Merge pull request #3685 from minrk/session-id-model

Add Session id to token/identify models
2025-10-13 13:03:01 +00:00 · 2021-11-18 13:39:34 +01:00
parent b2c5ad40c5 39f19aef49
commit e540d143bb
6 changed files with 1068 additions and 842 deletions
--- a/docs/source/_static/rest-api.yml
+++ b/docs/source/_static/rest-api.yml
--- a/docs/source/rbac/generate-scope-table.py
+++ b/docs/source/rbac/generate-scope-table.py
@@ -114,7 +114,9 @@ class ScopeTableGenerator:
            if doc_description:
                description = doc_description
            scope_dict[scope] = description
-        content['securityDefinitions']['oauth2']['scopes'] = scope_dict
+        content['components']['securitySchemes']['oauth2']['flows'][
+            'authorizationCode'
+        ]['scopes'] = scope_dict

        with open(filename, 'w') as f:
            yaml.dump(content, f)
--- a/docs/source/reference/rest-api.md
+++ b/docs/source/reference/rest-api.md
@@ -5,7 +5,7 @@ Below is an interactive view of JupyterHub's OpenAPI specification.
 <!-- client-rendered openapi UI copied from FastAPI -->

 <link type="text/css" rel="stylesheet" href="https://cdn.jsdelivr.net/npm/swagger-ui-dist@3/swagger-ui.css">
-<script src="https://cdn.jsdelivr.net/npm/swagger-ui-dist@3/swagger-ui-bundle.js"></script>
+<script src="https://cdn.jsdelivr.net/npm/swagger-ui-dist@4.1/swagger-ui-bundle.js"></script>
 <!-- `SwaggerUIBundle` is now available on the page -->

 <!-- render the ui here -->
--- a/jupyterhub/apihandlers/base.py
+++ b/jupyterhub/apihandlers/base.py
@@ -213,6 +213,7 @@ class APIHandler(BaseHandler):
            'last_activity': isoformat(token.last_activity),
            'expires_at': isoformat(token.expires_at),
            'note': token.note,
+            'session_id': token.session_id,
            'oauth_client': token.oauth_client.description
            or token.oauth_client.identifier,
        }
--- a/jupyterhub/apihandlers/users.py
+++ b/jupyterhub/apihandlers/users.py
@@ -58,6 +58,14 @@ class SelfAPIHandler(APIHandler):

        model = get_model(user)

+        # add session_id associated with token
+        # added in 2.0
+        token = self.get_token()
+        if token:
+            model["session_id"] = token.session_id
+        else:
+            model["session_id"] = None
+
        # add scopes to identify model,
        # but not the scopes we added to ensure we could read our own model
        model["scopes"] = sorted(self.expanded_scopes.difference(_added_scopes))
--- a/jupyterhub/handlers/base.py
+++ b/jupyterhub/handlers/base.py
@@ -346,6 +346,7 @@ class BaseHandler(RequestHandler):
            auth_info['auth_state'] = await user.get_auth_state()
        return await self.auth_to_user(auth_info, user)

+    @functools.lru_cache()
    def get_token(self):
        """get token from authorization header"""
        token = self.get_auth_token()