auth test: grant users access to binder services

jupyterhub · Oct 13, 2022 · 937feb2 · 937feb2
1 parent 79f94ce
commit 937feb2
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 4 deletions.
diff --git a/testing/local-binder-k8s-hub/binderhub_config_auth_additions.py b/testing/local-binder-k8s-hub/binderhub_config_auth_additions.py
@@ -15,6 +15,7 @@
 here = os.path.abspath(os.path.dirname(__file__))
 load_subconfig(os.path.join(here, "binderhub_config.py"))
 
+
 # Additional auth related configuration
 c.BinderHub.base_url = "/"
 c.BinderHub.auth_enabled = True
@@ -23,7 +24,7 @@
 c.HubOAuth.api_token = c.BinderHub.hub_api_token
 c.HubOAuth.api_url = c.BinderHub.hub_url + "/hub/api/"
 c.HubOAuth.base_url = c.BinderHub.base_url
-c.HubOAuth.hub_prefix = c.BinderHub.base_url + "hub/"
-c.HubOAuth.oauth_redirect_uri = "http://127.0.0.1:8585/oauth_callback"
-c.HubOAuth.oauth_client_id = "service-binder"
-c.HubOAuth.access_scopes = {"access:services!service=binder"}
+
+# multiple values, including access scopes and oauth client id
+# are derived from $JUPYTERHUB_SERVICE_NAME by default
+service_name = os.environ["JUPYTERHUB_SERVICE_NAME"] = "binder"
diff --git a/testing/local-binder-k8s-hub/jupyterhub-chart-config-auth-additions.yaml b/testing/local-binder-k8s-hub/jupyterhub-chart-config-auth-additions.yaml
@@ -13,3 +13,8 @@ hub:
       password: "dummy"
     BinderSpawner:
       auth_enabled: true
+  loadRoles:
+    users:
+      scopes:
+        - self
+        - "access:services"