From 1c3570e4f16e9271468e673f0b177d4db4aa2f74 Mon Sep 17 00:00:00 2001 From: Erik Sundell Date: Mon, 27 Nov 2023 18:20:59 +0100 Subject: [PATCH] Revert "cilogon hubs: declare first allowed_idps entry as default" --- .../clusters/2i2c-aws-us/cosmicds.values.yaml | 1 - config/clusters/2i2c-uk/staging.values.yaml | 1 - config/clusters/2i2c/aup.values.yaml | 1 - .../clusters/2i2c/binder-staging.values.yaml | 1 - config/clusters/2i2c/dask-staging.values.yaml | 1 - config/clusters/2i2c/demo.values.yaml | 1 - config/clusters/2i2c/mtu.values.yaml | 1 - .../clusters/2i2c/neurohackademy.values.yaml | 1 - config/clusters/2i2c/staging.values.yaml | 1 - config/clusters/2i2c/temple.values.yaml | 1 - .../clusters/2i2c/ucmerced-common.values.yaml | 29 ++++++++++++------- config/clusters/callysto/common.values.yaml | 1 - config/clusters/carbonplan/common.values.yaml | 1 - .../nm-aist.values.yaml | 1 - .../unitefa-conicet.values.yaml | 1 - config/clusters/cloudbank/bcc.values.yaml | 1 - config/clusters/cloudbank/ccsf.values.yaml | 1 - config/clusters/cloudbank/csm.values.yaml | 1 - config/clusters/cloudbank/csulb.values.yaml | 1 - config/clusters/cloudbank/csum.values.yaml | 1 - config/clusters/cloudbank/demo.values.yaml | 1 - config/clusters/cloudbank/dvc.values.yaml | 1 - .../clusters/cloudbank/elcamino.values.yaml | 1 - config/clusters/cloudbank/evc.values.yaml | 1 - config/clusters/cloudbank/fresno.values.yaml | 1 - .../clusters/cloudbank/glendale.values.yaml | 1 - config/clusters/cloudbank/howard.values.yaml | 1 - .../clusters/cloudbank/humboldt.values.yaml | 1 - config/clusters/cloudbank/lacc.values.yaml | 1 - config/clusters/cloudbank/laney.values.yaml | 1 - config/clusters/cloudbank/mills.values.yaml | 1 - .../clusters/cloudbank/miracosta.values.yaml | 1 - config/clusters/cloudbank/mission.values.yaml | 1 - config/clusters/cloudbank/norco.values.yaml | 1 - config/clusters/cloudbank/palomar.values.yaml | 1 - .../clusters/cloudbank/pasadena.values.yaml | 1 - .../clusters/cloudbank/sacramento.values.yaml | 1 - .../clusters/cloudbank/saddleback.values.yaml | 1 - .../clusters/cloudbank/santiago.values.yaml | 1 - .../clusters/cloudbank/sbcc-dev.values.yaml | 1 - config/clusters/cloudbank/sbcc.values.yaml | 1 - config/clusters/cloudbank/sjcc.values.yaml | 1 - config/clusters/cloudbank/sjsu.values.yaml | 1 - config/clusters/cloudbank/skyline.values.yaml | 1 - config/clusters/cloudbank/srjc.values.yaml | 1 - config/clusters/cloudbank/staging.values.yaml | 1 - .../clusters/cloudbank/tuskegee.values.yaml | 1 - config/clusters/hhmi/common.values.yaml | 1 - .../common.values.yaml | 1 - .../clusters/pangeo-hubs/coessing.values.yaml | 1 - config/clusters/ubc-eoas/common.values.yaml | 1 - config/clusters/utoronto/common.values.yaml | 1 - .../configure-auth/cilogon.md | 2 -- 53 files changed, 19 insertions(+), 63 deletions(-) diff --git a/config/clusters/2i2c-aws-us/cosmicds.values.yaml b/config/clusters/2i2c-aws-us/cosmicds.values.yaml index bc47f8526b..d0e047e245 100644 --- a/config/clusters/2i2c-aws-us/cosmicds.values.yaml +++ b/config/clusters/2i2c-aws-us/cosmicds.values.yaml @@ -83,7 +83,6 @@ jupyterhub: oauth_callback_url: https://cosmicds.2i2c.cloud/hub/oauth_callback allowed_idps: http://github.com/login/oauth/authorize: - default: true username_derivation: username_claim: "preferred_username" allow_all: true diff --git a/config/clusters/2i2c-uk/staging.values.yaml b/config/clusters/2i2c-uk/staging.values.yaml index 0ec5159734..789a684aba 