hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-18 23:42:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,236 Commits 8 Branches 90 Tags
08ed8443f277518cfbf686f91a7bd76ea10977db
Commit Graph

128 Commits

Author SHA1 Message Date
pre-commit-ci[bot]
865d5f7646 [pre-commit.ci] auto fixes from pre-commit.com hooks 
for more information, see https://pre-commit.ci
 2022-11-16 14:53:12 +00:00
Min RK
986de0b5db use str-format for ssl.Purposes 
rather than default, which is a weird repr
 2022-07-29 09:26:21 +02:00
Min RK
a2a01755ec simplify make_ssl_context 
pass ssl.Purpose explicitly, deprecate verify/check_hostname

3.10 disallows 'purpose=SERVER_AUTH' from creating server sockets.
Instead:

- pass purpose directly
- always verify
- no need to set check_hostname, already covered by purpose defaults
 2022-07-14 11:02:44 -07:00
Min RK
a7cced506b Remove 3.6 compatibility shims 
- asyncio.all_tasks/current_task
- pytest-asyncio 0.17
- contextmanager.nullcontext
 2022-07-14 09:05:01 -07:00
Simon Li
84cb9761e8 Escape named servers when used in URL paths 2022-05-22 23:31:47 +01:00
Min RK
7a9778249f run pre-commit with isort 2022-03-31 12:33:26 +02:00
Min RK
704712cc81 Add read:metrics scope for metrics endpoint 
and ensure token auth is accepted
 2022-01-18 15:02:24 +01:00
Min RK
ccfee4d235 use outermost proxied entry when checking for browser protocol 
wee care about what the browser sees, so trust the outermost entry instead of the innermost

This is not secure _in general_, in that these values can be spoofed by malicious proxies,
but for CORS and cookie purposes, we only care about what the browser sees,
however many hops there may be.

A malicious proxy in the chain here isn't a concern because what matters is the immediate
hop from the _browser_, not the immediate hop from the _server_.
 2022-01-07 14:03:11 +01:00
pre-commit-ci[bot]
13172e6856 [pre-commit.ci] auto fixes from pre-commit.com hooks 
for more information, see https://pre-commit.ci
 2022-01-03 21:06:46 +00:00
Min RK
487c4524ad deprecate instead of remove @admin_only auth decorator 
no harm in keeping it around for a deprecation cycle
 2021-10-25 13:00:45 +02:00
Min RK
9adbafdfb3 consistent handling of any timeout error 
some things raise standard TimeoutError, others may raise tornado gen.TimeoutError (gen.with_timeout)

For consistency, add AnyTimeoutError tuple to allow catching any timeout, no matter what kind

Where we were raising `TimeoutError`,
we should have been raising `asyncio.TimeoutError`.

The base TimeoutError is an OSError for ETIMEO, which is for system calls
 2021-10-20 20:07:45 +02:00
Erik Sundell
d6c48b15fe pyupgrade: run pyupgrade --py36-plus and black on all but tests 2021-08-26 16:23:38 +02:00
Min RK
3bcc542e27 finish up db rollback checks 
- move catch_db_error to utils
- tidy catch/propagate errors in prepare, get_current_user
 2021-08-10 15:03:41 +02:00
0mar
7544965145 Fixed server model, removed some auth decorators 2021-04-15 16:34:46 +02:00
Min RK
ebb13ed39f Merge master into rbac 2021-04-13 13:07:30 +02:00
YuviPanda
9f6467be05 Use 'secrets' module to generate secrets 
Python 3.6+ has this
 2021-03-29 17:07:03 +05:30
Min RK
4dac580d3d Merge master into rbac 2021-01-27 12:39:02 +01:00
Omar Richardson
662017f260 Refactored scope module. Implemented filter in *ListApiHandlers 2021-01-05 11:42:53 +01:00
Omar Richardson
82bebfaff2 Added unit tests and fixed bugs in scope filter 2021-01-04 22:44:23 +01:00
0mar
f4ba57b1d7 Implemented filter list skeleton 2021-01-04 16:24:50 +01:00
0mar
3eccf7abdd Changed scopes from list to set and made filters additive 2020-12-14 17:39:06 +01:00
0mar
62c56ec2c8 Started work on fixing tests 2020-12-09 17:34:49 +01:00
IvanaH8
9de9070641 fixed scope test attr error for older_requirements.txt test 2020-12-09 14:50:50 +01:00
coffeebenzene
f866bbcf45 Use variable instead of monkey patching asyncio 2020-12-02 19:50:49 +00:00
coffeebenzene
ed6231d3aa Fix asyncio deprecation asyncio.Task.all_tasks 2020-12-02 17:57:28 +00:00
Min RK
6fc3dc4c01 Merge master into rbac 2020-12-02 11:28:53 +01:00
Min RK
5540859460 Merge pull request #3212 from 0mar/implement_scopes 
Implementing RBAC scope checking in API handlers
 2020-12-02 11:23:24 +01:00
Min RK
28fdbeb0c0 update back pre-commit hook 
specify minimum target_version as py36

