From 53c5a5001b144d7d7d7bea2cddbcc13dbe1c50ec Mon Sep 17 00:00:00 2001 From: YuviPanda Date: Tue, 5 Sep 2023 16:27:00 -0700 Subject: [PATCH] Fix external-oauth example jupyterhub_config.py - Roles need to be explicitly granted, otherwise you get a 403. This example predates roles. - Explicitly set bind_url - without this, JupyterHub itself doesn't seem to bind anywhere, and so you just get a 404 when you visit whatever port configurable-http-proxy lands on. This is probably a separate bug to be investigated, but in the meantime copying this from testing/jupyterhub_config.py makes this example actually work - Set DummyAuthenticator as the default, so users can get started with this example --- examples/external-oauth/jupyterhub_config.py | 22 +++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/examples/external-oauth/jupyterhub_config.py b/examples/external-oauth/jupyterhub_config.py index 75f141ea..7b3f86d6 100644 --- a/examples/external-oauth/jupyterhub_config.py +++ b/examples/external-oauth/jupyterhub_config.py @@ -1,5 +1,16 @@ import os +# Allow anyone to authenticate +from jupyterhub.auth import DummyAuthenticator + +c.JupyterHub.authenticator_class = DummyAuthenticator + +# Optionally set a global password that all users must use +# c.DummyAuthenticator.password = "your_password" + +# only listen on localhost for testing. +c.JupyterHub.bind_url = 'http://127.0.0.1:8000' + # get the oauth client's API token. # this could come from anywhere api_token = os.getenv("JUPYTERHUB_API_TOKEN") @@ -9,7 +20,6 @@ if not api_token: ) # tell JupyterHub to register the service as an external oauth client - c.JupyterHub.services = [ { 'name': 'external-oauth', @@ -18,3 +28,13 @@ c.JupyterHub.services = [ 'oauth_redirect_uri': 'http://127.0.0.1:5555/oauth_callback', } ] + +# Grant all JupyterHub users ability to access services +c.JupyterHub.load_roles = [ + { + 'name': 'user', + 'description': 'Allow all users to access all services', + 'scopes': ['access:services', 'self'], + } + +]