100644 --- a/config/clusters/2i2c-uk/staging.values.yaml +++ b/config/clusters/2i2c-uk/staging.values.yaml @@ -41,6 +41,5 @@ jupyterhub: oauth_callback_url: "https://staging.uk.2i2c.cloud/hub/oauth_callback" allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" diff --git a/config/clusters/2i2c/aup.values.yaml b/config/clusters/2i2c/aup.values.yaml index a7175cdaf0..beec96e623 100644 --- a/config/clusters/2i2c/aup.values.yaml +++ b/config/clusters/2i2c/aup.values.yaml @@ -40,7 +40,6 @@ jupyterhub: oauth_callback_url: "https://aup.pilot.2i2c.cloud/hub/oauth_callback" allowed_idps: http://github.com/login/oauth/authorize: - default: true username_derivation: username_claim: "preferred_username" OAuthenticator: diff --git a/config/clusters/2i2c/binder-staging.values.yaml b/config/clusters/2i2c/binder-staging.values.yaml index 4b801044cf..5927be3c88 100644 --- a/config/clusters/2i2c/binder-staging.values.yaml +++ b/config/clusters/2i2c/binder-staging.values.yaml @@ -74,7 +74,6 @@ binderhub: oauth_callback_url: "https://binder-staging.hub.2i2c.cloud/hub/oauth_callback" allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" Authenticator: diff --git a/config/clusters/2i2c/dask-staging.values.yaml b/config/clusters/2i2c/dask-staging.values.yaml index 7fd99282c3..7782eb276f 100644 --- a/config/clusters/2i2c/dask-staging.values.yaml +++ b/config/clusters/2i2c/dask-staging.values.yaml @@ -47,6 +47,5 @@ basehub: oauth_callback_url: "https://dask-staging.2i2c.cloud/hub/oauth_callback" allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" diff --git a/config/clusters/2i2c/demo.values.yaml b/config/clusters/2i2c/demo.values.yaml index dbabd12084..22faef42d8 100644 --- a/config/clusters/2i2c/demo.values.yaml +++ b/config/clusters/2i2c/demo.values.yaml @@ -34,7 +34,6 @@ jupyterhub: allowed_idps: # UTexas hub https://enterprise.login.utexas.edu/idp/shibboleth: - default: true username_derivation: username_claim: "eppn" allow_all: true diff --git a/config/clusters/2i2c/mtu.values.yaml b/config/clusters/2i2c/mtu.values.yaml index be833a1e13..b24deeaacf 100644 --- a/config/clusters/2i2c/mtu.values.yaml +++ b/config/clusters/2i2c/mtu.values.yaml @@ -38,7 +38,6 @@ jupyterhub: allowed_idps: # Allow MTU to login via Shibboleth https://sso.mtu.edu/idp/shibboleth: - default: true username_derivation: username_claim: "email" allowed_domains: diff --git a/config/clusters/2i2c/neurohackademy.values.yaml b/config/clusters/2i2c/neurohackademy.values.yaml index 4db1082b4f..17764ea812 100644 --- a/config/clusters/2i2c/neurohackademy.values.yaml +++ b/config/clusters/2i2c/neurohackademy.values.yaml @@ -59,7 +59,6 @@ jupyterhub: oauth_callback_url: https://neurohackademy.2i2c.cloud/hub/oauth_callback allowed_idps: http://github.com/login/oauth/authorize: - default: true username_derivation: username_claim: "preferred_username" OAuthenticator: diff --git a/config/clusters/2i2c/staging.values.yaml b/config/clusters/2i2c/staging.values.yaml index f60f64113a..0c0b444eea 100644 --- a/config/clusters/2i2c/staging.values.yaml +++ b/config/clusters/2i2c/staging.values.yaml @@ -58,6 +58,5 @@ jupyterhub: oauth_callback_url: "https://staging.2i2c.cloud/hub/oauth_callback" allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" diff --git a/config/clusters/2i2c/temple.values.yaml b/config/clusters/2i2c/temple.values.yaml index b62d10f4bd..ae5fd3e702 100644 --- a/config/clusters/2i2c/temple.values.yaml +++ b/config/clusters/2i2c/temple.values.yaml @@ -51,7 +51,6 @@ jupyterhub: oauth_callback_url: https://temple.2i2c.cloud/hub/oauth_callback allowed_idps: https://fim.temple.edu/idp/shibboleth: - default: true username_derivation: username_claim: "eppn" allow_all: true diff --git a/config/clusters/2i2c/ucmerced-common.values.yaml b/config/clusters/2i2c/ucmerced-common.values.yaml index 80cbd04529..bed6bf9c3d 100644 --- a/config/clusters/2i2c/ucmerced-common.values.yaml +++ b/config/clusters/2i2c/ucmerced-common.values.yaml @@ -19,19 +19,28 @@ jupyterhub: name: University of California, Merced url: http://www.ucmerced.edu/ hub: + extraConfig: + 100-cilogon-ordering: | + # Explicitly specify allowed_idps here, so their sort order is + # preserved. Otherwise, the keys get sorted lexicographically, + # and Google comes before UC Merced + # https://github.com/2i2c-org/infrastructure/issues/3267 + c.CILogonOAuthenticator.allowed_idps = { + "urn:mace:incommon:ucmerced.edu": { + "username_derivation": { + "username_claim": "eppn" + }, + "allow_all": True + }, + "http://google.com/accounts/o8/id": { + "username_derivation": { + "username_claim": "email" + } + } + } config: JupyterHub: authenticator_class: cilogon - CILogonOAuthenticator: - allowed_idps: - urn:mace:incommon:ucmerced.edu: - default: true - username_derivation: - username_claim: "eppn" - allow_all: true - http://google.com/accounts/o8/id: - username_derivation: - username_claim: "email" Authenticator: admin_users: - schadalapaka@ucmerced.edu diff --git a/config/clusters/callysto/common.values.yaml b/config/clusters/callysto/common.values.yaml index 9904e84ecd..3cbfe0c883 100644 --- a/config/clusters/callysto/common.values.yaml +++ b/config/clusters/callysto/common.values.yaml @@ -141,7 +141,6 @@ jupyterhub: - "106951135662332329542" # Elmar Bouwer (Cybera) allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "oidc" allowed_domains: &allowed_domains diff --git a/config/clusters/carbonplan/common.values.yaml b/config/clusters/carbonplan/common.values.yaml index 20ab228c80..33691c26b5 100644 --- a/config/clusters/carbonplan/common.values.yaml +++ b/config/clusters/carbonplan/common.values.yaml @@ -190,7 +190,6 @@ basehub: CILogonOAuthenticator: allowed_idps: http://github.com/login/oauth/authorize: - default: true username_derivation: username_claim: "preferred_username" OAuthenticator: diff --git a/config/clusters/catalystproject-africa/nm-aist.values.yaml b/config/clusters/catalystproject-africa/nm-aist.values.yaml index 88b7961cf1..40e013fc10 100644 --- a/config/clusters/catalystproject-africa/nm-aist.values.yaml +++ b/config/clusters/catalystproject-africa/nm-aist.values.yaml @@ -31,7 +31,6 @@ jupyterhub: oauth_callback_url: https://nm-aist.af.catalystproject.2i2c.cloud/hub/oauth_callback allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: email allowed_domains: diff --git a/config/clusters/catalystproject-latam/unitefa-conicet.values.yaml b/config/clusters/catalystproject-latam/unitefa-conicet.values.yaml index 548682c149..5f446c27ec 100644 --- a/config/clusters/catalystproject-latam/unitefa-conicet.values.yaml +++ b/config/clusters/catalystproject-latam/unitefa-conicet.values.yaml @@ -31,7 +31,6 @@ jupyterhub: oauth_callback_url: "https://unitefa-conicet.latam.catalystproject.2i2c.cloud/hub/oauth_callback" allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" allowed_domains: diff --git a/config/clusters/cloudbank/bcc.values.yaml b/config/clusters/cloudbank/bcc.values.yaml index 1d26feba32..9020355723 