Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error returning OAuth user info: missing_token #448

Closed
troyharvey opened this issue Apr 6, 2022 · 7 comments
Closed

Error returning OAuth user info: missing_token #448

troyharvey opened this issue Apr 6, 2022 · 7 comments
Assignees
@lepture
Labels
bug

Comments

@troyharvey
Copy link

Describe the bug

After upgrading to airflow=2.2.5 and authlib=1.0.0 we are seeing a missing_token error in flask_appbuilder.security.views. As a workaround, we downgraded authlib and it's working again, but Airflow constraints are pegged at 1.0.0 so the downgrade is a temporary hack.

Error Stacks

Error returning OAuth user info: missing_token:

To Reproduce

Reproducing this requires Airflow 2.2.5, authlib 1.0.0, and an oauth setup (we are using Okta)

Expected behavior

Airflow authentication using Okta oauth.

Environment:

  • OS: Alpine Linux Kubernetes
  • Python Version: 3.8
  • Authlib Version: 1.0.0

Additional context

This problem was also reported in superset issues here: apache/superset#19255
@troyharvey troyharvey added the bug label Apr 6, 2022
@troyharvey troyharvey mentioned this issue Apr 6, 2022
Closed
@lepture
Copy link
Owner

lepture commented Apr 6, 2022

It is very hard to review the code in a super big project. Can you provide a minimal reproducible example?

@lepture lepture closed this as completed in b28f037 Apr 6, 2022
@lepture
Copy link
Owner

lepture commented Apr 6, 2022

This may be fixed by the given commit. Can you verify it with the master code? I'll make a new release in 2 days.

@lepture lepture reopened this Apr 6, 2022
@lepture
Copy link
Owner

lepture commented Apr 6, 2022

v1.0.1 was released.

@lepture lepture closed this as completed Apr 6, 2022
@troyharvey
Copy link
Author

Thank you for the quick work! This solves our issue in Airflow. 🙇

@cloneluke
Copy link

Thank you for the quick work! This solves our issue in Airflow. 🙇

@troyharvey how did you get around this?
#403

(happens after upgrading authlib)

@troyharvey
Copy link
Author

troyharvey commented Apr 27, 2022
edited
Loading

@cloneluke We made two changes.

  1. Upgrade to authlib==1.0.1
  2. In Airflow webserver_config.py, we added remote_app.jwks_uri to OAUTH_PROVIDERS.
OAUTH_PROVIDERS = [
    {
        'name': 'okta',
        'icon': 'fa-circle-o',
        'token_key': 'access_token',
        'remote_app': {
            ...
            'jwks_uri': 'https://derp.okta.com/oauth2/v1/keys'
        }
    }
]

@cloneluke
Copy link

@cloneluke We made two changes.

  1. Upgrade to authlib==1.0.1
  2. In Airflow webserver_config.py, we added remote_app.jwks_uri to OAUTH_PROVIDERS.
OAUTH_PROVIDERS = [
    {
        'name': 'okta',
        'icon': 'fa-circle-o',
        'token_key': 'access_token',
        'remote_app': {
            ...
            'jwks_uri': 'https://derp.okta.com/oauth2/v1/keys'
        }
    }
]

ah thanks @troyharvey , that makes sense now.

coopfeathy added a commit to coopfeathy/authlib-django that referenced this issue Dec 11, 2022
@coopfeathy
Fix missing_token for Flask client
6a8c957 
This may fix lepture/authlib#448
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lepture lepture

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@lepture @troyharvey @cloneluke