Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Removing a user and repeat OAuth login causes ERR_TOO_MANY_REDIRECTS
See original GitHub issueApache Airflow version:
2.0.1 but with a hack to make GitHub role based oauth work by installing flask-appbuilder==3.2.0 to get better OAuth.
Environment:
- Cloud provider or hardware configuration:
- OS: Ubuntu 20.04.2
- Kernel:
5.4.0-66-generic x86_64 - Install tools:
- Others:
What happened:
After removing via web UI a user created by my OAuth integration implemented by inheriting from AirflowSecurityManager I was greeted by a redirect loop:
This page isn’t working
airflow.example.org redirected you too many times.
Try clearing your cookies.
ERR_TOO_MANY_REDIRECTS
Which can be seen in the logs:
"GET /home HTTP/1.0" 302 321 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36"
DEBUG - Provider: None
DEBUG - Already authenticated TestUser
"GET /login/?next=https%3A%2F%2Fairflow.example.org%2Fhome HTTP/1.0" 302 209 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36"
"GET / HTTP/1.0" 302 217 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36"
"GET /home HTTP/1.0" 302 321 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36"
DEBUG - Provider: None
DEBUG - Already authenticated TestUser
"GET /login/?next=https%3A%2F%2Fairflow.example.org%2Fhome HTTP/1.0" 302 209 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36"
"GET / HTTP/1.0" 302 217 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36"
"GET /home HTTP/1.0" 302 321 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36"
DEBUG - Provider: None
DEBUG - Already authenticated TestUser
...
As far as I can tell the issue is the Provder: None part, since when I try to log in as another user which was not removed I can see the provider is correctly detected:
DEBUG - Provider: github
DEBUG - Going to call authorize for: github
What you expected to happen:
Login to work as before.
How to reproduce it:
I have implemented OAuth GitHub mapping of user teams to Airflow roles like so:
AUTH_ROLES_MAPPING = {
"devs": ["Viewer"],
"analists": ["User"],
"devops": ["Admin"],
}
class GitHubAirflowSecurityManager(AirflowSecurityManager):
def oauth_user_info(self, provider, resp):
assert provider == 'github'
api = self.appbuilder.sm.oauth_remotes[provider]
user = api.get('user').json()
teams = api.get('user/teams').json()
# email field can't be empty
fake_email = "%s@example.org" % user.get("login")
data = {
"username": user.get("login"),
"email": user.get("email") or fake_email,
"first_name": user.get("name", ""),
"last_name": user.get("family_name", ""),
"role_keys": [t.get("slug") for t in teams],
}
return data
SECURITY_MANAGER_CLASS = GitHubAirflowSecurityManager
Issue Analytics
- State:
- Created 3 years ago
- Reactions:1
- Comments:8 (3 by maintainers)
Top Results From Across the Web
How to Fix The ERR_TOO_MANY_REDIRECTS Error - Kinsta
The ERR_TOO_MANY_REDIRECTS error is pretty much what it sounds like: something is causing too many redirects, sending your website into an infinite redirection ......
Read more >How to Troubleshoot ERR_TOO_MANY_REDIRECTS {8 Fixes}
In this tutorial, you will learn what causes the ERR_TOO_MANY_REDIRECTS error and how to fix it. ; 1. In Chrome, press Ctrl +...
Read more >Too Many Redirects? ERR_TOO_MANY_REDIRECTS and ...
Here's how we'd do it: Clear your browser cache and cookies. The first thing you can try is clearing the cache and cookies...
Read more >Too Many Redirects: What This Error Means & How to Fix It
Learn what the too many redirects error mean, what causes it, and how to solve it so you can get your site back...
Read more >[GitHub] [airflow] jakubgs commented on issue #14829
[GitHub] [airflow] jakubgs commented on issue #14829: Removing a user and repeat OAuth login causes ERR_TOO_MANY_REDIRECTS.
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Oh, I think it happens because the user exists, but it was given the
Publicrole that has no permissions: https://github.com/apache/airflow/blob/b40beb3036b8221053fdb7ab537a45afccf0bd8e/airflow/www/views.py#L453-L458 So it’s logged in, but when it hits/homeit lacksACTION_CAN_READandRESOURCE_WEBSITE, so it gets redirected to/login, but it’s already logged in, so gets redirected back to/home, and so on.Not a great user experience.
Is the correct fix for this, and is an allowed version by the dep.
When the 2.0.2 image is out it will have this (well, 3.2.1)
So it looks like you’ve found the fix, and I’m going to close this issue – let me know if there are any other problems.