Merge pull request #3454 from consideRatio/pr/cleanup-2

cilogon hubs: declare first allowed_idps entry as default

config/clusters/2i2c-aws-us/cosmicds.values.yaml

@@ -83,6 +83,7 @@ jupyterhub:
         oauth_callback_url: https://cosmicds.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           http://github.com/login/oauth/authorize:
+            default: true
             username_derivation:
               username_claim: "preferred_username"
             allow_all: true

config/clusters/2i2c-uk/staging.values.yaml

@@ -41,5 +41,6 @@ jupyterhub:
         oauth_callback_url: "https://staging.uk.2i2c.cloud/hub/oauth_callback"
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: "email"

config/clusters/2i2c/aup.values.yaml

@@ -40,6 +40,7 @@ jupyterhub:
         oauth_callback_url: "https://aup.pilot.2i2c.cloud/hub/oauth_callback"
         allowed_idps:
           http://github.com/login/oauth/authorize:
+            default: true
             username_derivation:
               username_claim: "preferred_username"
       OAuthenticator:

config/clusters/2i2c/binder-staging.values.yaml

@@ -74,6 +74,7 @@ binderhub:
           oauth_callback_url: "https://binder-staging.hub.2i2c.cloud/hub/oauth_callback"
           allowed_idps:
             http://google.com/accounts/o8/id:
+              default: true
               username_derivation:
                 username_claim: "email"
         Authenticator:

config/clusters/2i2c/dask-staging.values.yaml

@@ -47,5 +47,6 @@ basehub:
           oauth_callback_url: "https://dask-staging.2i2c.cloud/hub/oauth_callback"
           allowed_idps:
             http://google.com/accounts/o8/id:
+              default: true
               username_derivation:
                 username_claim: "email"

config/clusters/2i2c/demo.values.yaml

@@ -34,6 +34,7 @@ jupyterhub:
         allowed_idps:
           # UTexas hub
           https://enterprise.login.utexas.edu/idp/shibboleth:
+            default: true
             username_derivation:
               username_claim: "eppn"
             allow_all: true

config/clusters/2i2c/mtu.values.yaml

@@ -38,6 +38,7 @@ jupyterhub:
         allowed_idps:
           # Allow MTU to login via Shibboleth
           https://sso.mtu.edu/idp/shibboleth:
+            default: true
             username_derivation:
               username_claim: "email"
             allowed_domains:

config/clusters/2i2c/neurohackademy.values.yaml

@@ -59,6 +59,7 @@ jupyterhub:
         oauth_callback_url: https://neurohackademy.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           http://github.com/login/oauth/authorize:
+            default: true
             username_derivation:
               username_claim: "preferred_username"
       OAuthenticator:

config/clusters/2i2c/staging.values.yaml

@@ -58,5 +58,6 @@ jupyterhub:
         oauth_callback_url: "https://staging.2i2c.cloud/hub/oauth_callback"
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: "email"

config/clusters/2i2c/temple.values.yaml

@@ -51,6 +51,7 @@ jupyterhub:
         oauth_callback_url: https://temple.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           https://fim.temple.edu/idp/shibboleth:
+            default: true
             username_derivation:
               username_claim: "eppn"
             allow_all: true

config/clusters/2i2c/ucmerced-common.values.yaml

@@ -19,28 +19,19 @@ jupyterhub:
           name: University of California, Merced
           url: http://www.ucmerced.edu/
   hub:
-    extraConfig:
-      100-cilogon-ordering: |
-        # Explicitly specify allowed_idps here, so their sort order is
-        # preserved. Otherwise, the keys get sorted lexicographically,
-        # and Google comes before UC Merced
-        # https://github.com/2i2c-org/infrastructure/issues/3267
-        c.CILogonOAuthenticator.allowed_idps = {
-          "urn:mace:incommon:ucmerced.edu": {
-            "username_derivation": {
-              "username_claim": "eppn"
-            },
-            "allow_all": True
-          },
-          "http://google.com/accounts/o8/id": {
-            "username_derivation": {
-              "username_claim": "email"
-            }
-          }
-        }
     config:
       JupyterHub:
         authenticator_class: cilogon
+      CILogonOAuthenticator:
+        allowed_idps:
+          urn:mace:incommon:ucmerced.edu:
+            default: true
+            username_derivation:
+              username_claim: "eppn"
+            allow_all: true
+          http://google.com/accounts/o8/id:
+            username_derivation:
+              username_claim: "email"
       Authenticator:
         admin_users:
           - [email protected]

config/clusters/callysto/common.values.yaml

@@ -141,6 +141,7 @@ jupyterhub:
           - "106951135662332329542" # Elmar Bouwer (Cybera)
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: "oidc"
             allowed_domains: &allowed_domains

