akka-http and JWT - jwt

I'm using akka-http-session with the bootzooka seed project. I'm curious what the recommended approach is to implement JWT authentication in akka-http. It appears akka-http-session supports it however the documentation seems to be lacking and examples shown are all using cookie based authentication.
Thank you in advance,
CN

I found this helpful implementing akka-http-sessions:
https://github.com/softwaremill/akka-http-session

Related

SAML authentication for Jupyter Hub

I should implement SAML authentication (Okta) in Jupyter. I have tried to search but didn't find anything. Maybe someone knows the solution. Thanks for help.
If you are looking to add Single Sign On to Jupyterhub via Okta, then I strongly suggest taking advantage of OpenID Connect. This will be much easier than adding SAML support.
If you need to implement SAML specifically, the typical way would be to use PySAML2, I wrote a detailed guide for adding SAML support to Python/Flask.
However, it looks like Jupyterhub uses Tornado and also appears that PySAML2 doesn't work with Tornado. If you are looking to add SAML support to Jupyter hub and you are feeling very adventurous, then another avenue to investigate would be to implement your own SAML validation using signxml.
You should try using the jupyterhub-samlauthenticator.
Check it out here: https://github.com/bluedatainc/jupyterhub-samlauthenticator

How to manage jwt authentication on symfony 3

I'm making REST backend in symfony3. One of specification in my project is to use JWT authentication.
Is there a bundle that supports that? Or/how to do it by my own.
I need simple solution that generates me token and secure few of my controller actions.
I saw https://github.com/auth0/jwt-auth-bundle and https://github.com/lexik/LexikJWTAuthenticationBundle. Does anyone work with this? I understand that LexikJWT is for Symfony2, what does not solve the case.
I would be grateful for any ideas how to solve my problem.
We develop a REST API with authentication JWT in SF2.
We do not wish to use the bundle Lexik because it was overkill.
We used the library: https://github.com/lcobucci/jwt .
We have a controller that checks the token, which extends the functional controllers.
Update - 2k19, LexikJWTAuthBundle works in Symfony 3.x, 4.x, 5.x.
The official docs explain you very well on how to integrate it with Symfony.
Here are 2 resources/tutorials that explain the same in more detail.
https://digitalfortress.tech/php/jwt-authentication-with-symfony/
https://medium.com/#joeymasip/how-to-create-an-api-with-symfony-4-and-jwt-b2334a8fbec2

Rest with oauth2

I'm using this library with my codeigniter rest service. Basically, I have a REST_controller, that is inherited, and checks for a valid token, using that library.
All I want is to provide an API to secure some of the API methods.
Now, I'm lost reading most of the specs for oauth2 and tutorials regarding that library.
Can anyone help me, proving good tutorials, examples and explanations on I can achieve, a simple login system and then, call user authenticated methods.
Thanks in advance
Just constructed a pictorial tutorial for OAuth2.0 specs. In case you may find this useful:
Tutorial : http://restful-fundamentals.blogspot.in/2013/04/oauth-20-introducation.html
Also adding a web app demo demostrating the different Authorisation Grants flows. It contains the path to the google code as well as some other tips.
http://restful-fundamentals.blogspot.in/2013/04/svn-repository-oauth20-spectifications.html
***Your comments at that blog may be useful to me to improve the contents there*
I did a demo using spring MVC and spring security you can find source code here

Authorization and Authentication using Jersey and Spring

I'm writing a RESTfull service using jersey and Spring 3 (including spring-security), and trying to figure out how to implement authentication and authorization.
I'm new both to jersey and to Spring so it's all a bit confusing...
Users and their roles are defined in DB. (and not defined in the web.xml or in tomcat-users)
Here are my thoughts about the Authorization part:
Since my service shouldn't necessarily serve web-apps, the authorization should be done on the REST resources (and not on pages) - how do i do this? i saw there's #RolesAllowed annotation but it seems too simple, i need more logic. i think i have to somehow activate spring security from there to use the authorization capabilities they offer.
Any suggestions as to how to do this?
For the Authentication part it seems i should use spring security's AuthenticationManager, and SessionManagement but i'm not sure how to connect it to the REST API:
1. how the API that gets the authentication request should look like?
2. if Spring handles my sessions, how can i add the authorization on my REST resources?
I'd really appreciate if you could help me clear up things...
Thanks!
Sorry, but if you're at that early stage with your Spring Security know-how I must suggest you work through the excellent tutorial first. I'm sure your questions will be answered automatically and you'll learn a lot of valuable stuff along the way.

The best way to implement REST in CakePHP 1.3?

Does anyone know of any tutorials that explain clearly how to implement simple REST functionality with authorization.
I've seen a few plugins and got also got some basic REST functionality working but there seems no clear guidelines about how to build a secure REST service in Cake.
Any help appreciated.
Sounds like you need to look into OAuth which uses REST to connect to Web Sevices without sending usernames and passwords.
Try these tutorials for a start
http://code.42dh.com/oauth/
http://www.neilcrookes.com/2010/04/12/cakephp-oauth-extension-to-httpsocket/