Skip to content

Allow cookie/bearer token-based authentication to individual backends #118

New issue
New issue
Closed
Closed
Allow cookie/bearer token-based authentication to individual backends#118
Labels
enhancementNew feature or request
@paulgb

Description

@paulgb
paulgb
opened on Aug 20, 2022

Since Spawner includes a Layer 7 proxy, it can refuse requests to a backend if they do not contain a bearer token as a cookie or as an Authorization header.

A possible implementation would be:

  • Add a field to SpawnRequest that indicates that a bearer token should be used.
  • Add a field to SpawnRequestResponse that contains a randomly-generated bearer token.
  • Pass the token to the client, which hits an endpoint on the backend (like __cookie) that takes a bearer token and returns it as a Set-Cookie header.

We could also allow a token to be provided as a GET parameter, so that we could generate URLs that can be shared and grant access to a backend. The proxy would strip that parameter, validate it, and return it as a Set-Cookie on the response.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions