Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
# Helpers to jsonify/de-jsonify request_token
# It is a named tuple with bytestrings, json.dumps balks
def jsonify(request_token):
return json.dumps([
request_token.key,
request_token.secret,
])
def dejsonify(js):
key, secret = json.loads(js)
return RequestToken(key, secret)
class MWLoginHandler(BaseHandler):
async def get(self):
consumer_token = ConsumerToken(
self.authenticator.client_id,
self.authenticator.client_secret,
)
handshaker = Handshaker(
self.authenticator.mw_index_url, consumer_token
)
redirect, request_token = await wrap_future(
self.authenticator.executor.submit(handshaker.initiate)
)
self.set_secure_cookie(
AUTH_REQUEST_COOKIE_NAME,
"""login_user simplifies the login+cookie+auth_state process in JupyterHub 0.8
_login_user_07 is for backward-compatibility with JupyterHub 0.7
"""
user_info = await self.authenticator.get_authenticated_user(self, None)
if user_info is None:
return
if isinstance(user_info, dict):
username = user_info['name']
else:
username = user_info
user = self.user_from_username(username)
self.set_login_cookie(user)
return user
if not hasattr(BaseHandler, 'login_user'):
# JupyterHub 0.7 doesn't have .login_user
login_user = _login_user_pre_08
async def get(self):
self.check_arguments()
user = await self.login_user()
if user is None:
# todo: custom error page?
raise web.HTTPError(403)
self.redirect(self.get_next_url(user))
class OAuthenticator(Authenticator):
"""Base class for OAuthenticators
Subclasses must override:
import os
from jupyterhub.handlers import BaseHandler
from jupyterhub.auth import Authenticator
from jupyterhub.auth import LocalAuthenticator
from jupyterhub.utils import url_path_join
from tornado import gen, web
from traitlets import Unicode
class RemoteUserLoginHandler(BaseHandler):
def get(self):
header_name = self.authenticator.header_name
remote_user = self.request.headers.get(header_name, "")
if remote_user == "":
raise web.HTTPError(401)
user = self.user_from_username(remote_user)
self.set_login_cookie(user)
next_url = self.get_next_url(user)
self.redirect(next_url)
class RemoteUserAuthenticator(Authenticator):
"""
Accept the authenticated user name from the REMOTE_USER HTTP header.
BASH_ENV="/opt/app-root/etc/profile",
PROMPT_COMMAND=". /opt/app-root/etc/profile"
),
}
])
# Pass through for dashboard the URL where should be redirected in order
# to restart a session, with a new instance created with fresh image.
c.Spawner.environment['RESTART_URL'] = '/restart'
# Redirect handler for sending /restart back to home page for user.
from jupyterhub.handlers import BaseHandler
class RestartRedirectHandler(BaseHandler):
@web.authenticated
@gen.coroutine
def get(self, *args):
user = yield self.get_current_user()
if user.running:
status = yield user.spawner.poll_and_notify()
if status is None:
yield self.stop_single_user(user)
self.redirect('/hub/spawn')
c.JupyterHub.extra_handlers.extend([
(r'/restart$', RestartRedirectHandler),
])
to the CAS logout URL.
"""
async def get(self):
user = self.current_user
if user:
self.log.info("User logged out: %s", user.name)
self.clear_login_cookie()
self.statsd.incr('logout')
url = self.authenticator.cas_logout_url
self.log.debug("Redirecting to CAS logout: {0}".format(url))
self.redirect(url, permanent=False)
class CASLoginHandler(BaseHandler):
"""
Authenticate users via the CAS protocol.
