hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-09 19:13:03 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,693 Commits 8 Branches 89 Tags
73d77ee56b9647a8229eb5a4d65f3cb15ed98869
Commit Graph

1693 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Min RK
c7ea106675 use User wrappers in test_spawner 2017-04-05 16:12:29 +02:00
Min RK
1f2218c875 update travis.yml 
- remove Python 3.3
- install node.js 6 with nvm
- remove use of outdated travis-wheels
 2017-04-05 16:04:34 +02:00
Min RK
99369aa5a1 fix trailing - in oauth-client-id for single-user servers with empty server_name 2017-04-05 15:53:49 +02:00
Min RK
ffd3c171fe fix oauth url for SU servers with subdomains 
and services without
 2017-04-05 15:53:49 +02:00
Min RK
ce4b9e8e9f only store token in single-user cookie 
not the user model

preserves cached-response behavior from the Hub
so that the Hub can still revoke tokens.
 2017-04-05 15:53:49 +02:00
Min RK
ef51eb21e0 get OAuth working with subdomains 
needs a lot of host passing around
 2017-04-05 15:53:49 +02:00
Min RK
b1efe3a5c1 load initial API token before setting up oauth client 2017-04-05 15:53:48 +02:00
Min RK
6d647b5387 use API token for oauth client secret 
rather than a separate single-purpose secret

since we need the token anyway, use it for the secret handshake as well
 2017-04-05 15:53:48 +02:00
Min RK
d11c7ba4db cleanup more after mockservices 2017-04-05 15:53:48 +02:00
Carol Willing
6b33358c56 Merge pull request #1054 from parente/clarify-token-api-auth 
Minor update to clarify hub token auth
 2017-04-04 20:20:48 -07:00
Peter Parente
9030302ff7 Fix typo request -> requests 2017-04-04 22:36:05 -04:00
Peter Parente
1631a6eab0 Minor update to clarify hub token auth 2017-04-04 22:33:57 -04:00
Min RK
c6fe145030 s/JupyterHubOAuthCallback/HubOAuthCallback/ 2017-04-04 17:02:34 +02:00
Min RK
5b1435081a remove redundant/unused code in mockservice fixture 2017-04-04 17:02:34 +02:00
Min RK
39fce0304d support oauth in services 
fix bugs caught by tests
 2017-04-04 17:02:34 +02:00
Min RK
5a5fdc2565 validate oauth client_id/secret 2017-04-04 17:02:33 +02:00
Min RK
bef121dbe3 get default hub_prefix from env 2017-04-04 17:02:33 +02:00
Min RK
0b7a43f6fa remove placeholder oauth example 2017-04-04 14:26:44 +02:00
Peter Parente
2d1a45f019 Merge pull request #1050 from willingc/admin-doc 
Clarify admin users and access in docs
 2017-03-31 20:58:54 -04:00
Carol Willing
5494172706 Clarify admin users and access in docs 2017-03-31 10:28:37 -07:00
Min RK
198bb875df delay evaluation of oauth environment variables 
only affects mocking in tests
 2017-03-31 17:07:21 +02:00
Min RK
d1822ee939 handle hub prefix in HubAuth 2017-03-31 17:06:51 +02:00
Min RK
5e1516189b allow oauth provider to be missing 
mostly for testing
 2017-03-31 16:15:00 +02:00
Min RK
5819b442aa stop using deprecated server cookie in tests 
use Hub cookie instead, which still exists
 2017-03-31 15:58:39 +02:00
Min RK
4bb8e47f3b implement admin-access with OAuth 2017-03-30 19:15:43 +02:00
Min RK
ff6a68112e put whole user model in cookie 
ensures cached value has all the info needed (group, etc.)
 2017-03-30 16:52:20 +02:00
Min RK
52b9060415 remove debug-print in self handler 2017-03-30 16:35:50 +02:00
Min RK
74728e5f42 make HubOAuth a subclass 
instead of implementing both shared-cookie and OAuth on HubAuth
 2017-03-30 15:57:58 +02:00
Min RK
3e482d08d7 Don't overwrite class name when patching-in hub auth 2017-03-30 15:24:48 +02:00
Min RK
7e55220c3f use OAuth in single-user server 2017-03-30 15:24:35 +02:00
Min RK
453d1daf8b move oauth tables to top-level orm 2017-03-29 13:35:13 +02:00
Min RK
d0eb4e0946 add /api/user handler for identifying the requester 2017-03-28 16:19:56 +02:00
Min RK
9a40196678 Avoid storing secrets and tokens at rest 
- OAuth access tokens *are* APITokens.
  oauth_access_tokens table only stores extra oauth metadata.
- only store hashed client_secret in database,
  using HashedCompare to allow comparison.
 2017-03-28 16:19:56 +02:00
Min RK
4f7552ea1d OAuth works! 2017-03-28 16:19:56 +02:00
Min RK
7412e357cf allow 'bearer' in Authorization header 
since that's what OAuth likes
 2017-03-28 16:19:56 +02:00
Min RK
bac96c679f fix login URL for oauth provider 2017-03-28 16:19:56 +02:00
Min RK
4f1d201286 OAuth handlers inherit from BaseHandler 2017-03-28 16:19:56 +02:00
Min RK
bcf6559514 WIP: Make JupyterHub an OAuth provider 2017-03-28 16:19:55 +02:00
Min RK
0af9f2b875 Merge pull request #1046 from willingc/iss753 
Add default behavior of whitelist to FAQ in docs
 2017-03-28 09:31:06 +02:00
Min RK
d9393c6663 Merge pull request #1047 from willingc/iss1024 
Add note to FAQ about updating node on Debian
 2017-03-28 09:30:30 +02:00
Carol Willing
00274c991f Add note to FAQ about updating node on Debian 2017-03-27 08:51:20 -07:00
Carol Willing
e6848b68aa Add default behaviorof whitelist to doc FAQ 2017-03-27 07:27:46 -07:00
Carol Willing
853a460bd7 Merge pull request #1043 from minrk/local.jovyan 
run subdomain test with localhost.jovyan.org
 2017-03-27 06:48:46 -07:00
Carol Willing
ff5b708707 Merge pull request #1044 from minrk/hex-regex 
match the whole content when checking if cookie secret is hex
 2017-03-27 06:46:15 -07:00
Min RK
0d62ba2f80 use hex secretfile in tests 2017-03-27 14:02:30 +02:00
Min RK
f257716d1b match the whole content when checking if cookie secret is hex 
fixes spurious message with base64 cookie secrets that start with hex subset
 2017-03-27 14:02:30 +02:00
Min RK
43a6cd0bf9 Merge pull request #1039 from minrk/validate_security 
prevent warnings about security in single-user servers
 2017-03-27 13:58:14 +02:00
Min RK
af8965664e Merge pull request #1030 from yuvipanda/port-configurable 
Tag c.Spawner.port as configurable
 2017-03-27 13:39:07 +02:00
Min RK
168ad315c7 run subdomain test with localhost.jovyan 
instead of relying on xip.io, which seems to be flaky sometimes
 2017-03-27 12:48:10 +02:00
Min RK
66510de4e9 Merge pull request #1040 from willingc/doc-logging 
Add rotating log info by @minrk to docs
 2017-03-27 12:37:32 +02:00