How to use oauthenticator - 10 common examples
To help you get started, we’ve selected a few oauthenticator examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
ryanlovett / jh-google-oauthenticator / oauthenticator.py View on Github 
def authenticate(self, handler):
username = yield GoogleOAuthenticator.authenticate(self, handler)
if not username or not username.endswith('@'+self.hosted_domain):
username = None
else:
username = username.split('@')[0]
if self.whitelist and username not in self.whitelist:
username = None
raise gen.Return(username)self.log.error("Failed to create %r", user.name, exc_info=True)
raise
# todo: save the user id into the whitelist or somewhere
info = json.loads(resp.body.decode('utf8', 'replace'))
self.log.info("Created user %s with uid %i", user.name, info['uid'])
if user.state is None:
user.state = {}
user.state['user_id'] = info['uid']
self.db.commit()
# update the state in the spawner, so that it knows the user id, etc.
user.spawner.load_state(user.state)
class DockerOAuthenticator(DockerAuthenticator, GoogleOAuthenticator):
"""A version that mixes in local system user creation from within a
docker container, and Google OAuthentication.
"""
passhttp_client = handler.get_auth_http_client()
response = yield http_client.fetch(
self.ACCESS_TOKEN_URL + '?access_token=' + access_token
)
if not response:
self.clear_all_cookies()
raise HTTPError(500, 'Google authentication failed')
bodyjs = json.loads(response.body.decode())
username = bodyjs['email']
raise gen.Return(username)
class GoogleAppsOAuthenticator(GoogleOAuthenticator):
hosted_domain = Unicode(os.environ.get('HOSTED_DOMAIN', ''), config=True)
@gen.coroutine
def authenticate(self, handler):
username = yield GoogleOAuthenticator.authenticate(self, handler)
if not username or not username.endswith('@'+self.hosted_domain):
username = None
else:
username = username.split('@')[0]
if self.whitelist and username not in self.whitelist:
username = None
raise gen.Return(username) @gen.coroutine
def authenticate(self, handler):
username = yield GoogleOAuthenticator.authenticate(self, handler)
if not username or not username.endswith('@'+self.hosted_domain):
username = None
else:
username = username.split('@')[0]
if self.whitelist and username not in self.whitelist:
username = None
raise gen.Return(username)
class LocalGoogleOAuthenticator(LocalAuthenticator, GoogleOAuthenticator):
"""A version that mixes in local system user creation"""
pass
class LocalGoogleAppsOAuthenticator(LocalAuthenticator, GoogleAppsOAuthenticator):
"""A version that mixes in local system user creation"""
passif not username or not username.endswith('@'+self.hosted_domain):
username = None
else:
username = username.split('@')[0]
if self.whitelist and username not in self.whitelist:
username = None
raise gen.Return(username)
class LocalGoogleOAuthenticator(LocalAuthenticator, GoogleOAuthenticator):
"""A version that mixes in local system user creation"""
pass
class LocalGoogleAppsOAuthenticator(LocalAuthenticator, GoogleAppsOAuthenticator):
"""A version that mixes in local system user creation"""
passThis adds the user to the whitelist, and creates a system user by
accessing a simple REST api.
"""
homedir = os.path.join('/', 'home', user.name)
os.mkdir(homedir)
os.chown(homedir, 2000, 2000)
self.log.info("Created home directory for user %s", user.name)
if user.state is None:
user.state = {}
user.state['user_id'] = 2000
self.db.commit()
class DockerOAuthenticator(DockerAuthenticator, GoogleAppsOAuthenticator):
"""A version that mixes in local system user creation from within a
docker container, and Google OAuthentication.
