Running JupyterHub on Kubernetes through GKE.
Helm chart: 1.0.1
When I login, I get a
400: Bad Request error which either states:
OAuth state missing from cookies
OAuth state mismatch
If I click the JupyterHub logo in the top left, I am taken to JupyterHub and able to open a new notebook. And after I have logged in once, I am able to logout and log back in without getting the error.
I originally ran JupyterHub with 0.11 of the helm chart, but updated it to 1.0.1 which did not fix the issue.
I have tried using both the
Auth0OAuthenticator and the
GenericOAuthenticator configured both as follows:
hub: config: Auth0OAuthenticator: client_id: client-id client_secret: client-secret oauth_callback_url: https://my-jupyter-url/hub/oauth_callback scope: - openid - email auth0_subdomain: my-auth0-url Authenticator: admin_users: - firstname.lastname@example.org auto_login: true JupyterHub: authenticator_class: auth0
hub: config: GenericOAuthenticator: client_id: client_id client_secret: secret oauth_callback_url: https://my-url/hub/oauth_callback authorize_url: https://my-auth0-domain/authorize token_url: https://my-auth0-domain/oauth/token userdata_url: https://my-auth0-domain.com/userinfo scope: - openid - name - profile - email username_key: name JupyterHub: authenticator_class: generic-oauth
So far my only insight is this response header:
set-cookie: oauthenticator-state=""; expires=Wed, 01 Jul 2020 15:49:49 GMT; Path=/
Which is sent in response to this url:
Request URL: https://my-jupyter-url/hub/oauth_callback?code=BxqUQTValNRYI1_Q&state=1lyTjA1qbZPnToo3MrNDi_~a--oADBIZ
Something doesn’t seem right here, as the oauth state is empty, and the expiration date is from 1 year ago.
Does anyone have any insight as to what would be causing me to get this 400 error every time a user logs in for the first time?
Please let me know if you need further information from me!