Skip to content

Instantly share code, notes, and snippets.

@om2c0de

om2c0de/gist:9ca76229082c5d2be5a37b5b166e3dea

Created September 30, 2020 10:03
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save om2c0de/9ca76229082c5d2be5a37b5b166e3dea to your computer and use it in GitHub Desktop.
Save om2c0de/9ca76229082c5d2be5a37b5b166e3dea to your computer and use it in GitHub Desktop.
Download ZIP
JWT against Kerberos.
Raw
gistfile1.txt
def auth_jwt(self, auth_header, callback):
jwt_token = auth_header.split()[1]
try:
user_data = jwt.decode(jwt_token, self.settings['jwt_secret_key'], algorithms=['HS256'])
username = user_data['username']
password = user_data['password']
kerberos.checkPassword(username, password, self.settings['sso_service'], self.settings['sso_realm'])
except Exception as e:
logging.error(f'JWT Error: {e}')
raise tornado.web.HTTPError(401, 'Invalid authentication token.')
user = f'{username}@{self.settings["sso_realm"]}'
callback(user)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment