Allow auth callback to be set from config

jupyter-server · Jul 5, 2023 · 804e1c2 · 804e1c2
1 parent 77bdf83
commit 804e1c2
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 14 deletions.
diff --git a/plugins/auth_fief/fps_auth_fief/backend.py b/plugins/auth_fief/fps_auth_fief/backend.py
@@ -10,29 +10,31 @@
 from .config import _AuthFiefConfig
 
 
-class CustomFiefAuth(FiefAuth):
-    client: FiefAsync
-
-    async def get_unauthorized_response(self, request: Request, response: Response):
-        redirect_uri = str(request.url_for("auth_callback"))
-        auth_url = await self.client.auth_url(redirect_uri, scope=["openid", "offline_access"])
-        raise HTTPException(
-            status_code=status.HTTP_307_TEMPORARY_REDIRECT,
-            headers={"Location": auth_url},
-        )
-
-
 @dataclass
 class Res:
     fief: FiefAsync
     session_cookie_name: str
-    auth: CustomFiefAuth
+    auth: FiefAuth
     current_user: Any
     update_user: Any
     websocket_auth: Any
 
 
 def get_backend(auth_fief_config: _AuthFiefConfig) -> Res:
+    class CustomFiefAuth(FiefAuth):
+        client: FiefAsync
+
+        async def get_unauthorized_response(self, request: Request, response: Response):
+            if auth_fief_config.callback_url:
+                redirect_uri = auth_fief_config.callback_url
+            else:
+                redirect_uri = str(request.url_for("auth_callback"))
+            auth_url = await self.client.auth_url(redirect_uri, scope=["openid", "offline_access"])
+            raise HTTPException(
+                status_code=status.HTTP_307_TEMPORARY_REDIRECT,
+                headers={"Location": auth_url},
+            )
+
     fief = FiefAsync(
         auth_fief_config.base_url,
         auth_fief_config.client_id,

diff --git a/plugins/auth_fief/fps_auth_fief/config.py b/plugins/auth_fief/fps_auth_fief/config.py
@@ -4,6 +4,7 @@
 
 class _AuthFiefConfig(AuthConfig):
     base_url: str = Field(description="Base URL of Fief tenant")
+    callback_url: str = Field(description="URL of the callback route", default="")
     client_id: str = Field(description="ID of Fief client")
     client_secret: str = Field(description="Secret of Fief client")
     admin_api_key: str = Field(description="Admin API key", default="")

diff --git a/plugins/auth_fief/fps_auth_fief/routes.py b/plugins/auth_fief/fps_auth_fief/routes.py
@@ -31,7 +31,10 @@ async def auth_callback(
                 response: Response,
                 code: str = Query(...),
             ):
-                redirect_uri = str(request.url_for("auth_callback"))
+                if auth_fief_config.callback_url:
+                    redirect_uri = auth_fief_config.callback_url
+                else:
+                    redirect_uri = str(request.url_for("auth_callback"))
                 tokens, user_info = await backend.fief.auth_callback(code, redirect_uri)
 
                 user_id = user_info["sub"]