Error returning OAuth user info: missing_token

See original GitHub issue

Describe the bug

After upgrading to airflow=2.2.5 and authlib=1.0.0 we are seeing a missing_token error in flask_appbuilder.security.views. As a workaround, we downgraded authlib and it’s working again, but Airflow constraints are pegged at 1.0.0 so the downgrade is a temporary hack.

Error Stacks

Error returning OAuth user info: missing_token:

To Reproduce

Reproducing this requires Airflow 2.2.5, authlib 1.0.0, and an oauth setup (we are using Okta)

Expected behavior

Airflow authentication using Okta oauth.

Environment:

  • OS: Alpine Linux Kubernetes
  • Python Version: 3.8
  • Authlib Version: 1.0.0

Additional context

This problem was also reported in superset issues here: https://github.com/apache/superset/issues/19255

Issue Analytics

  • State:closed
  • Created a year ago
  • Comments:7 (3 by maintainers)

github_iconTop GitHub Comments

1reaction
clonelukecommented, Apr 28, 2022

@cloneluke We made two changes.

  1. Upgrade to authlib==1.0.1
  2. In Airflow webserver_config.py, we added remote_app.jwks_uri to OAUTH_PROVIDERS.
OAUTH_PROVIDERS = [
    {
        'name': 'okta',
        'icon': 'fa-circle-o',
        'token_key': 'access_token',
        'remote_app': {
            ...
            'jwks_uri': 'https://derp.okta.com/oauth2/v1/keys'
        }
    }
]

ah thanks @troyharvey , that makes sense now.

0reactions
troyharveycommented, Apr 27, 2022

@cloneluke We made two changes.

  1. Upgrade to authlib==1.0.1
  2. In Airflow webserver_config.py, we added remote_app.jwks_uri to OAUTH_PROVIDERS.
OAUTH_PROVIDERS = [
    {
        'name': 'okta',
        'icon': 'fa-circle-o',
        'token_key': 'access_token',
        'remote_app': {
            ...
            'jwks_uri': 'https://derp.okta.com/oauth2/v1/keys'
        }
    }
]
Read more comments on GitHub >

github_iconTop Results From Across the Web

Error returning OAuth user info · Issue #1814 - GitHub
We are trying to use Okta Oauth for Airflow authentication, but we are unbale to login to the airlow applicaion Environment Flask-Appbuilder ...
Read more >
flask - OAuth - Facebook MissingTokenError: (missing_token ...
I am using Flask_Dance extension to login using my facebook account, the app always returns an error that says:.
Read more >
Custom Authorization Servers - Okta Developer
Returns OAuth 2.0 metadata for the specified Custom Authorization Server. This information can be used by clients to programmatically configure their ...
Read more >
Resolve API Gateway REST API 403 “Missing Authentication ...
API Gateway REST API endpoints return Missing Authentication Token errors for the following reasons: The API request is made to a method or ......
Read more >
Troubleshoot Invalid Token Errors - Auth0
js version 9 and Lock version 11, when ID tokens are signed with HS256, they are discarded and a call to /userinfo is...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found