config/clusters/carbonplan/common.values.yaml

@@ -190,6 +190,7 @@ basehub:
         CILogonOAuthenticator:
           allowed_idps:
             http://github.com/login/oauth/authorize:
+              default: true
               username_derivation:
                 username_claim: "preferred_username"
         OAuthenticator:

config/clusters/catalystproject-africa/nm-aist.values.yaml

@@ -31,6 +31,7 @@ jupyterhub:
         oauth_callback_url: https://nm-aist.af.catalystproject.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: email
             allowed_domains:

config/clusters/catalystproject-latam/unitefa-conicet.values.yaml

@@ -31,6 +31,7 @@ jupyterhub:
         oauth_callback_url: "https://unitefa-conicet.latam.catalystproject.2i2c.cloud/hub/oauth_callback"
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: "email"
             allowed_domains:

config/clusters/cloudbank/bcc.values.yaml

@@ -37,6 +37,7 @@ jupyterhub:
         oauth_callback_url: https://bcc.cloudbank.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: "email"
             allowed_domains:

config/clusters/cloudbank/ccsf.values.yaml

@@ -37,6 +37,7 @@ jupyterhub:
         oauth_callback_url: "https://ccsf.cloudbank.2i2c.cloud/hub/oauth_callback"
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: "email"
             allowed_domains:

config/clusters/cloudbank/csm.values.yaml

@@ -31,6 +31,7 @@ jupyterhub:
         oauth_callback_url: https://csm.cloudbank.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: "email"
             allowed_domains:

config/clusters/cloudbank/csulb.values.yaml

@@ -37,6 +37,7 @@ jupyterhub:
         oauth_callback_url: https://csulb.cloudbank.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           https://its-shib.its.csulb.edu/idp/shibboleth:
+            default: true
             username_derivation:
               username_claim: "email"
             allow_all: true

config/clusters/cloudbank/csum.values.yaml

@@ -37,6 +37,7 @@ jupyterhub:
         oauth_callback_url: "https://csum.cloudbank.2i2c.cloud/hub/oauth_callback"
         allowed_idps:
           https://cma-shibboleth.csum.edu/idp/shibboleth:
+            default: true
             username_derivation:
               username_claim: "email"
             allow_all: true

config/clusters/cloudbank/demo.values.yaml

@@ -40,6 +40,7 @@ jupyterhub:
         oauth_callback_url: https://demo.cloudbank.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: "email"
       Authenticator:

config/clusters/cloudbank/dvc.values.yaml

@@ -35,6 +35,7 @@ jupyterhub:
         oauth_callback_url: https://dvc.cloudbank.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           http://login.microsoftonline.com/common/oauth2/v2.0/authorize:
+            default: true
             username_derivation:
               username_claim: "email"
             allowed_domains:

config/clusters/cloudbank/elcamino.values.yaml

@@ -36,6 +36,7 @@ jupyterhub:
         oauth_callback_url: "https://elcamino.cloudbank.2i2c.cloud/hub/oauth_callback"
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: "email"
             allowed_domains:

config/clusters/cloudbank/evc.values.yaml

@@ -37,6 +37,7 @@ jupyterhub:
         oauth_callback_url: https://evc.cloudbank.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           http://login.microsoftonline.com/common/oauth2/v2.0/authorize:
+            default: true
             username_derivation:
               username_claim: "email"
             allowed_domains:

config/clusters/cloudbank/fresno.values.yaml

@@ -31,6 +31,7 @@ jupyterhub:
         oauth_callback_url: https://fresno.cloudbank.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           https://idp.scccd.edu/idp/shibboleth:
+            default: true
             username_derivation:
               username_claim: "email"
             allow_all: true

config/clusters/cloudbank/glendale.values.yaml

@@ -31,6 +31,7 @@ jupyterhub:
         oauth_callback_url: https://glendale.cloudbank.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: "email"
             allowed_domains:

config/clusters/cloudbank/howard.values.yaml

@@ -31,6 +31,7 @@ jupyterhub:
         oauth_callback_url: "https://howard.cloudbank.2i2c.cloud/hub/oauth_callback"
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: "email"
       OAuthenticator:

config/clusters/cloudbank/humboldt.values.yaml

@@ -40,6 +40,7 @@ jupyterhub:
         oauth_callback_url: https://humboldt.cloudbank.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           https://sso.humboldt.edu/idp/metadata:
+            default: true
             username_derivation:
               username_claim: "email"
             allow_all: true

config/clusters/cloudbank/lacc.values.yaml

@@ -31,6 +31,7 @@ jupyterhub:
         oauth_callback_url: "https://lacc.cloudbank.2i2c.cloud/hub/oauth_callback"
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: "email"
       OAuthenticator:

config/clusters/cloudbank/laney.values.yaml

@@ -31,6 +31,7 @@ jupyterhub:
         oauth_callback_url: "https://laney.cloudbank.2i2c.cloud/hub/oauth_callback"
         allowed_idps:
           http://login.microsoftonline.com/common/oauth2/v2.0/authorize:
+            default: true
             username_derivation:
               username_claim: "email"
             allowed_domains:

config/clusters/cloudbank/mills.values.yaml

@@ -31,6 +31,7 @@ jupyterhub:
         oauth_callback_url: "https://datahub.mills.edu/hub/oauth_callback"
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: "email"
             allowed_domains:

config/clusters/cloudbank/miracosta.values.yaml

@@ -31,6 +31,7 @@ jupyterhub:
         oauth_callback_url: https://miracosta.cloudbank.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           https://miracosta.fedgw.com/gateway:
+            default: true
             username_derivation:
               username_claim: "email"
             allow_all: true

config/clusters/cloudbank/mission.values.yaml

@@ -37,6 +37,7 @@ jupyterhub:
         oauth_callback_url: https://mission.cloudbank.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: "email"
             allowed_domains:

config/clusters/cloudbank/norco.values.yaml

@@ -31,6 +31,7 @@ jupyterhub:
         oauth_callback_url: "https://norco.cloudbank.2i2c.cloud/hub/oauth_callback"
         allowed_idps:
           http://login.microsoftonline.com/common/oauth2/v2.0/authorize:
+            default: true
             username_derivation:
               username_claim: "email"
             allowed_domains:

config/clusters/cloudbank/palomar.values.yaml

@@ -31,6 +31,7 @@ jupyterhub:
         oauth_callback_url: "https://palomar.cloudbank.2i2c.cloud/hub/oauth_callback"
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: "email"
       OAuthenticator:

config/clusters/cloudbank/pasadena.values.yaml

@@ -37,6 +37,7 @@ jupyterhub:
         oauth_callback_url: https://pasadena.cloudbank.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: "email"
             allowed_domains:

config/clusters/cloudbank/sacramento.values.yaml

@@ -37,6 +37,7 @@ jupyterhub:
         oauth_callback_url: https://sacramento.cloudbank.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: "email"
             allowed_domains:

config/clusters/cloudbank/saddleback.values.yaml

@@ -37,6 +37,7 @@ jupyterhub:
         oauth_callback_url: https://saddleback.cloudbank.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: "email"
             allowed_domains:

config/clusters/cloudbank/santiago.values.yaml

@@ -37,6 +37,7 @@ jupyterhub:
         oauth_callback_url: https://santiago.cloudbank.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           http://login.microsoftonline.com/common/oauth2/v2.0/authorize:
+            default: true
             username_derivation:
               username_claim: "email"
             allowed_domains:

config/clusters/cloudbank/sbcc-dev.values.yaml

@@ -31,6 +31,7 @@ jupyterhub:
         oauth_callback_url: "https://sbcc-dev.cloudbank.2i2c.cloud/hub/oauth_callback"
         allowed_idps:
           https://idp.sbcc.edu/idp/shibboleth:
+            default: true
             username_derivation:
               username_claim: "email"
           http://google.com/accounts/o8/id:

config/clusters/cloudbank/sbcc.values.yaml

@@ -31,6 +31,7 @@ jupyterhub:
         oauth_callback_url: "https://sbcc.cloudbank.2i2c.cloud/hub/oauth_callback"
         allowed_idps:
           https://idp.sbcc.edu/idp/shibboleth:
+            default: true
             username_derivation:
               username_claim: "email"
           http://google.com/accounts/o8/id:

config/clusters/cloudbank/sjcc.values.yaml

@@ -31,6 +31,7 @@ jupyterhub:
         oauth_callback_url: https://sjcc.cloudbank.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           http://login.microsoftonline.com/common/oauth2/v2.0/authorize:
+            default: true
             username_derivation:
               username_claim: "email"
             allowed_domains:

config/clusters/cloudbank/sjsu.values.yaml

@@ -40,6 +40,7 @@ jupyterhub:
         oauth_callback_url: https://sjsu.cloudbank.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           https://idp01.sjsu.edu/idp/shibboleth:
+            default: true
             username_derivation:
               username_claim: "email"
             allow_all: true

config/clusters/cloudbank/skyline.values.yaml

@@ -37,6 +37,7 @@ jupyterhub:
         oauth_callback_url: https://skyline.cloudbank.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: "email"
             allowed_domains:

config/clusters/cloudbank/srjc.values.yaml

@@ -37,6 +37,7 @@ jupyterhub:
         oauth_callback_url: https://srjc.cloudbank.2i2c.cloud/hub/oauth_callback
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: "email"
             allowed_domains:

config/clusters/cloudbank/staging.values.yaml

@@ -31,6 +31,7 @@ jupyterhub:
         oauth_callback_url: "https://staging.cloudbank.2i2c.cloud/hub/oauth_callback"
         allowed_idps:
           http://google.com/accounts/o8/id:
+            default: true
             username_derivation:
               username_claim: "email"
       OAuthenticator: