Channels
announcements
ask-the-community
auth
conference-talks
contribute
databricks-integration
datahub-flyte
deployment
ecosystem-unionml
engineeringlabs
events
feature-discussions
flyte-bazel
flyte-build
flyte-console
flyte-deployment
flyte-documentation
flyte-github
flyte-on-gcp
flyte-ui-ux
flytekit
flytekit-java
flytelab
great-content
hacktoberfest-2022
helsing-flyte
in-flyte-conversations
integrations
introductions
jobs
konan-integration
linkedin-flyte
random
ray-integration
ray-on-flyte
release
scipy-2022-sprint
show-and-tell
sig-large-models
torch-elastic
workflow-building-ui-proj
writing-w-sfloris
Title
l
lgladh
03/01/2023, 11:12 AMHello! 👋
I have asked about problems with authentication (Azure oidc) earlier. This week I tried creating an entire new deployment using flyte-binary instead. However, this gives me the same problems during the redirect callback. In short:
Error generating encrypted accesstoken cookie [SECURE_COOKIE_ERROR] Error creating secure cookie, caused by: securecookie: the value is too longError setting encrypted JWT cookie [SECURE_COOKIE_ERROR] Error creating secure cookie, caused by: securecookie: the value is too longIf it helps, there are additional logs leading up to this problem. For example:
Could not detect existing cookie [flyte_idt]. Error: http: named cookie not presentCould not retrieve bearer token from metadata rpc error: code = Unauthenticated desc = Request unauthenticated with BearerFailed to parse Access Token from context. Will attempt to find IDToken. Error: [JWT_VERIFICATION_FAILED] Could not retrieve bearer token from metadata, caused by: rpc error: code = Unauthenticated desc = Request unauthenticated with Bearers
Samhita Alla
03/02/2023, 4:41 AM@Yee, any idea how Igladh should be going about to resolve this issue?
@lgladh, I recommend you to go through this thread as well: https://discuss.flyte.org/t/20995/Thank-you-U038FT3LCRE.
l
lgladh
03/02/2023, 12:13 PMHi, @Samhita Alla
As mentioned in the thread, I took a look to see if there were any additional claims on the azure side, but the list was empty so I guess not? Or are there other ways to check if there are additional claims? I can configure the existing one, but it's hard for me to just create a new app, that is something I have to request.
y
Yee
03/02/2023, 5:50 PMso a lot of those log lines are just warnings, it’s okay.
the proper flow is for users to request protected resources on admin, admin checks that there’s no token present in any of the headers/cookies and returns a 401
but that first error is weird, where are you seeing that? is that a browser error?
no that’s a cookie manager error
j
João Lobo Guerra Neto
03/02/2023, 7:41 PMwere you able to authenticate through azure? If so, could you share how you did it? @lgladh
when I click in login, I got this error and redirect link
now all service is done, so I don’t know what happen
now all service is done, so I don’t know what happen
l
lgladh
03/03/2023, 7:30 AM@João Lobo Guerra Neto I don't have auth working yet and I am also not familiar to the error you have. Looks as though your auth is not set up correctly or not enabled. Check out https://docs.flyte.org/en/latest/deployment/configuration/auth_setup.html.
If you have more trouble, you should probably start another thread as it seems unrelated to this one.
@Yee, Yes so cookie_manager.go/handlers.go is failing to generate the access token cookie, and I see that part is missing in the cookie.
I am not sure if there is anything I can do that affect that part?
y
Yee
03/03/2023, 5:46 PMcould you file an issue?
i will look at it on monday - kinda busy today