Using Predefined Application with No billing Settings

Navigation:  Administration > Adding Predefined Applications >

Using Predefined Application with No billing Settings

Previous pageReturn to chapter overviewNext page

Use the following guide to set Predefined application in case when in Select your billing system field of Billing tab in KuberDock settings - No Billing is chosen.

 

With such configuration, authorization token must be sent to KuberDock (not to billing system) to allow user start predefined application and get access to KuberDock.

 

We use JSON Web Tokens (JWT, jwt.io) for authentication. To generate correct token, use libraries for different programming languages provided on jwt.io. Find detailed information about JSON Web Tokens in official documentation available on the link jwt.io/introduction.

 

For work with predefined applications perform the following steps:

 

Note that we recommend to use libraries available on jwt.io to generate JSON Web Token.

 

1. In header section to be transmitted:

 

“alg": encrypting algorithm, HS256 is recommended;

 

“exp”: expiration time (read more here), unix timestamp;

 

“iat”:  issued at (read more here), unix timestamp.

 

Decoded example:

 

header:

{

“alg”: “HS256”,

“exp”: 1469943308,

“iat”: 1468339708

}

 

2. In payload section to be submitted:

 

"auth": must be true,  log in or create user;

 

"username":  enter username for new or existing user in KuberDock.

 

Additional fields required only if user doesn't exist in KuberDock yet:

 

“email”: users` email;

 

“passwords”: users` password.

 

Optional fields only for new user in KuberDock. User will be created with the data from this fields, otherwise data will be:

 

“package”: id of package that will be applied to the user, read more about packages here;

 

“rolename”: user role in KuberDock, available user roles here;

 

"first_name": user first name;

 

"last_name": user last name;

 

"middle_initials": user middle initials;

 

"timezone": ""America/New_York (-04:00)"".

 

Decoded example:

payload:

{

“auth”: true,

“username”: “john_snow”,

“email”: “[email protected]”,

“password”: “28f*.J”,

“package”: 1,

“rolename”: “User”,

“first_name”: “John”,

“last_name”: “Snow”,

“middle_initials”: “Bastard”,

“timezone”: ““America/New_York (-04:00)””

}

 

3. In KuberDock go to Settings, choose Generals tabs. In Secret key for Single sign-on field enter your secret key value. It must be shared between KuberDock and application that will send users to KuberDock.Single Sign On allows a user to log in to your own application (control panel, billing, etc) and then it is "automatically" signes in to KuberDock.

 

no_billing_01

 

4. Encrypt header, payload and signature into one JSON Web Token using libraries available on jwt.io and instructions on jwt.io/introduction.

 

5. Check token generation validity on jwt.io - enter encrypted token in Encoded field, enter your secret key in VERIFY SIGNATURE field. If everything is correct, then Signature Verified message will be displayed.

 

no_billing_02

 

6. In KuberDock go to Predefined applications page and copy the link to proper application.

 

no_billing_03

 

 

7. Add your encrypted token to Predefined application link, to make link look as follows:

 

https://kuberdock.master/apps/12269deccf6ffe3f12ebaa7d481dbb4133bb98f1?token2=eyJhbGciOiJIUzI1NiIsImV4cCI6MTQ2ODUyMDM2NCwiaWF0IjoxNDY4NDg4ODEyfQ.eyJ1c2VybmFtZSI6InduY20iLCJhdXRoIjp0cnVlfQ.R4upTWJC4NT2AD8RYfNAjzdmxiGQFRGQ5CCk8ALRvxw

 

Where:

 

https://kuberdock.master/apps/12269deccf6ffe3f12ebaa7d481dbb4133bb98f1 - link to predefined application;

 

?token2= - GET parameter in URL;

 

eyJhbGciOiJIUzI1NiIsImV4cCI6MTQ2ODUyMDM2NCwiaWF0IjoxNDY4NDg4ODEyfQ.eyJ1c2VybmFtZSI6InduY20iLCJhdXRoIjp0cnVlfQ.R4upTWJC4NT2AD8RYfNAjzdmxiGQFRGQ5CCk8ALRvxw - encoded JSON Web Token.

 

The link is ready for use.