[generic] test manage_groups

jupyterhub · Nov 29, 2023 · ee52a6d · ee52a6d
1 parent a134c6c
commit ee52a6d
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 2 deletions.
diff --git a/oauthenticator/generic.py b/oauthenticator/generic.py
@@ -164,7 +164,7 @@ async def update_auth_model(self, auth_model):
             user_groups = self.get_user_groups(user_info)
 
         if manage_groups:
-            auth_model["groups"] = user_groups
+            auth_model["groups"] = sorted(user_groups)
 
         if auth_model["admin"]:
             # auth_model["admin"] being True means the user was in admin_users

diff --git a/oauthenticator/tests/test_generic.py b/oauthenticator/tests/test_generic.py
@@ -1,6 +1,7 @@
 import json
 from functools import partial
 
+import pytest
 from pytest import fixture, mark
 from traitlets.config import Config
 
@@ -151,6 +152,15 @@ def get_authenticator(generic_client):
             False,
             False,
         ),
+        (
+            "20",
+            {
+                "manage_groups": True,
+                "allow_all": True,
+            },
+            True,
+            None,
+        ),
     ],
 )
 async def test_generic(
@@ -166,14 +176,24 @@ async def test_generic(
     c.GenericOAuthenticator = Config(class_config)
     c.GenericOAuthenticator.username_claim = "username"
     authenticator = get_authenticator(config=c)
+    manage_groups = False
+    if "manage_groups" in class_config:
+        try:
+            manage_groups = authenticator.manage_groups
+        except AttributeError:
+            pytest.skip("manage_groups requires jupyterhub 2.2")
+            1 / 0
 
     handled_user_model = user_model("user1")
     handler = generic_client.handler_for_user(handled_user_model)
     auth_model = await authenticator.get_authenticated_user(handler, None)
 
     if expect_allowed:
         assert auth_model
-        assert set(auth_model) == {"name", "admin", "auth_state"}
+        expected_keys = {"name", "admin", "auth_state"}
+        if manage_groups:
+            expected_keys.add("groups")
+        assert set(auth_model) == expected_keys
         assert auth_model["admin"] == expect_admin
         auth_state = auth_model["auth_state"]
         assert json.dumps(auth_state)
@@ -183,6 +203,9 @@ async def test_generic(
         assert "scope" in auth_state
         user_info = auth_state[authenticator.user_auth_state_key]
         assert auth_model["name"] == user_info[authenticator.username_claim]
+        if manage_groups:
+            assert auth_model["groups"] == user_info[authenticator.claim_groups_key]
+
     else:
         assert auth_model == None