Hello,
When I try to view a Jupyter notebook within a course unit, I get stuck with an “undefined” error that is triggered by what looks like an infinite loop of redirections during the login phase.
Here are all the steps I followed:
- installed the Jupyterhub plugin on a Tutor installation of Open edX
- rebuilt the Open edX image
- restarted the local instance
After that, I extracted the passport ID and added it in the Advanced Settings of the course.
Then, I could see the Jupyter Notebook xBlock in the Advanced section and insert it in a course unit, as well as configure it to pull a notebook from a public git repo.
But then, when I try to view the integrated Jupyter notebook, although the JupyterHub instance is loading fine, the loading stops and report an “Error: undefined” message.
Looking at the console in Chrome, I detected a TOO_MANY_REDIRECTS message and, indeed, when looking at the logs of the Jupyterhub container, I could detect what seems to be a loop of the following logs:
jupyterhub-1 | [D 2024-12-19 11:08:18.660 JupyterHub provider:496] validate_redirect_uri: client_id=jupyterhub-user-student, redirect_uri=/user/student/oauth_callback
jupyterhub-1 | [D 2024-12-19 11:08:18.662 oauthlib.oauth2.rfc6749.grant_types.base base:172] Validating access to scopes {'read:users:groups!user', 'read:users:name!user', 'access:servers!server=student/'} for client 'jupyterhub-user-student' (<OAuthClient(identifier='jupyterhub-user-student')>).
jupyterhub-1 | [D 2024-12-19 11:08:18.664 JupyterHub provider:623] Allowing request for scope(s) for jupyterhub-user-student: read:users:groups!user,read:users:name!user,access:servers!server=student/
jupyterhub-1 | [D 2024-12-19 11:08:18.665 oauthlib.oauth2.rfc6749.grant_types.authorization_code authorization_code:245] Pre resource owner authorization validation ok for <oauthlib.Request SANITIZED>.
jupyterhub-1 | [D 2024-12-19 11:08:18.665 oauthlib.oauth2.rfc6749.grant_types.authorization_code authorization_code:170] Created authorization code grant {'code': 'UTDbau6juTztBvxE7TcRQgMT2Rb4qQ', 'state': 'eyJ1dWlkIjogImRlODU0NWUyZTMyZTRiMTI4YTE4NzBhMmJlNWZiNGM1IiwgIm5leHRfdXJsIjogIi91c2VyL3N0dWRlbnQvZ2l0LXB1bGwvYXBpP3JlcG89aHR0cHMlM0ElMkYlMkZnaXRsYWIucmVua3VsYWIuaW8lMkZncnVuZGt1cnMtcHJvZ3JhbW1pZXJlbiUyRmhzMjQuZ2l0JnRhcmdldHBhdGg9aHMyNC5naXQmYnJhbmNoPW1hc3RlciJ9'} for request <oauthlib.Request SANITIZED>.
jupyterhub-1 | [D 2024-12-19 11:08:18.665 oauthlib.oauth2.rfc6749.grant_types.authorization_code authorization_code:277] Saving grant {'code': 'UTDbau6juTztBvxE7TcRQgMT2Rb4qQ', 'state': 'eyJ1dWlkIjogImRlODU0NWUyZTMyZTRiMTI4YTE4NzBhMmJlNWZiNGM1IiwgIm5leHRfdXJsIjogIi91c2VyL3N0dWRlbnQvZ2l0LXB1bGwvYXBpP3JlcG89aHR0cHMlM0ElMkYlMkZnaXRsYWIucmVua3VsYWIuaW8lMkZncnVuZGt1cnMtcHJvZ3JhbW1pZXJlbiUyRmhzMjQuZ2l0JnRhcmdldHBhdGg9aHMyNC5naXQmYnJhbmNoPW1hc3RlciJ9'} for <oauthlib.Request SANITIZED>.
jupyterhub-1 | [D 2024-12-19 11:08:18.666 JupyterHub provider:247] Saving authorization code jupyterhub-user-student, UTD..., (), {}
jupyterhub-1 | [I 2024-12-19 11:08:18.677 JupyterHub log:192] 302 GET /hub/api/oauth2/authorize?client_id=jupyterhub-user-student&redirect_uri=%2Fuser%2Fstudent%2Foauth_callback&response_type=code&state=[secret] -> /user/student/oauth_callback?code=[secret]&state=[secret] (student@xxx.xx.x.xx) 35.24ms
jupyterhub-1 | [D 2024-12-19 11:08:18.699 oauthlib.oauth2.rfc6749.endpoints.token token:112] Dispatching grant_type authorization_code request to <oauthlib.oauth2.rfc6749.grant_types.authorization_code.AuthorizationCodeGrant object at 0x7f17360552d0>.
jupyterhub-1 | [D 2024-12-19 11:08:18.700 JupyterHub provider:58] authenticate_client <oauthlib.Request SANITIZED>
jupyterhub-1 | [D 2024-12-19 11:08:18.709 oauthlib.oauth2.rfc6749.grant_types.authorization_code authorization_code:533] Using provided redirect_uri /user/student/oauth_callback
jupyterhub-1 | [D 2024-12-19 11:08:18.709 JupyterHub provider:117] confirm_redirect_uri: client_id=jupyterhub-user-student, redirect_uri=/user/student/oauth_callback
jupyterhub-1 | [D 2024-12-19 11:08:18.709 oauthlib.oauth2.rfc6749.grant_types.authorization_code authorization_code:301] Token request validation ok for <oauthlib.Request SANITIZED>.
jupyterhub-1 | [D 2024-12-19 11:08:18.710 JupyterHub provider:345] Saving bearer token {'access_token': 'REDACTED', 'expires_in': 1209600, 'token_type': 'Bearer', 'scope': 'read:users:groups!user read:users:name!user access:servers!server=student/', 'refresh_token': 'REDACTED'}
jupyterhub-1 | [D 2024-12-19 11:08:18.723 JupyterHub provider:205] Deleting oauth code UTD... for jupyterhub-user-student
jupyterhub-1 | [I 2024-12-19 11:08:18.734 JupyterHub log:192] 200 POST /hub/api/oauth2/token (student@xxx.xx.x.xx) 38.96ms
jupyterhub-1 | [D 2024-12-19 11:08:18.740 JupyterHub base:362] Recording first activity for <APIToken('j61R...', user='student', client_id='jupyterhub-user-student')>
jupyterhub-1 | [I 2024-12-19 11:08:18.752 JupyterHub log:192] 200 GET /hub/api/user (student@xxx.xx.x.xx) 15.30ms
jupyterhub-1 | [D 2024-12-19 11:08:18.790 JupyterHub provider:421] Validating client id jupyterhub-user-student
jupyterhub-1 | [D 2024-12-19 11:08:18.793 oauthlib.oauth2.rfc6749.grant_types.authorization_code authorization_code:362] Validating redirection uri /user/student/oauth_callback for client jupyterhub-user-student.
jupyterhub-1 | [D 2024-12-19 11:08:18.793 oauthlib.oauth2.rfc6749.grant_types.base base:231] Using provided redirect_uri /user/student/oauth_callback
I also got warning about cookies not having a proper SameSitevalue and I’m not sure how to solve this reliably either:
Cookie “_xsrf” does not have a proper “SameSite” attribute
value. Soon, cookies without the “SameSite” attribute or
with an invalid value will be treated as “Lax”.
This means that the cookie will no longer be sent in
third-party contexts. If your application depends on
this cookie being available in such contexts,
please add the “SameSite=None“ attribute to it.
To know more about the “SameSite“ attribute,
read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite
Thanks for any help, hint, pointer as to what is wrong with my install. Happy to provide any missing information.