add dedicated doc on details of allowing access

jupyterhub / oauthenticator

OAuth + JupyterHub Authenticator = OAuthenticator

https://oauthenticator.readthedocs.io

BSD 3-Clause "New" or "Revised" License

413 stars 365 forks source link

add dedicated doc on details of allowing access #729

Closed minrk closed 8 months ago

minrk commented 8 months ago

Rendered doc: https://oauthenticator--729.org.readthedocs.build/en/729/topic/allowing.html

closes #727

minrk commented 8 months ago

It's unclear to me a bit whether things like allowed_idps/hosted_domain expanations belong here vs the provider-specific doc pages

consideRatio commented 8 months ago

It's unclear to me a bit whether things like allowed_idps/hosted_domain expanations belong here vs the provider-specific doc pages.

Those two are odd ducks, they shouldn't be classified as allow config. They are requirements to authenticate currently, and hosted_domain could move to be part of the blocked check if the implementation is refactored.

See https://github.com/jupyterhub/oauthenticator/issues/683

consideRatio commented 8 months ago

I'll reflect further on https://github.com/jupyterhub/oauthenticator/pull/729#discussion_r1485885921, but i think there isn't an action point remaining in this PR about it - this LGTM and can be merged.

@minrk - ok to merge?

minrk commented 8 months ago

Thanks for the thoughtful reviews!