Skip to content

Commit

Permalink
azuread: retain default of deprecated user_groups_claim within auth_s…
Browse files Browse the repository at this point in the history 
…tate_groups_key
  • Loading branch information
@consideRatio
consideRatio committed Sep 3, 2024
1 parent f92b511 commit 05778cd
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 9 deletions.
2 changes: 1 addition & 1 deletion docs/source/tutorials/provider-specific-setup/providers/azuread.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ c.JupyterHub.authenticator_class = "azuread"
# {...} other settings (see above)

c.AzureAdOAuthenticator.manage_groups = True
c.AzureAdOAuthenticator.auth_state_groups_key = 'user.groups'
c.AzureAdOAuthenticator.auth_state_groups_key = "user.groups" # this is the default
```

This requires Azure AD to be configured to include the group-membership in the access token.
2 changes: 1 addition & 1 deletion oauthenticator/azuread.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ def _username_claim_default(self):

@default('auth_state_groups_key')
def _auth_state_groups_key_default(self):
key = ""
key = "user.groups"
if self.user_groups_claim:
key = f"{self.user_auth_state_key}.{self.user_groups_claim}"
cls = self.__class__.__name__
Expand Down
10 changes: 3 additions & 7 deletions oauthenticator/tests/test_azuread.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -117,12 +117,12 @@ def user_model(tenant_id, client_id, name):
True,
None,
),
# test user_groups_claim
# test user_groups_claim (deprecated)
(
"30",
{
"allow_all": True,
"auth_state_groups_key": "user.groups",
"user_groups_claim": "groups",
"manage_groups": True,
},
True,
Expand All @@ -133,7 +133,7 @@ def user_model(tenant_id, client_id, name):
{
"allow_all": True,
"manage_groups": True,
"auth_state_groups_key": "user.grp",
"user_groups_claim": "grp",
},
True,
None,
Expand All @@ -143,7 +143,6 @@ def user_model(tenant_id, client_id, name):
"40",
{
"allowed_groups": {"group1"},
"auth_state_groups_key": "user.groups",
"manage_groups": True,
},
True,
Expand All @@ -153,7 +152,6 @@ def user_model(tenant_id, client_id, name):
"41",
{
"allowed_groups": {"test-user-not-in-group"},
"auth_state_groups_key": "user.groups",
"manage_groups": True,
},
False,
Expand All @@ -163,7 +161,6 @@ def user_model(tenant_id, client_id, name):
"42",
{
"admin_groups": {"group1"},
"auth_state_groups_key": "user.groups",
"manage_groups": True,
},
True,
Expand All @@ -173,7 +170,6 @@ def user_model(tenant_id, client_id, name):
"43",
{
"admin_groups": {"test-user-not-in-group"},
"auth_state_groups_key": "user.groups",
"manage_groups": True,
},
False,
Expand Down

0 comments on commit 05778cd

Please sign in to comment.