# AWS Jupyter Proxy
[](https://pypi.org/project/aws-jupyter-proxy/)
[](https://github.com/psf/black)
A Jupyter server extension to proxy requests with AWS SigV4 authentication.
## Overview
This server extension enables the usage of the [AWS JavaScript/TypeScript SDK](https://github.com/aws/aws-sdk-js) to write Jupyter frontend extensions without having to export AWS credentials to the browser.
A single `/awsproxy` endpoint is added on the Jupyter server which receives incoming requests from the browser, uses the credentials on the server to add [SigV4](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) authentication to the request, and then proxies the request to the actual AWS service endpoint.
All requests are proxied back-and-forth as-is, e.g., a 4xx status code from the AWS service will be relayed back as-is to the browser.
NOTE: This project is still under active development
## Install
Installing the package from PyPI will install and enable the server extension on the Jupyter server.
```bash
pip install aws-jupyter-proxy
```
## Usage
Using this requries no additional dependencies in the client-side code. Just use the regular AWS JavaScript/TypeScript SDK methods and add any dummy credentials and change the endpoint to the `/awsproxy` endpoint.
```typescript
import * as AWS from 'aws-sdk';
import SageMaker from 'aws-sdk/clients/sagemaker';
// Reusable function to add the XSRF token header to a request
function addXsrfToken<D, E>(request: AWS.Request<D, E>) {
const cookie = document.cookie.match('\\b' + '_xsrf' + '=([^;]*)\\b');
const xsrfToken = cookie ? cookie[1] : undefined;
if (xsrfToken !== undefined) {
request.httpRequest.headers['X-XSRFToken'] = xsrfToken;
}
}
// These credentials are *not* used for the actual AWS service call but you have
// to provide any dummy credentials (Not real ones!)
AWS.config.secretAccessKey = 'IGNOREDIGNORE/IGNOREDIGNOREDIGNOREDIGNOR';
AWS.config.accessKeyId = 'IGNOREDIGNO';
// Change the endpoint in the client to the "awsproxy" endpoint on the Jupyter server.
const proxyEndpoint = 'http://localhost:8888/awsproxy';
const sageMakerClient = new SageMaker({
region: 'us-west-2',
endpoint: proxyEndpoint,
});
// Make the API call!
await sageMakerClient
.listNotebookInstances({
NameContains: 'jaipreet'
})
.on('build', addXsrfToken)
.promise();
```
### Usage with S3
For S3, use the `s3ForcePathStyle` parameter during the client initialization
```typescript
import S3 from 'aws-sdk/clients/s3';
const s3Client = new S3({
region: 'us-west-2',
endpoint: proxyEndpoint,
s3ForcePathStyle: true,
s3DisableBodySigning:false // for https
});
await s3Client
.getObject({
Bucket: 'my-bucket',
Key: 'my-object'
})
.on('build', addXsrfToken)
.promise();
```
### Whitelisting
On the server, the `AWS_JUPYTER_PROXY_WHITELISTED_SERVICES` environment variable can be used to whitelist the set of services allowed to be proxied through. This is opt-in - Not specifying this
environment variable will whitelist all services.
```bash
export AWS_JUPYTER_PROXY_WHITELISTED_SERVICES=sagemaker,s3
jupyter-lab
```
## Development
Install all dev dependencies
```bash
pip install -e ".[dev]"
jupyter serverextension enable --py aws_jupyter_proxy --sys-prefix
```
Run unit tests using pytest
```bash
pytest tests/unit
```
## License
This library is licensed under the Apache 2.0 License.
Raw data
{
"_id": null,
"home_page": "https://github.com/aws/aws-jupyter-proxy",
"name": "aws-jupyter-proxy",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.6",
"maintainer_email": "",
"keywords": "",
"author": "Amazon Web Services",
"author_email": "",
"download_url": "https://files.pythonhosted.org/packages/28/fc/29dba72ca93cc6547c6a675ca51defcc7172ec561ee671659e628d2f7f35/aws_jupyter_proxy-0.3.7.tar.gz",
"platform": null,
"description": "# AWS Jupyter Proxy\n\n\n[](https://pypi.org/project/aws-jupyter-proxy/)\n[](https://github.com/psf/black)\n\nA Jupyter server extension to proxy requests with AWS SigV4 authentication.\n\n## Overview\n\nThis server extension enables the usage of the [AWS JavaScript/TypeScript SDK](https://github.com/aws/aws-sdk-js) to write Jupyter frontend extensions without having to export AWS credentials to the browser.\n\nA single `/awsproxy` endpoint is added on the Jupyter server which receives incoming requests from the browser, uses the credentials on the server to add [SigV4](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) authentication to the request, and then proxies the request to the actual AWS service endpoint.