Add ability to modify auth_state via the REST API

jupyterhub/apihandlers/base.py

@@ -142,6 +142,7 @@ class APIHandler(BaseHandler):
         'name': str,
         'admin': bool,
         'groups': list,
+        'auth_state': dict,
     }
 
     _group_model_types = {

jupyterhub/apihandlers/users.py

@@ -170,7 +170,10 @@ class UserAPIHandler(APIHandler):
             if self.find_user(data['name']):
                 raise web.HTTPError(400, "User %s already exists, username must be unique" % data['name'])
         for key, value in data.items():
-            setattr(user, key, value)
+            if key == 'auth_state':
+                await user.save_auth_state(value)
+            else:
+                setattr(user, key, value)
         self.db.commit()
         user_ = self.user_model(user)
         user_['auth_state'] = await user.get_auth_state()

jupyterhub/tests/test_api.py

@@ -421,6 +421,31 @@ def test_make_admin(app):
     assert user.admin
 
 
+@mark.user
+@mark.gen_test
+def test_set_auth_state(app):
+    auth_state = {'secret': 'hello'}
+    db = app.db
+    name = 'admin'
+    user = find_user(db, name)
+    assert user is not None
+
+    r = yield api_request(app, 'users', name, method='patch',
+        data=json.dumps({'auth_state': auth_state})
+    )
+    assert r.status_code == 200
+    user = find_user(db, name)
+    assert user is not None
+    assert user.name == name
+    encrypted_auth = user.encrypted_auth_state
+    assert encrypted_auth is not None
+
+    r = yield api_request(app, 'users', name)
+    assert r.status_code == 200
+    assert user.name == name
+    assert r.json()['auth_state'] == auth_state
+
+
 @mark.gen_test
 def test_spawn(app):
     db = app.db