give authorizer handle on identity provider (#830)

jupyter_server/auth/authorizer.py

@@ -7,11 +7,12 @@
 """
 # Copyright (c) Jupyter Development Team.
 # Distributed under the terms of the Modified BSD License.
+from traitlets import Instance
 from traitlets.config import LoggingConfigurable
 
 from jupyter_server.base.handlers import JupyterHandler
 
-from .identity import User
+from .identity import IdentityProvider, User
 
 
 class Authorizer(LoggingConfigurable):
@@ -34,6 +35,8 @@ class Authorizer(LoggingConfigurable):
     .. versionadded:: 2.0
     """
 
+    identity_provider = Instance(IdentityProvider)
+
     def is_authorized(
         self, handler: JupyterHandler, user: User, action: str, resource: str
     ) -> bool:

jupyter_server/base/handlers.py

@@ -220,7 +220,8 @@ def authorizer(self):
             from jupyter_server.auth import AllowAllAuthorizer
 
             self.settings["authorizer"] = AllowAllAuthorizer(
-                config=self.settings.get("config", None)
+                config=self.settings.get("config", None),
+                identity_provider=self.identity_provider,
             )
 
         return self.settings.get("authorizer")

jupyter_server/serverapp.py

@@ -217,23 +217,23 @@ def __init__(
         authorizer=None,
         identity_provider=None,
     ):
-        if authorizer is None:
+        if identity_provider is None:
             warnings.warn(
-                "authorizer unspecified. Using permissive AllowAllAuthorizer."
-                " Specify an authorizer to avoid this message.",
+                "identity_provider unspecified. Using default IdentityProvider."
+                " Specify an identity_provider to avoid this message.",
                 RuntimeWarning,
                 stacklevel=2,
             )
-            authorizer = AllowAllAuthorizer(parent=jupyter_app)
+            identity_provider = IdentityProvider(parent=jupyter_app)
 
-        if identity_provider is None:
+        if authorizer is None:
             warnings.warn(
-                "identity_provider unspecified. Using default IdentityProvider."
-                " Specify an identity_provider to avoid this message.",
+                "authorizer unspecified. Using permissive AllowAllAuthorizer."
+                " Specify an authorizer to avoid this message.",
                 RuntimeWarning,
                 stacklevel=2,
             )
-            identity_provider = IdentityProvider(parent=jupyter_app)
+            authorizer = AllowAllAuthorizer(parent=jupyter_app, identity_provider=identity_provider)
 
         settings = self.init_settings(
             jupyter_app,
@@ -1861,8 +1861,10 @@ def init_configurables(self):
             parent=self,
             log=self.log,
         )
-        self.authorizer = self.authorizer_class(parent=self, log=self.log)
         self.identity_provider = self.identity_provider_class(parent=self, log=self.log)
+        self.authorizer = self.authorizer_class(
+            parent=self, log=self.log, identity_provider=self.identity_provider
+        )
 
     def init_logging(self):
         # This prevents double log messages because tornado use a root logger that