\n\nAll requests are proxied back-and-forth as-is, e.g., a 4xx status code from the AWS service will be relayed back as-is to the browser.\n\nNOTE: This project is still under active development\n\n## Install\n\nInstalling the package from PyPI will install and enable the server extension on the Jupyter server.\n\n```bash\npip install aws-jupyter-proxy\n```\n\n## Usage\n\nUsing this requries no additional dependencies in the client-side code. Just use the regular AWS JavaScript/TypeScript SDK methods and add any dummy credentials and change the endpoint to the `/awsproxy` endpoint.\n\n```typescript\n import * as AWS from 'aws-sdk';\n import SageMaker from 'aws-sdk/clients/sagemaker';\n\n // Reusable function to add the XSRF token header to a request\n function addXsrfToken<D, E>(request: AWS.Request<D, E>) {\n const cookie = document.cookie.match('\\\\b' + '_xsrf' + '=([^;]*)\\\\b');\n const xsrfToken = cookie ? cookie[1] : undefined;\n if (xsrfToken !== undefined) {\n request.httpRequest.headers['X-XSRFToken'] = xsrfToken;\n }\n }\n\n // These credentials are *not* used for the actual AWS service call but you have\n // to provide any dummy credentials (Not real ones!)\n AWS.config.secretAccessKey = 'IGNOREDIGNORE/IGNOREDIGNOREDIGNOREDIGNOR';\n AWS.config.accessKeyId = 'IGNOREDIGNO';\n\n // Change the endpoint in the client to the \"awsproxy\" endpoint on the Jupyter server.\n const proxyEndpoint = 'http://localhost:8888/awsproxy';\n\n const sageMakerClient = new SageMaker({\n region: 'us-west-2',\n endpoint: proxyEndpoint,\n });\n\n // Make the API call!\n await sageMakerClient\n .listNotebookInstances({\n NameContains: 'jaipreet'\n })\n .on('build', addXsrfToken)\n .promise();\n```\n\n### Usage with S3\n\nFor S3, use the `s3ForcePathStyle` parameter during the client initialization\n\n```typescript\n import S3 from 'aws-sdk/clients/s3';\n\n const s3Client = new S3({\n region: 'us-west-2',\n endpoint: proxyEndpoint,\n s3ForcePathStyle: true,\n s3DisableBodySigning:false // for https\n });\n\n await s3Client\n .getObject({\n Bucket: 'my-bucket',\n Key: 'my-object'\n })\n .on('build', addXsrfToken)\n .promise();\n```\n\n### Whitelisting\n\nOn the server, the `AWS_JUPYTER_PROXY_WHITELISTED_SERVICES` environment variable can be used to whitelist the set of services allowed to be proxied through. This is opt-in - Not specifying this \nenvironment variable will whitelist all services.\n\n```bash\nexport AWS_JUPYTER_PROXY_WHITELISTED_SERVICES=sagemaker,s3\njupyter-lab\n```\n\n## Development\n\nInstall all dev dependencies\n\n```bash\npip install -e \".[dev]\"\njupyter serverextension enable --py aws_jupyter_proxy --sys-prefix\n```\n\nRun unit tests using pytest\n\n```bash\npytest tests/unit\n```\n\n## License\n\nThis library is licensed under the Apache 2.0 License.\n",
"bugtrack_url": null,
"license": "Apache License 2.0",
"summary": "A Jupyter server extension to proxy requests with AWS SigV4 authentication",
"version": "0.3.7",
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "2086840a95574b9aec171a0f1010fc97789407eba901b57ee42683eb09c97751",
"md5": "71a076e1798feafb1f3556ce1e6334d0",
"sha256": "bb6dae98f36b9efc134004df04d1234011d55a147bb2465e871d309fc3ef3520"
},
"downloads": -1,
"filename": "aws_jupyter_proxy-0.3.7-py3-none-any.whl",
"has_sig": false,
"md5_digest": "71a076e1798feafb1f3556ce1e6334d0",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.6",
"size": 18899,
"upload_time": "2023-03-17T19:16:34",
"upload_time_iso_8601": "2023-03-17T19:16:34.170171Z",
"url": "https://files.pythonhosted.org/packages/20/86/840a95574b9aec171a0f1010fc97789407eba901b57ee42683eb09c97751/aws_jupyter_proxy-0.3.7-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "28fc29dba72ca93cc6547c6a675ca51defcc7172ec561ee671659e628d2f7f35",
"md5": "ce1a51457ac690079820797c7a964ce8",
"sha256": "81085057b7759425e17a07234af6b78cebee6484bffe33091d243c8316aa02ff"
},
"downloads": -1,
"filename": "aws_jupyter_proxy-0.3.7.tar.gz",
"has_sig": false,
"md5_digest": "ce1a51457ac690079820797c7a964ce8",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.6",
"size": 17800,
"upload_time": "2023-03-17T19:16:35",
"upload_time_iso_8601": "2023-03-17T19:16:35.987654Z",
"url": "https://files.pythonhosted.org/packages/28/fc/29dba72ca93cc6547c6a675ca51defcc7172ec561ee671659e628d2f7f35/aws_jupyter_proxy-0.3.7.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-03-17 19:16:35",
"github": true,
"gitlab": false,
"bitbucket": false,
"github_user": "aws",
"github_project": "aws-jupyter-proxy",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "aws-jupyter-proxy"
}
JSON
