brayner82
commented
3 months ago Attempting to revive this topic considering it has been over a year since the last post. Has this issue been resolved? I'm having the exact issue.
Open cmbits opened 1 year ago
brayner82
commented
3 months ago Attempting to revive this topic considering it has been over a year since the last post. Has this issue been resolved? I'm having the exact issue.
jeanmonet
commented
2 months ago Since dev is abandoned in this repo, you may see a working version at the following fork, fixing the _xsrf problem and the SP-initiated login (integrated changes suggested in PR https://github.com/HewlettPackard/jupyterhub-samlauthenticator/pull/67 and added some additional modifications), along with some other minor adjustments to latest JupyterHub api:
Code working with JupyterHub 5: https://github.com/jeanmonet/jupyterhub-samlauthenticator/blob/master/samlauthenticator/samlauthenticator.py
Note that I customized the SAMLRequest to match requirements of my SAML IdP: https://github.com/jeanmonet/jupyterhub-samlauthenticator/blob/aca92f37262827410c75caef082bd5da63d624a9/samlauthenticator/samlauthenticator.py#L817-L829
When using jupyterhub-samlauthenticator with Jupyterhub 4.x I'm getting the following login error:
403 : Forbidden '_xsrf' argument missing from POST
There is a similar issue reported by a someone using LTIAuthenticator as the authentication module. https://github.com/jupyterhub/ltiauthenticator/issues/157
When monitoring the SAML interaction I do see the XSRF token getting send from my IdP: Set-Cookie: XSRF-TOKEN=c162cb78480d8ef; Path=/; Secure X-XSRF-TOKEN: c162cb78480d8ef
Looks like this issues started after this Jupyterhub code change; https://github.com/jupyterhub/jupyterhub/pull/4032
Would be possible to add XSRF token support?
Thanks, Chris