub
tag: "eosc9-jwt" tag: "sha-323c75e"
config: config:
Authenticator: Authenticator:
enable_auth_state: true enable_auth_state: true
...@@ -129,7 +129,7 @@ hub: ...@@ -129,7 +129,7 @@ hub:
userdata_url: "https://{{ secret['checkin_host'] }}/OIDC/userinfo" userdata_url: "https://{{ secret['checkin_host'] }}/OIDC/userinfo"
client_id: "{{ secret['client_id'] }}" client_id: "{{ secret['client_id'] }}"
client_secret: "{{ secret['client_secret'] }}" client_secret: "{{ secret['client_secret'] }}"
oauth_callback_url: "https://fullhub.eosc.zcu.cz/hub/oauth_callback" oauth_callback_url: "https://{{ notebooks_hostname }}/hub/oauth_callback"
openid_configuration_url: "https://proxy.testing.eosc-federation.eu/.well-known/openid-configuration" openid_configuration_url: "https://proxy.testing.eosc-federation.eu/.well-known/openid-configuration"
scope: ["openid", "profile", "email", "offline_access", "entitlements"] scope: ["openid", "profile", "email", "offline_access", "entitlements"]
username_claim: "sub" username_claim: "sub"
...@@ -138,7 +138,7 @@ hub: ...@@ -138,7 +138,7 @@ hub:
JupyterHub: JupyterHub:
admin_access: true admin_access: true
authenticate_prometheus: false authenticate_prometheus: false
authenticator_class: egi_notebooks_hub.egiauthenticator.EGICheckinAuthenticator authenticator_class: egi_notebooks_hub.egiauthenticator.EOSCNodeAuthenticator
# spawner_class: (in egi-notebooks-b2drop) # spawner_class: (in egi-notebooks-b2drop)
extraConfig: extraConfig:
egi-notebooks-welcome: |- egi-notebooks-welcome: |-
...@@ -421,3 +421,6 @@ hub: ...@@ -421,3 +421,6 @@ hub:
{%- raw %} {%- raw %}
{% extends "login.html" %} {% extends "login.html" %}
{% endraw %} {% endraw %}
debug:
enabled: true
...@@ -14,6 +14,7 @@ all: ...@@ -14,6 +14,7 @@ all:
site_name: cesnet-central site_name: cesnet-central
vault_mount_point: secrets/users/e1662e20-e34b-468c-b0ce-d899bc878364@egi.eu/eosc-dev vault_mount_point: secrets/users/e1662e20-e34b-468c-b0ce-d899bc878364@egi.eu/eosc-dev
notebooks_hostname: fullhub.eosc.zcu.cz
binder_hostname: replay.eosc.zcu.cz binder_hostname: replay.eosc.zcu.cz
old_binder_hostname: binder.eosc.zcu.cz old_binder_hostname: binder.eosc.zcu.cz
docker2_hostname: registry.eosc.zcu.cz docker2_hostname: registry.eosc.zcu.cz
......
...@@ -127,8 +127,8 @@ hub: ...@@ -127,8 +127,8 @@ hub:
url: "http://jwt/" url: "http://jwt/"
display: false display: false
image: image:
name: valtri/hub name: eginotebooks/hub
tag: "eosc9-jwt" tag: "sha-323c75e"
config: config:
Authenticator: Authenticator:
enable_auth_state: true enable_auth_state: true
...@@ -155,7 +155,7 @@ hub: ...@@ -155,7 +155,7 @@ hub:
JupyterHub: JupyterHub:
admin_access: true admin_access: true
authenticate_prometheus: false authenticate_prometheus: false
authenticator_class: egi_notebooks_hub.egiauthenticator.EGICheckinAuthenticator authenticator_class: egi_notebooks_hub.egiauthenticator.EOSCNodeAuthenticator
# spawner_class: (in egi-notebooks-b2drop) # spawner_class: (in egi-notebooks-b2drop)
extraConfig: extraConfig:
egi-notebooks-welcome: |- egi-notebooks-welcome: |-
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment