Upgrading your OAuthenticator to version 16.0

The following section describes what to pay attention to when upgrading to OAuthenticator 16.0.

Breaking changes

1. username_key replaced by username_claim in all oauthenticators

   • GenericOAuthenticator.username_key is deprecated and replaced by OAuthenticator.username_claim.

   • Auth0OAuthenticator.username_key is deprecated and replaced by OAuthenticator.username_claim.

   Note

   The username_claim and the deprecated username_key refers to the field in the userdata response from which to get the JupyterHub username. Examples include: email, username, nickname. What keys are available depend on the scopes requested and the authenticator used.

2. GenericOAuthenticator.extra_params is deprecated and replaced by OAuthenticator.token_params.

3. The following public functions were removed:

   • OkpyOAuthenticator.get_auth_request(self, code)

   • OkpyOAuthenticator.get_user_info_request(self, access_token)

New

1. The name of the user key expected to be present in auth_state is now configurable through OAuthenticator.user_auth_state_key for all oauthenticators, and it defaults to their prior specific values.

2. The Authenticator.refresh_pre_spawn option is enabled by default if OAuthenticator.enable_auth_state is set.

3. The userdata query parameters OAuthenticator.userdata_params to be added to the request sent to OAuthenticator.userdata_url to get user data login information is now a configurable feature of all the oauthenticators.

   Note

   Previously, a GenericOAuthenticator only trait.

4. The method used for sending the access token in the userdata request[1], called OAuthenticator.userdata_token_method, is now a configurable feature of all the oauthenticators.

   Note

   Previously, a GenericOAuthenticator only trait.

5. It is now possible to pass extra parameters to the token request[2], using OAuthenticator.token_params for all of the oauthenticators.

   Note

   Previously, a GenericOAuthenticator only trait.

6. It is now possible to set whether or not to use basic authentication for the access token request[2] using OAuthenticator.basic_auth for all of the oauthenticators. Currently it defaults to False.

   Note

   Previously, a GenericOAuthenticator only trait.

---

[1]

The userdata request.

Whenever userdata request is used, it refers to the HTTP request that’s exchanging the the access token to get the userdata.

This request is sent to OAuthenticator.userdata_url in OAuthenticator.token_to_user() method.

[2] (1,2)

The token request.

Whenever token request is used, it refers to the HTTP request exchanging the oauth code for the access token.

This request is sent to the OAuthenticator.token_url in OAuthenticator.get_token_info() method.