-
Notifications
You must be signed in to change notification settings - Fork 51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
LTI1.1 appears to fail with z2jh helm chart version 2.0.0 #114
Comments
Thank you for opening your first issue in this project! Engagement like this is essential for open source projects! 🤗 |
@phish108 thank you for your detailed information regarding the issue with version 2.x of z2jh helm chart version 2.x! I will do my best to replicate the error this week and compare notes to provide a fix 👍 |
Hello, I want to start by expressing my thanks for the awesome work being done to make JupyterHub deployable with Kubernetes/Cloud. I was wondering if there has been any findings regarding this bug. I was also running into the same error. I've deployed to AWS EKS using the "Zero to JupyterHub with Kebernetes" and tried using LTIAuthenticator with Self-hosted Canvas and LTI 1.1. I see the same error as mentioned in the issue. |
Can you provide the config you used? I'm looking at https://github.com/berkeley-dsep-infra/datahub/blob/7b49d64c4bffdf3624a5477015397425df06edae/deployments/data8x/secrets/staging.yaml#L9 (the values are encrypted but you can see the structure), which uses the latest z2jh and LTI works fine. |
Sure, I just removed the real key/secret value, but this is the configuration I used for the
|
@isaacpod try calling it |
I changed it to |
I can post the entire config file if it helps. We deployed this on AWS EKS and have an ingress setup which works fine with Dummy authenticator. |
@isaacpod yeah, providing logs and the full config would help. |
Ok, I'll get some logs in a moment, but here's the config I just updated the cluster with, I only changes "sensitive" values:
|
@isaacpod try setting |
Oh, ok let me look at that and I'll give it a try. |
@yuvipanda Got it working!!! I misread your previous comment. Here's the working config:
Thank you so much for your help! |
yw! Where was the original documentatiaon you were using? We need to update that |
It's in the README.md, in this section: https://github.com/jupyterhub/ltiauthenticator#custom-configuration-with-jupyterhubs-helm-chart |
If you find out anything just let me know, or if you need anything else to help. I have all my steps documented if needed. |
@yuvipanda @isaacpod we are testing this today with v2.x of the JupyterHub helm chart. We were able to replicate the issue with Canvas and are looking into how we could implement a documentation and/or implementation update to streamline the use with the Z2HJ config. Thanks for posting the detailed config and bug report, very helpful ❤️ |
@yuvipanda @consideRatio it seems that the latest version of the Thus neither the LTIAuthenticator alias for the LTI11Authenticator nor the LTI13Authenticator classes are available. We reviewed the update for version 1.3 to maintain backward compatibility. Is there a specific reason why this version is being omitted? |
@jgwerner I see jupyterhub/zero-to-jupyterhub-k8s#2741, will send you a note privately. |
The issue was that the 1.3.0 release introduced a new name for the |
Shall we deprecate the use of the old name (now alias) |
If you want to, go for it! I think yes it makes sense, but its not so important. |
Bug description
The z2jh helm chart version 2.0.0 is incompatible with the configuration for the LTI1.1 authenticator.
Expected behaviour
The same behaviour as under 1.2.0 would be nice.
z2jh helmchart v. 1.2.0 works as documented.
Actual behaviour
The authenticator cannot find the local configuration and thus does not verify the client id. The browser gets a
401 unknown oauth_consumer_key
error.With this respect it would be helpful, if the logs should indicate which consumer_keys are configured or at least if any consumers are present. Maybe the authenticator could fail prematurely with a helpful remark, if no consumer_keys are present.
I can see that the client sends the correct consumer_key, but is still rejected. From the location of the error in
validator.py
it appears that no configuration is present in the validator class.How to reproduce
Try to get the z2jh helm chart version 2.0.0 working with the documented description.
Your personal set up
My deployment runs on GKE based zero-to-jupyterhub and I use moodle as a tool consumer.
The text was updated successfully, but these errors were encountered: