4👍
✅
Turned out to be a few minor bugs I had to work through to get this to work:
- The URL used to get a token is relative to the JupyterHub server, NOT relative to the client/browser like the authorization url is. In the Docker Compose example provided, the django authentication server is “localhost:8000” relative to the client, but “django:8000” relative to the JupyterHub server.
- The appropriate hostnames (both “localhost” and “django”) therefore needed to be in the Django app’s ALLOWED_HOSTS list.
-
I’m not positive it’s necessary, but I also added the middleware suggested by the oauth-toolkit documentation:
MIDDLEWARE = [
…,
‘oauth2_provider.middleware.OAuth2TokenMiddleware’,
] -
JupyterHub also expects a userdata URL to get a username. This must be provided in the OAUTH2_USERDATA_URL environment variable (again, using a URL relative to the JupyterHub server), and that URL must return a JSON blob with, at least, a ‘username’ key.
Complete diffs from the previous code to the working example are available at this commit (as well as a complete, minimal example in that repository).
Source:stackexchange.com