Authorization form must be sent from authorization page

I’ve set up Jupyterhub behind an apache reverse proxy, using letsencrypt and following instructions in the official docs -> Using a reverse proxy.

It works fine until I try to access a service set up as described in nbgrader doc for jupyterhub multiple courses.

I get the “Authorization form must be sent from authorization page”

Looking at the logs I see that the problem probably comes from a difference between the outter referer scheme (https) and the inner one (http).

OAuth POST from !=

I’ve tried what is mentionned there, but without success (https is rewrited to http, but querystring is not rewrited)

Any help is welcome :smile:

EDIT : continuing my investigations, I found that new option in JupyterHub 1.1.0 which solved my issue : service.oauth_no_confirm. As OAuth authentication is bypassed, the problem doesn’t arise anymore

1 Like

I finally found another way to achieve this without having to bypass oauth confirmation.

Based on the apache configuration mentionned here, I just had to add a RequestHeader edit directive :

<Location "/">
    # preserve Host header to avoid cross-origin problems
    ProxyPreserveHost on
    # Modify referer to http in case of oauth2 
    RequestHeader edit referer "https://(.*/hub/api/oauth2/.*)" http://$1
    # proxy to JupyterHub
1 Like