Merge pull request #523 from manics/auth-scopes

Allow configuration of OAuthenticator.scope
jupyterhub · Feb 26, 2018 · 9cfcc6e · 9cfcc6e
2 parents 14f1b09 + 9b428f1
commit 9cfcc6e
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 1 deletion.
diff --git a/images/hub/jupyterhub_config.py b/images/hub/jupyterhub_config.py
@@ -139,7 +139,6 @@
     org_whitelist = get_config('auth.github.org_whitelist', [])
     if len(org_whitelist) != 0:
         c.GitHubOAuthenticator.github_organization_whitelist = org_whitelist
-        c.GitHubOAuthenticator.scope = ['read:org'] # required for private membership
 elif auth_type == 'cilogon':
     c.JupyterHub.authenticator_class = 'oauthenticator.CILogonOAuthenticator'
     c.CILogonOAuthenticator.oauth_callback_url = get_config('auth.cilogon.callback-url')
@@ -186,6 +185,10 @@
 else:
     raise ValueError("Unhandled auth type: %r" % auth_type)
 
+auth_scopes = get_config('auth.scopes')
+if auth_scopes:
+    c.OAuthenticator.scope = auth_scopes
+
 c.Authenticator.enable_auth_state = get_config('auth.state.enabled', False)
 
 def generate_user_email(spawner):

diff --git a/jupyterhub/templates/hub/configmap.yaml b/jupyterhub/templates/hub/configmap.yaml
@@ -71,6 +71,11 @@ data:
   auth.custom.config : {{ toJson .Values.auth.custom.config | quote }}
   {{- end }}
 
+  {{ if .Values.auth.scopes -}}
+  auth.scopes: |
+{{ toYaml .Values.auth.scopes | indent 4}}
+  {{- end }}
+
   auth.state.enabled: {{ .Values.auth.state.enabled | quote }}
 
   {{ if .Values.singleuser.lifecycleHooks -}}