100644 --- a/config/clusters/cloudbank/bcc.values.yaml +++ b/config/clusters/cloudbank/bcc.values.yaml @@ -37,7 +37,6 @@ jupyterhub: oauth_callback_url: https://bcc.cloudbank.2i2c.cloud/hub/oauth_callback allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" allowed_domains: diff --git a/config/clusters/cloudbank/ccsf.values.yaml b/config/clusters/cloudbank/ccsf.values.yaml index 7039b61fff..786b32d16f 100644 --- a/config/clusters/cloudbank/ccsf.values.yaml +++ b/config/clusters/cloudbank/ccsf.values.yaml @@ -37,7 +37,6 @@ jupyterhub: oauth_callback_url: "https://ccsf.cloudbank.2i2c.cloud/hub/oauth_callback" allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" allowed_domains: diff --git a/config/clusters/cloudbank/csm.values.yaml b/config/clusters/cloudbank/csm.values.yaml index 98e27c05bc..e7409cc5e9 100644 --- a/config/clusters/cloudbank/csm.values.yaml +++ b/config/clusters/cloudbank/csm.values.yaml @@ -31,7 +31,6 @@ jupyterhub: oauth_callback_url: https://csm.cloudbank.2i2c.cloud/hub/oauth_callback allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" allowed_domains: diff --git a/config/clusters/cloudbank/csulb.values.yaml b/config/clusters/cloudbank/csulb.values.yaml index 27c86f1c8b..8eb30c3e91 100644 --- a/config/clusters/cloudbank/csulb.values.yaml +++ b/config/clusters/cloudbank/csulb.values.yaml @@ -37,7 +37,6 @@ jupyterhub: oauth_callback_url: https://csulb.cloudbank.2i2c.cloud/hub/oauth_callback allowed_idps: https://its-shib.its.csulb.edu/idp/shibboleth: - default: true username_derivation: username_claim: "email" allow_all: true diff --git a/config/clusters/cloudbank/csum.values.yaml b/config/clusters/cloudbank/csum.values.yaml index 1ed5006e23..e4338d28d3 100644 --- a/config/clusters/cloudbank/csum.values.yaml +++ b/config/clusters/cloudbank/csum.values.yaml @@ -37,7 +37,6 @@ jupyterhub: oauth_callback_url: "https://csum.cloudbank.2i2c.cloud/hub/oauth_callback" allowed_idps: https://cma-shibboleth.csum.edu/idp/shibboleth: - default: true username_derivation: username_claim: "email" allow_all: true diff --git a/config/clusters/cloudbank/demo.values.yaml b/config/clusters/cloudbank/demo.values.yaml index c36670feec..dbf15f28a6 100644 --- a/config/clusters/cloudbank/demo.values.yaml +++ b/config/clusters/cloudbank/demo.values.yaml @@ -40,7 +40,6 @@ jupyterhub: oauth_callback_url: https://demo.cloudbank.2i2c.cloud/hub/oauth_callback allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" Authenticator: diff --git a/config/clusters/cloudbank/dvc.values.yaml b/config/clusters/cloudbank/dvc.values.yaml index 5e36654eea..dce9039f10 100644 --- a/config/clusters/cloudbank/dvc.values.yaml +++ b/config/clusters/cloudbank/dvc.values.yaml @@ -35,7 +35,6 @@ jupyterhub: oauth_callback_url: https://dvc.cloudbank.2i2c.cloud/hub/oauth_callback allowed_idps: http://login.microsoftonline.com/common/oauth2/v2.0/authorize: - default: true username_derivation: username_claim: "email" allowed_domains: diff --git a/config/clusters/cloudbank/elcamino.values.yaml b/config/clusters/cloudbank/elcamino.values.yaml index a733bd3171..670bffc31a 100644 --- a/config/clusters/cloudbank/elcamino.values.yaml +++ b/config/clusters/cloudbank/elcamino.values.yaml @@ -36,7 +36,6 @@ jupyterhub: oauth_callback_url: "https://elcamino.cloudbank.2i2c.cloud/hub/oauth_callback" allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" allowed_domains: diff --git a/config/clusters/cloudbank/evc.values.yaml b/config/clusters/cloudbank/evc.values.yaml index c48f0a6d55..ac04f1379d 100644 --- a/config/clusters/cloudbank/evc.values.yaml +++ b/config/clusters/cloudbank/evc.values.yaml @@ -37,7 +37,6 @@ jupyterhub: oauth_callback_url: https://evc.cloudbank.2i2c.cloud/hub/oauth_callback allowed_idps: http://login.microsoftonline.com/common/oauth2/v2.0/authorize: - default: true username_derivation: username_claim: "email" allowed_domains: diff --git a/config/clusters/cloudbank/fresno.values.yaml b/config/clusters/cloudbank/fresno.values.yaml index 8035067bf9..5a333e8abc 100644 --- a/config/clusters/cloudbank/fresno.values.yaml +++ b/config/clusters/cloudbank/fresno.values.yaml @@ -31,7 +31,6 @@ jupyterhub: oauth_callback_url: https://fresno.cloudbank.2i2c.cloud/hub/oauth_callback allowed_idps: https://idp.scccd.edu/idp/shibboleth: - default: true username_derivation: username_claim: "email" allow_all: true diff --git a/config/clusters/cloudbank/glendale.values.yaml b/config/clusters/cloudbank/glendale.values.yaml index cba325c70c..080bab4d51 100644 --- a/config/clusters/cloudbank/glendale.values.yaml +++ b/config/clusters/cloudbank/glendale.values.yaml @@ -31,7 +31,6 @@ jupyterhub: oauth_callback_url: https://glendale.cloudbank.2i2c.cloud/hub/oauth_callback allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" allowed_domains: diff --git a/config/clusters/cloudbank/howard.values.yaml b/config/clusters/cloudbank/howard.values.yaml index 2657e9b94d..f2fa446aa4 100644 --- a/config/clusters/cloudbank/howard.values.yaml +++ b/config/clusters/cloudbank/howard.values.yaml @@ -31,7 +31,6 @@ jupyterhub: oauth_callback_url: "https://howard.cloudbank.2i2c.cloud/hub/oauth_callback" allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" OAuthenticator: diff --git a/config/clusters/cloudbank/humboldt.values.yaml b/config/clusters/cloudbank/humboldt.values.yaml index 7578b35d37..80ef787324 100644 --- a/config/clusters/cloudbank/humboldt.values.yaml +++ b/config/clusters/cloudbank/humboldt.values.yaml @@ -40,7 +40,6 @@ jupyterhub: oauth_callback_url: https://humboldt.cloudbank.2i2c.cloud/hub/oauth_callback allowed_idps: https://sso.humboldt.edu/idp/metadata: - default: true username_derivation: username_claim: "email" allow_all: true diff --git a/config/clusters/cloudbank/lacc.values.yaml b/config/clusters/cloudbank/lacc.values.yaml index 9054bfee6b..d147fff1e5 100644 --- a/config/clusters/cloudbank/lacc.values.yaml +++ b/config/clusters/cloudbank/lacc.values.yaml @@ -31,7 +31,6 @@ jupyterhub: oauth_callback_url: "https://lacc.cloudbank.2i2c.cloud/hub/oauth_callback" allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" OAuthenticator: diff --git a/config/clusters/cloudbank/laney.values.yaml b/config/clusters/cloudbank/laney.values.yaml index ffe42b2b76..f431f69e26 100644 --- a/config/clusters/cloudbank/laney.values.yaml +++ b/config/clusters/cloudbank/laney.values.yaml @@ -31,7 +31,6 @@ jupyterhub: oauth_callback_url: "https://laney.cloudbank.2i2c.cloud/hub/oauth_callback" allowed_idps: http://login.microsoftonline.com/common/oauth2/v2.0/authorize: - default: true username_derivation: username_claim: "email" allowed_domains: diff --git a/config/clusters/cloudbank/mills.values.yaml b/config/clusters/cloudbank/mills.values.yaml index 073aeea1d6..74b846e6d3 100644 --- a/config/clusters/cloudbank/mills.values.yaml +++ b/config/clusters/cloudbank/mills.values.yaml @@ -31,7 +31,6 @@ jupyterhub: oauth_callback_url: "https://datahub.mills.edu/hub/oauth_callback" allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" allowed_domains: diff --git a/config/clusters/cloudbank/miracosta.values.yaml b/config/clusters/cloudbank/miracosta.values.yaml index 7c83e77524..9864706df3 100644 --- a/config/clusters/cloudbank/miracosta.values.yaml +++ b/config/clusters/cloudbank/miracosta.values.yaml @@ -31,7 +31,6 @@ jupyterhub: oauth_callback_url: https://miracosta.cloudbank.2i2c.cloud/hub/oauth_callback allowed_idps: https://miracosta.fedgw.com/gateway: - default: true username_derivation: username_claim: "email" allow_all: true diff --git a/config/clusters/cloudbank/mission.values.yaml b/config/clusters/cloudbank/mission.values.yaml index 42eacb4bfd..6ec0d56592 100644 --- a/config/clusters/cloudbank/mission.values.yaml +++ b/config/clusters/cloudbank/mission.values.yaml @@ -37,7 +37,6 @@ jupyterhub: oauth_callback_url: https://mission.cloudbank.2i2c.cloud/hub/oauth_callback allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" allowed_domains: diff --git a/config/clusters/cloudbank/norco.values.yaml b/config/clusters/cloudbank/norco.values.yaml index 914637f178..2e64440c0c 100644 --- a/config/clusters/cloudbank/norco.values.yaml +++ b/config/clusters/cloudbank/norco.values.yaml @@ -31,7 +31,6 @@ jupyterhub: oauth_callback_url: "https://norco.cloudbank.2i2c.cloud/hub/oauth_callback" allowed_idps: http://login.microsoftonline.com/common/oauth2/v2.0/authorize: - default: true username_derivation: username_claim: "email" allowed_domains: diff --git a/config/clusters/cloudbank/palomar.values.yaml b/config/clusters/cloudbank/palomar.values.yaml index aa601ff2df..2d5e8ce8f8 100644 --- a/config/clusters/cloudbank/palomar.values.yaml +++ b/config/clusters/cloudbank/palomar.values.yaml @@ -31,7 +31,6 @@ jupyterhub: oauth_callback_url: "https://palomar.cloudbank.2i2c.cloud/hub/oauth_callback" allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" OAuthenticator: diff --git a/config/clusters/cloudbank/pasadena.values.yaml b/config/clusters/cloudbank/pasadena.values.yaml index 1ebd4ea014..c5ce436305 100644 --- a/config/clusters/cloudbank/pasadena.values.yaml +++ b/config/clusters/cloudbank/pasadena.values.yaml @@ -37,7 +37,6 @@ jupyterhub: oauth_callback_url: https://pasadena.cloudbank.2i2c.cloud/hub/oauth_callback allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" allowed_domains: diff --git a/config/clusters/cloudbank/sacramento.values.yaml b/config/clusters/cloudbank/sacramento.values.yaml index 0b5c108fe2..ff03773762 100644 --- a/config/clusters/cloudbank/sacramento.values.yaml +++ b/config/clusters/cloudbank/sacramento.values.yaml @@ -37,7 +37,6 @@ jupyterhub: oauth_callback_url: https://sacramento.cloudbank.2i2c.cloud/hub/oauth_callback allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" allowed_domains: diff --git a/config/clusters/cloudbank/saddleback.values.yaml b/config/clusters/cloudbank/saddleback.values.yaml index 0e617ecafb..ffaa5de787 100644 --- a/config/clusters/cloudbank/saddleback.values.yaml +++ b/config/clusters/cloudbank/saddleback.values.yaml @@ -37,7 +37,6 @@ jupyterhub: oauth_callback_url: https://saddleback.cloudbank.2i2c.cloud/hub/oauth_callback allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" allowed_domains: diff --git a/config/clusters/cloudbank/santiago.values.yaml b/config/clusters/cloudbank/santiago.values.yaml index 433b093639..14837ede12 100644 --- a/config/clusters/cloudbank/santiago.values.yaml +++ b/config/clusters/cloudbank/santiago.values.yaml @@ -37,7 +37,6 @@ jupyterhub: oauth_callback_url: https://santiago.cloudbank.2i2c.cloud/hub/oauth_callback allowed_idps: http://login.microsoftonline.com/common/oauth2/v2.0/authorize: - default: true username_derivation: username_claim: "email" allowed_domains: diff --git a/config/clusters/cloudbank/sbcc-dev.values.yaml b/config/clusters/cloudbank/sbcc-dev.values.yaml index 70bfb1d21a..bb470db2b6 100644 --- a/config/clusters/cloudbank/sbcc-dev.values.yaml +++ b/config/clusters/cloudbank/sbcc-dev.values.yaml @@ -31,7 +31,6 @@ jupyterhub: oauth_callback_url: "https://sbcc-dev.cloudbank.2i2c.cloud/hub/oauth_callback" allowed_idps: https://idp.sbcc.edu/idp/shibboleth: - default: true username_derivation: username_claim: "email" http://google.com/accounts/o8/id: diff --git a/config/clusters/cloudbank/sbcc.values.yaml b/config/clusters/cloudbank/sbcc.values.yaml index 7edbf3a6ca..f186ee3386 100644 --- a/config/clusters/cloudbank/sbcc.values.yaml +++ b/config/clusters/cloudbank/sbcc.values.yaml @@ -31,7 +31,6 @@ jupyterhub: oauth_callback_url: "https://sbcc.cloudbank.2i2c.cloud/hub/oauth_callback" allowed_idps: https://idp.sbcc.edu/idp/shibboleth: - default: true username_derivation: username_claim: "email" http://google.com/accounts/o8/id: diff --git a/config/clusters/cloudbank/sjcc.values.yaml b/config/clusters/cloudbank/sjcc.values.yaml index baf38bb3ad..7aa427950e 100644 --- a/config/clusters/cloudbank/sjcc.values.yaml +++ b/config/clusters/cloudbank/sjcc.values.yaml @@ -31,7 +31,6 @@ jupyterhub: oauth_callback_url: https://sjcc.cloudbank.2i2c.cloud/hub/oauth_callback allowed_idps: http://login.microsoftonline.com/common/oauth2/v2.0/authorize: - default: true username_derivation: username_claim: "email" allowed_domains: diff --git a/config/clusters/cloudbank/sjsu.values.yaml b/config/clusters/cloudbank/sjsu.values.yaml index 8e9eaba333..7984a92a8f 100644 --- a/config/clusters/cloudbank/sjsu.values.yaml +++ b/config/clusters/cloudbank/sjsu.values.yaml @@ -40,7 +40,6 @@ jupyterhub: oauth_callback_url: https://sjsu.cloudbank.2i2c.cloud/hub/oauth_callback allowed_idps: https://idp01.sjsu.edu/idp/shibboleth: - default: true username_derivation: username_claim: "email" allow_all: true diff --git a/config/clusters/cloudbank/skyline.values.yaml b/config/clusters/cloudbank/skyline.values.yaml index 83d312e02c..03b16084f1 100644 --- a/config/clusters/cloudbank/skyline.values.yaml +++ b/config/clusters/cloudbank/skyline.values.yaml @@ -37,7 +37,6 @@ jupyterhub: oauth_callback_url: https://skyline.cloudbank.2i2c.cloud/hub/oauth_callback allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" allowed_domains: diff --git a/config/clusters/cloudbank/srjc.values.yaml b/config/clusters/cloudbank/srjc.values.yaml index dd2228325f..03c6802287 100644 --- a/config/clusters/cloudbank/srjc.values.yaml +++ b/config/clusters/cloudbank/srjc.values.yaml @@ -37,7 +37,6 @@ jupyterhub: oauth_callback_url: https://srjc.cloudbank.2i2c.cloud/hub/oauth_callback allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" allowed_domains: diff --git a/config/clusters/cloudbank/staging.values.yaml b/config/clusters/cloudbank/staging.values.yaml index 44a897ee0d..83ec5fe872 100644 --- a/config/clusters/cloudbank/staging.values.yaml +++ b/config/clusters/cloudbank/staging.values.yaml @@ -31,7 +31,6 @@ jupyterhub: oauth_callback_url: "https://staging.cloudbank.2i2c.cloud/hub/oauth_callback" allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" OAuthenticator: diff --git a/config/clusters/cloudbank/tuskegee.values.yaml b/config/clusters/cloudbank/tuskegee.values.yaml index fcd3225ddd..9ff5994406 100644 --- a/config/clusters/cloudbank/tuskegee.values.yaml +++ b/config/clusters/cloudbank/tuskegee.values.yaml @@ -31,7 +31,6 @@ jupyterhub: oauth_callback_url: "https://tuskegee.cloudbank.2i2c.cloud/hub/oauth_callback" allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" OAuthenticator: diff --git a/config/clusters/hhmi/common.values.yaml b/config/clusters/hhmi/common.values.yaml index c6796075c0..f6a2a84f42 100644 --- a/config/clusters/hhmi/common.values.yaml +++ b/config/clusters/hhmi/common.values.yaml @@ -125,7 +125,6 @@ basehub: CILogonOAuthenticator: allowed_idps: http://github.com/login/oauth/authorize: - default: true username_derivation: username_claim: "preferred_username" OAuthenticator: diff --git a/config/clusters/jupyter-meets-the-earth/common.values.yaml b/config/clusters/jupyter-meets-the-earth/common.values.yaml index 4e99ea5003..11ee63bdd2 100644 --- a/config/clusters/jupyter-meets-the-earth/common.values.yaml +++ b/config/clusters/jupyter-meets-the-earth/common.values.yaml @@ -215,7 +215,6 @@ basehub: CILogonOAuthenticator: allowed_idps: http://github.com/login/oauth/authorize: - default: true username_derivation: username_claim: "preferred_username" OAuthenticator: diff --git a/config/clusters/pangeo-hubs/coessing.values.yaml b/config/clusters/pangeo-hubs/coessing.values.yaml index fd165be81a..0235e3e56c 100644 --- a/config/clusters/pangeo-hubs/coessing.values.yaml +++ b/config/clusters/pangeo-hubs/coessing.values.yaml @@ -40,7 +40,6 @@ basehub: oauth_callback_url: "https://coessing.2i2c.cloud/hub/oauth_callback" allowed_idps: http://google.com/accounts/o8/id: - default: true username_derivation: username_claim: "email" OAuthenticator: diff --git a/config/clusters/ubc-eoas/common.values.yaml b/config/clusters/ubc-eoas/common.values.yaml index 663e0d78f4..f4f34d33e0 100644 --- a/config/clusters/ubc-eoas/common.values.yaml +++ b/config/clusters/ubc-eoas/common.values.yaml @@ -42,7 +42,6 @@ jupyterhub: CILogonOAuthenticator: allowed_idps: https://authentication.ubc.ca: - default: true username_derivation: username_claim: email action: strip_idp_domain diff --git a/config/clusters/utoronto/common.values.yaml b/config/clusters/utoronto/common.values.yaml index f564cb0faa..a675f835c0 100644 --- a/config/clusters/utoronto/common.values.yaml +++ b/config/clusters/utoronto/common.values.yaml @@ -82,7 +82,6 @@ jupyterhub: CILogonOAuthenticator: allowed_idps: https://idpz.utorauth.utoronto.ca/shibboleth: - default: true username_derivation: username_claim: "email" allow_all: true diff --git a/docs/hub-deployment-guide/configure-auth/cilogon.md b/docs/hub-deployment-guide/configure-auth/cilogon.md index 5b72443e95..a6816937cd 100644 --- a/docs/hub-deployment-guide/configure-auth/cilogon.md +++ b/docs/hub-deployment-guide/configure-auth/cilogon.md @@ -75,7 +75,6 @@ jupyterhub: # In this example, all authenticated users are authorized via the idp # specific allow_all config. https://idp2.anu.edu.au/idp/shibboleth: - default: true username_derivation: username_claim: email allow_all: true # authorize all users authenticated by the idp @@ -133,7 +132,6 @@ jupyterhub: oauth_callback_url: https://{{ HUB_DOMAIN }}/hub/oauth_callback allowed_idps: http://github.com/login/oauth/authorize: - default: true username_derivation: username_claim: "preferred_username" ```