Skip to content

[AzureAD] Updated to use variable graph_url for different national clouds #805

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open

[AzureAD] Updated to use variable graph_url for different national clouds #805

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
79a5513
Updated azure ad with graph url parameter
yauchinlam Nov 8, 2025
d6ea48c
updated azuread to AAD_GRAPH_URL. Adding test_azuread a test for grap…
yauchinlam Nov 8, 2025
8dcfc03
removed added file for testing
yauchinlam Nov 8, 2025
471bf6d
corrected comments
yauchinlam Nov 8, 2025
27d81c0
corrected new unit test added
yauchinlam Nov 8, 2025
75da246
corrected url format test
yauchinlam Nov 8, 2025
51ea2c5
[pre-commit.ci] auto fixes from pre-commit.com hooks
pre-commit-ci[bot] Nov 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions examples/azuread/sample_jupyter_config.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,3 +16,9 @@
# uncomment the line below to use 'unique_name' rather than the default 'name'. Consult the Azure
# documentation for other field names.
# c.AzureAdOAuthenticator.username_claim = 'unique_name'

# if you are using a different cloud then Azure portal (global service) you will need to provide
# the graph url. By default it will use the https://login.microsoftonline.com


# c.AzureAdOAuthenticator.graph_url = os.environ.get('AAD_GRAPH_URL')
20 changes: 18 additions & 2 deletions oauthenticator/azuread.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,17 +54,33 @@ def _auth_state_groups_key_default(self):
""",
)

graph_url = Unicode(
config=True,
help="""
An Azure graph url for which an OAuth application. This correlates
to which cloud such as Azure portal (global service) [default]
Azure GOV, Azure China, etc. are being used.

This is used to set the default values of `authorize_url` and
`token_url`.
""",
)

@default('tenant_id')
def _tenant_id_default(self):
return os.environ.get('AAD_TENANT_ID', '')

@default('graph_url')
def _graph_url_default(self):
return os.environ.get('AAD_GRAPH_URL', 'https://login.microsoftonline.com')

@default("authorize_url")
def _authorize_url_default(self):
return f"https://login.microsoftonline.com/{self.tenant_id}/oauth2/authorize"
return f"{self.graph_url}/{self.tenant_id}/oauth2/authorize"

@default("token_url")
def _token_url_default(self):
return f"https://login.microsoftonline.com/{self.tenant_id}/oauth2/token"
return f"{self.graph_url}/{self.tenant_id}/oauth2/token"

async def token_to_user(self, token_info):
id_token = token_info['id_token']
Expand Down
7 changes: 7 additions & 0 deletions oauthenticator/tests/test_azuread.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -235,6 +235,13 @@ async def test_tenant_id_from_env():
assert aad.tenant_id == tenant_id


async def test_graph_url_from_env():
graph_url = "https://some_random_url.com"
with mock.patch.dict(os.environ, {"AAD_GRAPH_URL": graph_url}):
aad = AzureAdOAuthenticator()
assert aad.graph_url == graph_url


@mark.parametrize(
"test_variation_id,class_config,expect_config,expect_loglevel,expect_message",
[
Expand Down