Apply suggestions from code review

- improve comments - improve error logging Co-authored-by: Michał Krassowski <[email protected]>
nebari-dev · May 27, 2024 · 6e1cdd9 · 6e1cdd9
1 parent c04fc89
commit 6e1cdd9
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/...etes_services/template/modules/kubernetes/services/jupyterhub/files/jupyterhub/04-auth.py b/...etes_services/template/modules/kubernetes/services/jupyterhub/files/jupyterhub/04-auth.py
@@ -148,7 +148,7 @@ def _get_scope_from_role(self, role):
         """Return scopes from role if the component is jupyterhub"""
         role_scopes = role.get("attributes", {}).get("scopes", [])
         component = role.get("attributes", {}).get("component")
-        # Attributes as returned as array
+        # Attributes are returned as a single-element array, unless `##` delimiter is used in Keycloak
         # See this: https://stackoverflow.com/questions/68954733/keycloak-client-role-attribute-array
         if component == ["jupyterhub"] and role_scopes:
             return self.validate_scopes(role_scopes[0].split(","))
@@ -164,8 +164,8 @@ def validate_scopes(self, role_scopes):
             # as a invalid scopes could cause hub pod to fail
             scopes._check_scopes_exist(role_scopes)
             return role_scopes
-        except scopes.ScopeNotFound:
-            self.log.error(f"Invalid scopes, skipping: {role_scopes}")
+        except scopes.ScopeNotFound as e:
+            self.log.error(f"Invalid scopes, skipping: {role_scopes} ({e})")
         return []
 
     async def _get_roles_with_attributes(self, roles: dict, client_id: str, token: str):