-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Configurable post_logout_url in the Authenticator base class #3336
Comments
I'm not sure it makes sense to customize the logout url itself via configuration. The primary effect of this, I would expect, is not actually logging the user out when visiting logout links on pages. Satisfying the request in jupyterhub/zero-to-jupyterhub-k8s#1475 certainly would have the effect that the user is not logged out from JupyterHub if they visit an external page instead of logging out. They might be logged out of something else, but not JupyterHub itself. logout_url as a method is overrideable instead because it only makes sense if used in combination with a custom Authenticator subclass that defines a new handler, which in turn specifies a new URL that needs to be returned by However, I think what might be requested is instead a post-logout redirect, that is a place to go after logging out, not instead of logging out. Here would be an example that might get closer to what the linked issue is after: from traitlets import Unicode
from jupyterhab.handlers.base import LogoutHandler
from jupyterhub.auth import Authenticator
from jupyterhub.utils import url_path_join
# custom logout handler that redirects to another page after finishing the default logout process
class CustomLogoutHandler(LogoutHandler):
async def render_logout_page(self):
# redirect to our post_logout_url instead of serving the "you have been logged out" page
if self.authenticator.post_logout_url:
self.redirect(self.authenticator.post_logout_url)
else:
await super().render_logout_page()
# configure our custom authenticator to
# 1. serve the custom handler
# 2. tell jupyterhub to use it
# 3. define the post-logout configuration value understood by our custom handler
class MyAuthenticator(Authenticator):
post_logout_url = Unicode(help="URL to redirect to after logging out from jupyterhub").tag(config=True)
def logout_url(self, base_url):
# on logout, use our custom logout handler instead of default
return url_path_join(base_url, "customlogout")
def get_handlers(self):
# tell the application to serve our custom logout handler
return super().get_handlers() + [("/customlogout", CustomLogoutHandler)]
# now we can set
c.MyAuthenticator.post_logout_url = "https://my.site/bye" If that's the case, then I think we can consider this a feature request to add something like this How does that sound? |
@minrk that sounds excellent, thank you for the thorough write up! |
I landed here looking for this same functionality today; I'm very excited to see this getting consideration. |
Would love to have this feature to trigger the logout from keycloak after jupyterhub logout |
Proposed change
To expose configuration of the Authenticator base class on where to redirect users that click on the Logout button and successfully logs out.
I open this issue as I'm closing this feature request in z2jh: jupyterhub/zero-to-jupyterhub-k8s#1475
Alternative options
To override the authenticator class wanted, and overriding the logout_url function.
Who would use this feature?
I'm not sure, but I can see it be relevant.
(Optional): Suggest a solution
To expose a traitlet with some name, which is made use of in the Authenticator base class default implementation of the logout_url function. The name would preferable have logout_url I think, but as the function is named that instead of for example get_logout_url we must use another name I think.
The text was updated successfully, but these errors were encountered: