You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi team, I use JupyterHub in k8s with our internal OAuth
In my case, I developed an GET API (denoted as /base_url/sample) protected via @tornado.web.authenticate which is supposed to be called directly from browser
Behaviour would be tricky if jupyterLab pod isn't yet spawned, the behaviour would be like this.
Hub noticed that server/pod is not yet spawned, thus redirect user to hub's home page /${prefix}/hub/home
User select correct profile to spawn server
After spawn, user would be redirected to /base_url/sample with 403 error, the reason is that user is redirect but /oauth_callback is not yet requested, thus, user's oauth_client_id is not yet set in cookie
Is there any workarounds to avoid this behaviour with proper protection?
The text was updated successfully, but these errors were encountered:
Thank you for opening your first issue in this project! Engagement like this is essential for open source projects! 🤗
If you haven't done so already, check out Jupyter's Code of Conduct. Also, please try to follow the issue template as it helps other other community members to contribute more effectively.
You can meet the other Jovyans by joining our Discourse forum. There is also an intro thread there where you can stop by and say Hi! 👋
Hi team, I use JupyterHub in k8s with our internal OAuth
In my case, I developed an GET API (denoted as /base_url/sample) protected via @tornado.web.authenticate which is supposed to be called directly from browser
Behaviour would be tricky if jupyterLab pod isn't yet spawned, the behaviour would be like this.
Is there any workarounds to avoid this behaviour with proper protection?
The text was updated successfully, but these errors were encountered: