hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-18 15:33:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,236 Commits 8 Branches 90 Tags
08ed8443f277518cfbf686f91a7bd76ea10977db
Commit Graph

126 Commits

Author SHA1 Message Date
pre-commit-ci[bot]
865d5f7646 [pre-commit.ci] auto fixes from pre-commit.com hooks 
for more information, see https://pre-commit.ci
 2022-11-16 14:53:12 +00:00
Min RK
c9e6d6afa3 restore trimming of username input 
continue to not trim password or custom fields

trailing/leading space is explicitly forbidden in validate_username
 2022-08-10 08:45:50 +02:00
Julien Cigar
1392aee195 -n is required 2022-06-15 17:23:13 +02:00
Min RK
ac3ef1efc1 Deprecate Authenticator.db, Spawner.db 
These objects should not access the shared db session;
add a warning pointing to Issue about their removal if it is accessed
 2022-05-10 10:24:32 +02:00
Min RK
7a9778249f run pre-commit with isort 2022-03-31 12:33:26 +02:00
Min RK
b84dd5d735 Stop opening PAM sessions by default 
We don't do it correctly, so don't try by default

It does work _sometimes_, but most of the time it does work, it's because it's a no-op.
Turning it off by default makes it more likely folks will see the caveat that it may not work.
 2022-02-07 15:45:38 +01:00
Min RK
88be7a9967 test coverage for Authenticator.managed_groups 
- tests
- docs
- ensure all group APIs are rejected when auth is in control
- use 'groups' field in return value of authenticate/refresh_user, instead of defining new method
- log group changes in sync_groups
 2022-01-24 13:45:35 +01:00
Thomas Li Fredriksen
144abcb965 Added authenticator hook for synchronizing user groups 
- Added hook function stub to authenticator base class
- Added new config option `manage_groups` to base `Authenticator` class
- Call authenticator hook from `refresh_auth`-function in `Base` handler class
- Added example
 2022-01-20 13:30:03 +01:00
Simon Li
28f56ba510 Simplify NullAuthenticator, add test 2021-09-27 23:05:53 +01:00
Min RK
5f19989467 suggest roles instead of admin_users 
and make admin link permission check match admin page

it would be nice if this could be consolidated (maybe an `admin:ui` permission?)
 2021-09-16 11:57:36 +02:00
Erik Sundell
d6c48b15fe pyupgrade: run pyupgrade --py36-plus and black on all but tests 2021-08-26 16:23:38 +02:00
Min RK
744983e53f sync rbac with main 
# Conflicts:
#	docs/rest-api.yml
#	jupyterhub/oauth/provider.py
 2021-06-14 12:53:39 +02:00
YuviPanda
f566ee1e4b Support auto login when used as a OAuth2 provider 
Fixes #3487
 2021-06-03 14:55:22 +05:30
0mar
c13ad804fe Added default roles for users and unified admin check 2021-05-25 13:51:43 +02:00
Min RK
529273d105 move get_custom_html to base Authenticator class 
so it's always available

it was accidentally added to PAM instead of the base
 2021-02-11 21:42:02 +01:00
Daisuke Taniwaki
47265786e3 Add versionadded 2021-01-27 20:49:47 +09:00
Daisuke Taniwaki
ca3ceac4f3 Add comment 2020-12-23 13:42:51 +09:00
Daisuke Taniwaki
c833fae901 Allow to use base URL in custom HTML 2020-12-23 13:39:59 +09:00
Min RK
28fdbeb0c0 update back pre-commit hook 
specify minimum target_version as py36

results in some churn
 2020-11-30 10:13:10 +01:00
Min RK
e5a6119505 Merge pull request #3090 from minrk/words-matter 2020-07-03 12:27:08 +02:00
Min RK
cceb652039 TODO is TODONE 
Co-authored-by: Georgiana Elena <georgiana.dolocan@gmail.com>
 2020-06-24 20:19:44 +02:00
Min RK
6e988bf587 call it allowed_users 
be clearer since it's users vs groups, etc.
 2020-06-24 13:29:42 +02:00
Min RK
ec710f4d90 test subclass priority when overriding old methods 2020-06-18 11:50:44 +02:00
Min RK
cc8e780653 rename white/blacklist allowed/blocked 
- group_whitelist -> allowed_groups