"""
async def get(self):
app_log = logging.getLogger("tornado.application")
ticket = self.get_argument("ticket", None)
has_service_ticket = ticket is not None
app_log.debug("Has service ticket? {0}".format(has_service_ticket))
# Redirect to get ticket if not presenting one
if not has_service_ticket:
cas_service_url = self.make_service_url()
qs_map = dict(service=cas_service_url)
qs = urllib.parse.urlencode(qs_map)
url = "{0}?{1}".format(self.authenticator.cas_login_url, qs)
BASH_ENV="/opt/app-root/etc/profile",
PROMPT_COMMAND=". /opt/app-root/etc/profile"
),
}
])
# Pass through for dashboard the URL where should be redirected in order
# to restart a session, with a new instance created with fresh image.
c.Spawner.environment['RESTART_URL'] = '/restart'
# Redirect handler for sending /restart back to home page for user.
from jupyterhub.handlers import BaseHandler
class RestartRedirectHandler(BaseHandler):
@web.authenticated
@gen.coroutine
def get(self, *args):
user = yield self.get_current_user()
if user.running:
status = yield user.spawner.poll_and_notify()
if status is None:
yield self.stop_single_user(user)
self.redirect('/hub/spawn')
c.JupyterHub.extra_handlers.extend([
(r'/restart$', RestartRedirectHandler),
])
BASH_ENV="/opt/app-root/etc/profile",
PROMPT_COMMAND=". /opt/app-root/etc/profile"
),
}
])
# Pass through for dashboard the URL where should be redirected in order
# to restart a session, with a new instance created with fresh image.
c.Spawner.environment['RESTART_URL'] = '/restart'
# Redirect handler for sending /restart back to home page for user.
from jupyterhub.handlers import BaseHandler
class RestartRedirectHandler(BaseHandler):
@web.authenticated
@gen.coroutine
def get(self, *args):
user = yield self.get_current_user()
if user.running:
status = yield user.spawner.poll_and_notify()
if status is None:
yield self.stop_single_user(user)
self.redirect(homeroom_link or '/hub/spawn')
c.JupyterHub.extra_handlers.extend([
(r'/restart$', RestartRedirectHandler),
])
"""handlers for human-facing pages"""
from tornado import gen, web
from jupyterhub.handlers import BaseHandler as JupyterHubBaseHandler
from jupyterhub.services.auth import HubAuthenticated
from jupyterhub.utils import url_path_join
class BaseHandler(HubAuthenticated, JupyterHubBaseHandler):
"""A hubshare base handler"""
# register URL patterns
urls = []
@property
def hub_auth(self):
return self.settings.get('hub_auth')
@property
def csp_report_uri(self):
return self.settings.get('csp_report_uri',
url_path_join(self.settings.get('hub_base_url', '/hub'), 'security/csp-report')
)
import uuid
from traitlets import Bool
from tornado import gen
from jupyterhub.auth import Authenticator
from jupyterhub.handlers import BaseHandler
from jupyterhub.utils import url_path_join
class TmpAuthenticateHandler(BaseHandler):
def initialize(self, force_new_server, process_user):
super().initialize()
self.force_new_server = force_new_server
self.process_user = process_user
@gen.coroutine
def get(self):
raw_user = yield self.get_current_user()
if raw_user:
if self.force_new_server and raw_user.running:
status = yield raw_user.spawner.poll_and_notify()
if status is None:
yield self.stop_single_user(raw_user)
from jupyterhub.auth import Authenticator, LocalAuthenticator
from jupyterhub.handlers import BaseHandler
from traitlets import Unicode, List, validate, TraitError
from tornado import web
from jhub_shibboleth_auth.utils import add_system_user
class ShibbolethLoginHandler(BaseHandler):
def _get_user_data_from_request(self):
"""Get shibboleth attributes (user data) from request headers."""
# print('HEADERS:', self.request.headers)
# NOTE: The Persistent ID is a triple with the format:
# !
# !
#
user_data = {}
for i, header in enumerate(self.authenticator.headers):
value = self.request.headers.get(header, "")
if value:
try:
# sometimes header value is in latin-1 encoding
# TODO what causes this? fix encoding in there
value = value.encode('latin-1').decode('utf-8')