results in some churn
 2020-11-30 10:13:10 +01:00
Omar Richardson
f6d635997c Changed logging call 2020-11-24 10:03:16 +01:00
Omar Richardson
d7d27ad97a Fixed scopes and added more specific logs/errors 2020-11-23 13:26:36 +01:00
Omar Richardson
71d99e1180 Update with expand group test 2020-11-19 09:57:50 +01:00
0mar
54cb31b3a9 Removed circular import 2020-11-18 17:29:15 +01:00
Omar Richardson
99c3f77c58 WIP Implemented scopes 2020-11-18 17:12:26 +01:00
Min RK
3c071467bb require tornado 5.1, async_generator 1.9 
- maybe_future relies on changes in 5.1, not in 5.0
- async_generator.asynccontextmanager is new in 1.9
 2020-11-17 12:23:39 +01:00
0mar
2e9ecfff02 WIP: implementing expanding groups 2020-11-17 09:56:48 +01:00
Erik Sundell
5edd246474 Replace @async_generator/yeild_ with async/yeild 2020-11-11 14:47:29 +01:00
Erik Sundell
4a17441e5a Replace gen.sleep with asyncio.sleep 2020-11-11 14:40:59 +01:00
0mar
365921d162 Added filtering to decorator and added tests 2020-11-09 14:25:02 +01:00
0mar
154edebbf4 Added scope utilities and tests for them 2020-11-05 15:40:00 +01:00
0mar
422fbf8dcc Fixed scoping and authentication 2020-10-30 15:07:10 +01:00
0mar
21ea4ad2b6 Implemented mock scopes 2020-10-28 16:23:21 +01:00
0mar
dece64d248 Separated scope from other decorators 2020-10-27 09:43:43 +01:00
0mar
b6fa353201 Implemented scope-based access in API handlers 2020-10-19 13:09:26 +02:00
Min RK
284e379341 Merge pull request #3204 from kreuzert/exponential_backoff_overflow_exception 
Prevent OverflowErrors in exponential_backoff()
 2020-10-15 10:39:28 +02:00
Tim Kreuzer
004c964cc1 Update utils.py 2020-10-13 10:37:31 +02:00
Tim Kreuzer
0f0d6d12d3 Update jupyterhub/utils.py 
Co-authored-by: Erik Sundell <erik.i.sundell@gmail.com>
 2020-10-13 10:30:05 +02:00
Tim Kreuzer
c97e4d4e2f Update utils.py 
Prevent exponential_backoff() to crash with an Vverflow Error
 2020-10-12 17:25:25 +02:00
Erik Sundell
4cbc0bad34 Merge branch 'master' into remove-unused-imports 2020-10-01 12:07:37 +02:00
Chance Zibolski
52291b0012 jupyterhub/utils: Load system default CA certificates in make_ssl_context 
Fixes issues with OAuth flows when internal_ssl is enabled.
When internal_ssl was enabled requests to non-internal endpoints failed
because the system CAs were not being loaded.

This caused failures with public OAuth providers with public CAs since
they would fail to validate.
 2020-08-25 09:09:58 -07:00
Steffen Vogel
6283e7ec83 support kubespawner running on a IPv6 only cluster 2020-04-17 19:36:56 +02:00