"""
pass
from oauthenticator.github import LocalGitHubOAuthenticator
import os
c.JupyterHub.authenticator_class = LocalGitHubOAuthenticator
c.LocalGitHubOAuthenticator.create_system_users = True
c.JupyterHub.admin_access = True
c.Spawner.cmd = ['jupyter-labhub']
c.Authenticator.whitelist = set(os.environ.get('JUPYTERHUB_ADMIN', '').split(','))
c.Authenticator.admin_users = set(os.environ.get('JUPYTERHUB_ADMIN', '').split(','))redirect, request_token = await wrap_future(
self.authenticator.executor.submit(handshaker.initiate)
)
self.set_secure_cookie(
AUTH_REQUEST_COOKIE_NAME,
jsonify(request_token),
expires_days=1,
path=url_path_join(self.base_url, 'hub', 'oauth_callback'),
httponly=True)
self.log.info('oauth redirect: %r', redirect)
self.redirect(redirect)
class MWCallbackHandler(OAuthCallbackHandler):
"""
Override OAuthCallbackHandler to take out state parameter handling.
mwoauth doesn't seem to support it for now!
"""
def check_arguments(self):
pass
def get_state_url(self):
return None
class MWOAuthenticator(OAuthenticator):
login_service = 'MediaWiki'
login_handler = MWLoginHandlerdef azure_authorize_url_for(tentant):
return 'https://login.microsoftonline.com/{0}/oauth2/authorize'.format(
tentant)
class AzureAdMixin(OAuth2Mixin):
tenant_id = os.environ.get('AAD_TENANT_ID', '')
_OAUTH_ACCESS_TOKEN_URL = azure_token_url_for(tenant_id)
_OAUTH_AUTHORIZE_URL = azure_authorize_url_for(tenant_id)
class AzureAdLoginHandler(OAuthLoginHandler, AzureAdMixin):
pass
class AzureAdOAuthenticator(OAuthenticator):
login_service = Unicode(
os.environ.get('LOGIN_SERVICE', 'Azure AD'),
config=True,
help="""Azure AD domain name string, e.g. My College"""
)
login_handler = AzureAdLoginHandler
tenant_id = Unicode(config=True)
username_claim = Unicode(config=True)
@default('tenant_id')
def _tenant_id_default(self):
return os.environ.get('AAD_TENANT_ID', '')
@default('username_claim')return {"Accept": "application/json",
"User-Agent": "JupyterHub",
"Authorization": "Bearer {}".format(access_token)
}
class BitbucketMixin(OAuth2Mixin):
_OAUTH_AUTHORIZE_URL = "https://bitbucket.org/site/oauth2/authorize"
_OAUTH_ACCESS_TOKEN_URL = "https://bitbucket.org/site/oauth2/access_token"
class BitbucketLoginHandler(OAuthLoginHandler, BitbucketMixin):
pass
class BitbucketOAuthenticator(OAuthenticator):
login_service = "Bitbucket"
client_id_env = 'BITBUCKET_CLIENT_ID'
client_secret_env = 'BITBUCKET_CLIENT_SECRET'
login_handler = BitbucketLoginHandler
team_whitelist = Set(
config=True,
help="Automatically whitelist members of selected teams",
)
bitbucket_team_whitelist = team_whitelist
headers = {"Accept": "application/json",
"User-Agent": "JupyterHub",oauthenticator
OAuthenticator: Authenticate JupyterHub users with common OAuth providers
Package Health Score
90 / 100Popular oauthenticator functions
- oauthenticator.__version__
- oauthenticator.auth0.Auth0Mixin
- oauthenticator.auth0.Auth0OAuthenticator
- oauthenticator.azuread.AzureAdMixin
- oauthenticator.azuread.AzureAdOAuthenticator
- oauthenticator.azureadb2c.AzureAdB2CMixin
- oauthenticator.github.LocalGitHubOAuthenticator
- oauthenticator.gitlab.GitLabOAuthenticator
- oauthenticator.GoogleAppsOAuthenticator
- oauthenticator.GoogleLoginHandler
- oauthenticator.GoogleOAuthenticator
- oauthenticator.GoogleOAuthenticator.authenticate
- oauthenticator.GoogleOAuthHandler
- oauthenticator.oauth2.OAuthenticator
- oauthenticator.oauth2.OAuthLoginHandler
- oauthenticator.OAuthCallbackHandler
- oauthenticator.OAuthenticator
- oauthenticator.OAuthLoginHandler
- oauthenticator.openshift.OpenShiftOAuthenticator
- oauthenticator.openshift.OpenShiftOAuthenticator.scope