use persited auth_state

Allow authstate to be persisted
2024-01-13 16:20:19 +01:00 · 2024-01-13 16:09:47 +01:00
1 changed files with 18 additions and 9 deletions
--- a/jupyter/base/values/values.yaml
+++ b/jupyter/base/values/values.yaml
@ -15,25 +15,28 @@ hub:
      from oauthenticator.generic import GenericOAuthenticator
      def post_auth_hook(authenticator, handler, authentication):
        user = authentication['auth_state']['oauth_user']['ocs']['data']['id']
-        auth_state = authentication['auth_state']
-        auth_state['token_expires'] =  time.time() + auth_state['token_response']['expires_in']
-        authenticator.user_dict[user] = auth_state
+        authentication['auth_state']['token_expires'] =  time.time() + auth_state['token_response']['expires_in']
        return authentication
      class NextcloudOAuthenticator(GenericOAuthenticator):
        def __init__(self, *args, **kwargs):
          super().__init__(*args, **kwargs)
          self.user_dict = {}

-        def pre_spawn_start(self, user, spawner):
+        async def pre_spawn_start(self, user, spawner):
          super().pre_spawn_start(user, spawner)
-          access_token = self.user_dict[user.name]['access_token']
+          auth_state = await user.get_auth_state()
+          if not auth_state:
+            return
+          access_token = auth_state['access_token']
          spawner.environment['NEXTCLOUD_ACCESS_TOKEN'] = access_token

        async def refresh_user(self, user, handler=None):
-          try:
-            access_token = self.user_dict[user.name]['access_token']
-            refresh_token = self.user_dict[user.name]['refresh_token']
-            token_response = self.user_dict[user.name]['token_response']
+          auth_state = await user.get_auth_state()
+          if not auth_state:
+            return False
+          access_token = auth_state['access_token']
+          refresh_token = auth_state['refresh_token']
+            token_response = name]['token_response']
            now = time.time()
            expires = self.user_dict[user.name]['token_expires']
            if now >= expires:
@ -42,6 +45,7 @@ hub:
            print(f'Time is: {now}, token expires: {expires}')
            return True
          except KeyError:
+            print(f'No auth_state available for user: {user.name}')
            return False

      c.JupyterHub.authenticator_class = NextcloudOAuthenticator
@ -62,6 +66,11 @@ hub:
  extraEnv:
    NEXTCLOUD_HOST: sunet.drive.test.sunet.se
    JUPYTER_HOST: jupyter.drive.test.sunet.se
+    JUPYTERHUB_CRYPT_KEY:
+      valueFrom:
+        secretKeyRef:
+          name: jupyterhub-secrets
+          key: crypt-key
    NEXTCLOUD_CLIENT_ID:
      valueFrom:
        secretKeyRef:
Author	SHA1	Message	Date
Micke Nordin	c143d96fab	use persited auth_state	2024-01-13 16:20:19 +01:00
Micke Nordin	c4c4ff2f31	Allow authstate to be persisted	2024-01-13 16:09:47 +01:00