How to set config.yaml for multiple OAuth providers

nscozzaro · August 17, 2019, 4:29pm

I’m following the JupyterHub authentication instructions (https://zero-to-jupyterhub.readthedocs.io/en/latest/authentication.html) and I can get one OAuth provider to work, but I’m stuck trying to get multiple to work at the same time (e.g. both Github and Google OAuth). If someone may share the correct way of setting multiple OAuth providers in config.yaml please let me know.
I think the problem is the syntax I’m trying to use in my config.yaml:

# config.yaml
auth:
 -  type: github
    github:
      clientId: "y0urg1thubc1ient1d"
      clientSecret: "an0ther1ongs3cretstr1ng"
      callbackUrl: "http://<your_jupyterhub_host>/hub/oauth_callback"
 -  type: google
    google:
      clientId: "yourlongclientidstring.apps.googleusercontent.com"
      clientSecret: "adifferentlongstring"
      callbackUrl: "http://<your_jupyterhub_host>/hub/oauth_callback"
      hostedDomain: "youruniversity.edu"
      loginService: "Your University"

The error I’m getting when running helm upgrade ... is:

Error: render error in "jupyterhub/templates/proxy/deployment.yaml": template: jupyterhub/templates/proxy/deployment.yaml:26:32: executing "jupyterhub/templates/proxy/deployment.yaml" at <include (print $.Template.BasePath "/hub/secret.yaml") .>: error calling include: template: jupyterhub/templates/hub/secret.yaml:16:16: executing "jupyterhub/templates/hub/secret.yaml" at <.Values.auth.state.enabled>: can't evaluate field state in type interface {}
Error: UPGRADE FAILED: render error in "jupyterhub/templates/proxy/deployment.yaml": template: jupyterhub/templates/proxy/deployment.yaml:26:32: executing "jupyterhub/templates/proxy/deployment.yaml" at <include (print $.Template.BasePath "/hub/secret.yaml") .>: error calling include: template: jupyterhub/templates/hub/secret.yaml:16:16: executing "jupyterhub/templates/hub/secret.yaml" at <.Values.auth.state.enabled>: can't evaluate field state in type interface {}

betatim · August 17, 2019, 4:57pm

I don’t think it is possible to have multiple authenticators :-/

nscozzaro · August 17, 2019, 5:54pm

I see, thanks for that info Tim.

richcranney · August 18, 2019, 7:50pm

You could potentially have two authentication, but you would need to create you own authentication module and have one as the default, then the second as a backup.

For example, using GitHub as the first authentication method, when you get an authorisation error, it calls the second authentication method such as Google.

I haven’t done it, but in theory is sounds like something that could be done, right?

manics · August 21, 2019, 8:52pm

I wouldn’t do that because it’ll provide a bad experience for the user- they’ll be directed and asked to login to each OAuth provider in turn. A nicer interface is to ask the user to choose which OAuth provider they wish to use- the discourse login page which has GitHub and Google OAuth options is a good example.

Topic		Replies	Views
Multiple authentication sources for Zero to JupyterHub Zero to JupyterHub on Kubernetes	1	1379	October 24, 2020
Authentication Issues Zero to JupyterHub on Kubernetes	2	704	February 25, 2020
Issue in setting up Jupyterhub OAuth JupyterHub how-to	0	406	April 20, 2020
Configuring Zero To Jupyter Hub to use an arbitrary OAuth2 provider Zero to JupyterHub on Kubernetes jupyterhub , how-to	7	1468	October 10, 2023
Enable HTTPS gives error: "nginx-proxy-config" already exists Zero to JupyterHub on Kubernetes	0	619	September 13, 2019

How to set config.yaml for multiple OAuth providers

Related Topics