still todo: handle deprecated signatures in check_whitelist methods while preserving subclass overrides
 2020-06-15 14:40:44 +02:00
Frédéric Collonval
5bbf584cb7 Make delete_invalid_users configurable 2020-06-13 15:58:46 +02:00
Richard Darst
0efb16793e Bugfix: pam_normalize_username didn't return username 
- A trivial bug caused by my last change to #2397 - made possible by
  the fact we didn't have a way to reliable test PAM stuff.
- Thanks to @narnish for noticing.
- Closes: #2875
 2020-01-02 17:04:21 +02:00
Min RK
d51d39728a Errant indentation 2019-09-24 14:40:34 +02:00
Richard C Gerkin
7b1c4aedcf Don't catch AttributeError 2019-08-23 08:19:32 -07:00
Richard C Gerkin
ced45d101a Update jupyterhub/auth.py 
Co-Authored-By: Min RK <benjaminrk@gmail.com>
 2019-08-22 09:33:15 -07:00
Rick Gerkin
cda7f73cfa Added support for consistent UIDs at user creation time 2019-08-16 04:59:51 +00:00
Min RK
5e60582ef3 run autoformat 
apologies to anyone finding this commit via git blame or log

run the autoformatting by

    pre-commit run --all-files
 2019-02-19 17:00:10 +01:00
Min RK
39902a7140 async fixes in post_auth_hook 2019-02-19 16:07:32 +01:00
Will Starms
8524556b33 Add croutine support, force dict return 
Also fix weird typo in example code
 2019-02-15 15:37:23 +01:00
Will Starms
7c36ac93ba post_auth_hook processor 
Does what it sounds like, allows an arbitrary function to be called right before the return in `get_authenticated_user`
 2019-02-15 15:36:03 +01:00
Min RK
fec3d959f2 Merge pull request #2268 from vilhelmen/auth_data_sharing 
Share authenticated dict with auth functions
 2019-02-15 15:33:36 +01:00
Min RK
52d8f74eb1 Merge pull request #2397 from rkdarst/pam_normalize_username 
pam_normalize_username option: round-trip usernames through PAM to normalize
 2019-02-15 15:17:28 +01:00
Min RK
701b93d226 check_group_whitelist is optional 2019-02-15 15:09:56 +01:00
Min RK
bb83bb47d8 auth: apply adaptation to deprecated signature in init 
applies/warns in init, ensures compatibility with a wrapper

rather than warning/calling differently at call time, which won't take effect everywhere
 2019-02-15 13:22:06 +01:00
Min RK
1ba47d4a3d Merge branch 'master' into auth_data_sharing 2019-02-15 13:03:09 +01:00
Richard Darst
d33226f3c2 Don't use super() when normalizing username using PAM 
- We don't need the extra normalization of that function.
- Also add in username_map support here.  It probably isn't needed
  most of the time with PAM, but it keeps things consistent and is
  easier than documenting an exception.
 2019-02-03 00:37:06 +02:00
Richard Darst
92223b1dde pam_normalize_username option: round-trip usernames through PAM to normalize 2019-01-28 13:43:29 +02:00
Min RK
563106c0d2 allow auth to expire 
adds Authenticator.auth_refresh_age and Authenticator.refresh_pre_spawn config

- auth_refresh_age allows auth to expire (default: 5 minutes) before calling Authenticator.refresh_user.
- refresh_pre_spawn forces refresh prior to spawn (in case of auth tokens, etc.)
 2018-12-14 15:27:38 +01:00
Will Starms
4229d68d23 Fix bad tester/code 2018-12-06 15:32:49 -06:00
Bruno P. Kinoshita
9aa2110409 Remove unused dependency 2018-11-28 14:41:48 +13:00
Min RK
c9c0d3723b Merge pull request #2309 from adelcast/dev/adelcast/refresh_user 
refresh_user: add handler parameter
 2018-11-16 14:52:55 +01:00
Will Starms
22d6f48bb8 Make functions private 2018-11-15 15:20:34 -06:00
Alejandro del Castillo
df98fb012e refresh_user: add handler parameter 
The current request handler might be needed to determine if the auth
data needs to be refreshed.

Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
 2018-11-15 13:21:24 -06:00
Will Starms
df829e8927 Move getpwnam/grnam/grouplist to LocalAuthenticator 
Also fix up an old test of mine
 2018-11-13 14:48:12 -06:00
Will Starms
f2ae3af90e Switch to existing getpwnam function 
To be honest, `getgrouplist`, `getpwnam`, and `getgrnam` should be static methods in LocalAuthenticator
 2018-11-13 13:53:54 -06:00
Will Starms
62b991649b Share authenticated dict with auth functions 
Adds a compatibility fix to be removed at a future date for the check_x functions.
 2018-11-13 11:44:49 -06:00