Hi, we are building a web app for scientists that also incorporate Theia. Adding authentication to Theia and doing some custom work on the IDE through the extensions will require some time for us to become familiar.
Instead, if anyone here has customized Theia, and successfully added auth through Cognito, please can you let me know ? we would be interested in hiring someone externally to help with this.
I think the folks at EclipseSource have experience with such projects. @JonasHelming maybe?
I’ve added auth to my Theia app through Cognito.
If it can be of any help I’ve used a
BackendApplicationContribution to add
a middleware to the express app which does the auth using a lib called “cognito-express”. And also a
WsRequestValidatorContribution which does the same thing but for the websocket upgrade request. Then everything is running on AWS, working pretty well so far.
Hi @Hanksha , sorry I can’t find a way to send a DM here. Would you mind please sending me an email to firstname.lastname@example.org so we can arrange to speak more? thanks again.
@ameira I’ve sent you a DM.
@ameira Maybe it helps to sketch how we mostly secure the Theia deployments we are involved in.
Mostly, we secured access to the container via a gateway rather then securing the Theia backend itself. For external services we want to access from within Theia, such as Gitlab, etc., we obtain OpenID tokens from the used identity provider (the same that is also used to secure access to the container and to external services) via openid connect with the user’s browser.
As the user’s browser is already authenticated on initial access to Theia (via the gateway), getting these tokens to access external services via the browser works with single-sign on.