Reduce the number of endpoints that expose auth_state

2025-10-17 06:52:59 +00:00 · 2018-03-22 14:34:03 +01:00
parent 39f663d03c
commit 542c20065f
4 changed files with 19 additions and 18 deletions
--- a/jupyterhub/apihandlers/auth.py
+++ b/jupyterhub/apihandlers/auth.py
@@ -18,14 +18,14 @@ from .base import BaseHandler, APIHandler

 class TokenAPIHandler(APIHandler):
    @token_authenticated
-    async def get(self, token):
+    def get(self, token):
        orm_token = orm.APIToken.find(self.db, token)
        if orm_token is None:
            orm_token = orm.OAuthAccessToken.find(self.db, token)
        if orm_token is None:
            raise web.HTTPError(404)
        if orm_token.user:
-            model = await self.user_model(self.users[orm_token.user])
+            model = self.user_model(self.users[orm_token.user])
        elif orm_token.service:
            model = self.service_model(orm_token.service)
        else:
@@ -71,13 +71,13 @@ class TokenAPIHandler(APIHandler):
        api_token = user.new_api_token(note=note)
        self.write(json.dumps({
            'token': api_token,
-            'user': await self.user_model(user),
+            'user': self.user_model(user),
        }))


 class CookieAPIHandler(APIHandler):
    @token_authenticated
-    async def get(self, cookie_name, cookie_value=None):
+    def get(self, cookie_name, cookie_value=None):
        cookie_name = quote(cookie_name, safe='')
        if cookie_value is None:
            self.log.warning("Cookie values in request body is deprecated, use `/cookie_name/cookie_value`")
@@ -87,7 +87,7 @@ class CookieAPIHandler(APIHandler):
        user = self._user_for_cookie(cookie_name, cookie_value)
        if user is None:
            raise web.HTTPError(404)
-        self.write(json.dumps(await self.user_model(user)))
+        self.write(json.dumps(self.user_model(user)))


 class OAuthHandler(BaseHandler, OAuth2Handler):
--- a/jupyterhub/apihandlers/base.py
+++ b/jupyterhub/apihandlers/base.py
@@ -94,7 +94,7 @@ class APIHandler(BaseHandler):
            'message': message or status_message,
        }))

-    async def user_model(self, user):
+    def user_model(self, user):
        """Get the JSON model for a User object"""
        if isinstance(user, orm.User):
            user = self.users[user.id]
@@ -107,7 +107,6 @@ class APIHandler(BaseHandler):
            'server': user.url if user.running else None,
            'pending': None,
            'last_activity': user.last_activity.isoformat(),
-            'auth_state': await user.get_auth_state(),
        }
        if '' in user.spawners:
            model['pending'] = user.spawners[''].pending or None
--- a/jupyterhub/apihandlers/users.py
+++ b/jupyterhub/apihandlers/users.py
@@ -24,13 +24,15 @@ class SelfAPIHandler(APIHandler):
            user = self.get_current_user_oauth_token()
        if user is None:
            raise web.HTTPError(403)
-        self.write(json.dumps(await self.user_model(user)))
+        user_ = self.user_model(user)
+        user_['auth_state'] = await user.get_auth_state()
+        self.write(json.dumps(user_))


 class UserListAPIHandler(APIHandler):
    @admin_only
-    async def get(self):
-        data = [ await self.user_model(u) for u in self.db.query(orm.User) ]
+    def get(self):
+        data = [ self.user_model(u) for u in self.db.query(orm.User) ]
        self.write(json.dumps(data))

    @admin_only
@@ -83,7 +85,7 @@ class UserListAPIHandler(APIHandler):
            else:
                created.append(user)

-        self.write(json.dumps([ await self.user_model(u) for u in created ]))
+        self.write(json.dumps([ self.user_model(u) for u in created ]))
        self.set_status(201)


@@ -104,12 +106,12 @@ def admin_or_self(method):

 class UserAPIHandler(APIHandler):

-    #@gen.coroutine
    @admin_or_self
    async def get(self, name):
        user = self.find_user(name)
-        user = await self.user_model(user)
-        self.write(json.dumps(user))
+        user_ = self.user_model(user)
+        user_['auth_state'] = await user.get_auth_state()
+        self.write(json.dumps(user_))

    @admin_only
    async def post(self, name):
@@ -133,7 +135,7 @@ class UserAPIHandler(APIHandler):
            self.users.delete(user)
            raise web.HTTPError(400, "Failed to create user: %s" % name)

-        self.write(json.dumps(await self.user_model(user)))
+        self.write(json.dumps(self.user_model(user)))
        self.set_status(201)

    @admin_only
@@ -170,7 +172,9 @@ class UserAPIHandler(APIHandler):
        for key, value in data.items():
            setattr(user, key, value)
        self.db.commit()
-        self.write(json.dumps(await self.user_model(user)))
+        user_ = self.user_model(user)
+        user_['auth_state'] = await user.get_auth_state()
+        self.write(json.dumps(user_))


 class UserServerAPIHandler(APIHandler):
--- a/jupyterhub/tests/test_api.py
+++ b/jupyterhub/tests/test_api.py
@@ -201,7 +201,6 @@ def test_get_users(app):
            'admin': True,
            'server': None,
            'pending': None,
-            'auth_state': None,
        },
        {
            'kind': 'user',
@@ -210,7 +209,6 @@ def test_get_users(app):
            'admin': False,
            'server': None,
            'pending': None,
-            'auth_state': None,
        }
    ]