Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Need to pass an _xsrf parameter in POST requests for Jupyterhub 4.x #72

Open
cmbits opened this issue Jul 27, 2023 · 2 comments
Open

Need to pass an _xsrf parameter in POST requests for Jupyterhub 4.x #72

cmbits opened this issue Jul 27, 2023 · 2 comments

Comments

@cmbits
Copy link

cmbits commented Jul 27, 2023

When using jupyterhub-samlauthenticator with Jupyterhub 4.x I'm getting the following login error:

403 : Forbidden
'_xsrf' argument missing from POST

There is a similar issue reported by a someone using LTIAuthenticator as the authentication module.
jupyterhub/ltiauthenticator#157

When monitoring the SAML interaction I do see the XSRF token getting send from my IdP:
Set-Cookie: XSRF-TOKEN=c162cb78480d8ef; Path=/; Secure
X-XSRF-TOKEN: c162cb78480d8ef

Looks like this issues started after this Jupyterhub code change; jupyterhub/jupyterhub#4032

Would be possible to add XSRF token support?

Thanks,
Chris

@brayner82
Copy link

Attempting to revive this topic considering it has been over a year since the last post. Has this issue been resolved? I'm having the exact issue.

jeanmonet added a commit to jeanmonet/jupyterhub-samlauthenticator that referenced this issue Sep 18, 2024
@jeanmonet
Copy link

Since dev is abandoned in this repo, you may see a working version at the following fork, fixing the _xsrf problem and the SP-initiated login (integrated changes suggested in PR #67 and added some additional modifications), along with some other minor adjustments to latest JupyterHub api:

Code working with JupyterHub 5: https://github.com/jeanmonet/jupyterhub-samlauthenticator/blob/master/samlauthenticator/samlauthenticator.py

Note that I customized the SAMLRequest to match requirements of my SAML IdP: https://github.com/jeanmonet/jupyterhub-samlauthenticator/blob/aca92f37262827410c75caef082bd5da63d624a9/samlauthenticator/samlauthenticator.py#L817-L829

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants