Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add more authentication methods #103

Merged
merged 18 commits into from
Aug 19, 2021
Merged

Add more authentication methods #103

merged 18 commits into from
Aug 19, 2021

Conversation

jaimergp
Copy link
Member

@jaimergp jaimergp commented Aug 11, 2021

Closes #101

  • Configurable traitlet
  • Dummy (based on JupyterHub's)
  • OAuth

@@ -159,6 +161,20 @@ def ui_get_build(build_id):
return render_template("build.html", **context)


@app_ui.route("/user/", methods=["GET"])
def ui_get_user():
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ahh. I think you are thinking of this differently. Github has a route that should be called within the callback_url method https://api.github.com/user to get the username and organizations that the user is a member of.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

And conda-store shouldn't keep any information about the user. I'm saying this because every authentication provider is a bit different and may not provide an email/username etc. Additionally not everything logged into conda-store is a user. Often times it will be a service that has authenticated via a conda-store token. So conda-store should only be concerned about storing the authorization that the given authenticated user has (unless we want to handle to complexity of is this a user or a service etc. which I think is unneeded).

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am doing that here and then saving the user data as json cookie. I didn't get the organizations yet to save a query and because I want to know how generic this needs to be (organizations might be GH-specific).

conda_store = get_conda_store()
auth = get_auth()

# TODO: how does authorization work?
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@costrouc Any idea how to manage this here? I couldn't get this bit to work 😬

@costrouc costrouc force-pushed the auth branch 2 times, most recently from e3829cd to 9dc89cf Compare August 19, 2021 03:16
@costrouc costrouc merged commit 52b4417 into main Aug 19, 2021
@costrouc costrouc deleted the auth branch August 19, 2021 04:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Generic OAuth2, JupyterHub, and Dummy Authentication
2 participants