auth: apply adaptation to deprecated signature in init

applies/warns in init, ensures compatibility with a wrapper

rather than warning/calling differently at call time, which won't take effect everywhere

jupyterhub/auth.py

@@ -216,6 +216,35 @@ class Authenticator(LoggingConfigurable):
         """
     )
 
+    def __init__(self, **kwargs):
+        super().__init__(**kwargs)
+        for method_name in ('check_whitelist', 'check_blacklist', 'check_group_whitelist'):
+            original_method = getattr(self, method_name)
+            signature = inspect.signature(original_method)
+            if 'authentication' not in signature.parameters:
+                # adapt to pre-1.0 signature for compatibility
+                warnings.warn(
+                    """
+                    {0}.{1} does not support the authentication argument,
+                    added in JupyterHub 1.0.
+
+                    It should have the signature:
+
+                    def {1}(self, username, authentication=None):
+                        ...
+
+                    Adapting for compatibility.
+                    """.format(
+                        self.__class__.__name__,
+                        method_name,
+                    ),
+                    DeprecationWarning
+                )
+
+                def wrapped_method(username, authentication=None, **kwargs):
+                    return original_method(username, **kwargs)
+                setattr(self, method_name, wrapped_method)
+
     def normalize_username(self, username):
         """Normalize the given username and return it
 
@@ -228,7 +257,6 @@ class Authenticator(LoggingConfigurable):
         username = self.username_map.get(username, username)
         return username
 
-    # FIXME: Remove None default on removal of old signature compatibility
     def check_whitelist(self, username, authentication=None):
         """Check if a username is allowed to authenticate based on whitelist configuration
 
@@ -245,7 +273,6 @@ class Authenticator(LoggingConfigurable):
             return True
         return username in self.whitelist
 
-    # FIXME: Remove None default on removal of old signature compatibility
     def check_blacklist(self, username, authentication=None):
         """Check if a username is blocked to authenticate based on blacklist configuration
 
@@ -257,7 +284,7 @@ class Authenticator(LoggingConfigurable):
         .. versionadded: 0.9
 
         .. versionchanged:: 1.0
-            Signature updated to accept authentication data and any future changes
+            Signature updated to accept authentication data as second argument
         """
         if not self.blacklist:
             # No blacklist means any name is allowed
@@ -304,12 +331,8 @@ class Authenticator(LoggingConfigurable):
             self.log.warning("Disallowing invalid username %r.", username)
             return
 
-        if len(inspect.getfullargspec(self.check_blacklist).args) != 3:
-            self.log.warning("DEPRECATION WARNING: check_xlist auth functions are changing signature, refer to docs to prevent future failures.")
-            warnings.warn("check_xlist auth functions are changing signature, refer to docs to prevent future failures", DeprecationWarning)
-            blacklist_pass = await maybe_future(self.check_blacklist(username))
-        else:
-            blacklist_pass = await maybe_future(self.check_blacklist(username, authenticated))
+        blacklist_pass = await maybe_future(self.check_blacklist(username, authenticated))
+        whitelist_pass = await maybe_future(self.check_whitelist(username, authenticated))
 
         if blacklist_pass:
             pass
@@ -317,13 +340,6 @@ class Authenticator(LoggingConfigurable):
             self.log.warning("User %r in blacklist. Stop authentication", username)
             return
 
-        if len(inspect.getfullargspec(self.check_whitelist).args) != 3:
-            self.log.warning("DEPRECATION WARNING: check_xlist auth functions are changing signature, refer to docs to prevent future failures.")
-            warnings.warn("check_xlist auth functions are changing signature, refer to docs to prevent future failures", DeprecationWarning)
-            whitelist_pass = await maybe_future(self.check_whitelist(username))
-        else:
-            whitelist_pass = await maybe_future(self.check_whitelist(username, authenticated))
-
         if whitelist_pass:
             if authenticated['admin'] is None:
                 authenticated['admin'] = await maybe_future(self.is_admin(handler, authenticated))
@@ -373,7 +389,7 @@ class Authenticator(LoggingConfigurable):
             authentication: The authetication dict generated by `authenticate`.
         Returns:
             admin_status (Bool or None):
-                The admin status of the user, or None if it could not be 
+                The admin status of the user, or None if it could not be
                 determined or should not change.
         """
         return True if authentication['name'] in self.admin_users else None
@@ -584,14 +600,13 @@ class LocalAuthenticator(Authenticator):
                 "Ignoring username whitelist because group whitelist supplied!"
             )
 
-    # FIXME: Remove None default on removal of old signature comptability
     def check_whitelist(self, username, authentication=None):
         if self.group_whitelist:
-            return self.check_group_whitelist(username)
+            return self.check_group_whitelist(username, authentication)
         else:
             return super().check_whitelist(username, authentication)
 
-    def check_group_whitelist(self, username):
+    def check_group_whitelist(self, username, authentication=None):
         """
         If group_whitelist is configured, check if authenticating user is part of group.
         """