Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: return 401 on unauthorized non-browser requests #117

Merged
merged 1 commit into from
Mar 18, 2019
Merged

fix: return 401 on unauthorized non-browser requests #117

merged 1 commit into from
Mar 18, 2019

Conversation

rokroskar
Copy link
Member

@rokroskar rokroskar commented Mar 13, 2019
edited
Loading

sample response:

curl https://rok.dev.renku.ch/jupyterhub/services/notebooks/user -H "Accept: application/json" --verbose
*   Trying 86.119.25.180...
* TCP_NODELAY set
* Connected to rok.dev.renku.ch (86.119.25.180) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* Server certificate: rok.dev.renku.ch
* Server certificate: Let's Encrypt Authority X3
* Server certificate: DST Root CA X3
> GET /jupyterhub/services/notebooks/user HTTP/1.1
> Host: rok.dev.renku.ch
> User-Agent: curl/7.54.0
> Accept: application/json
>
< HTTP/1.1 401 UNAUTHORIZED
< Server: nginx/1.15.8
< Date: Wed, 13 Mar 2019 13:23:51 GMT
< Content-Type: application/json
< Content-Length: 48
< Connection: keep-alive
< Strict-Transport-Security: max-age=15724800; includeSubDomains
<
* Connection #0 to host rok.dev.renku.ch left intact
{"error": "An authorization token is required."

to test, you can simply replace the image of your renku-notebooks deployment with rrrrrok/renku-notebooks:b5b71da

closes #115

@rokroskar rokroskar added this to the 0.3.2 milestone Mar 13, 2019
@rokroskar rokroskar force-pushed the 115-no-oauth-without-browser branch from b5b71da to cbc5caa Compare March 13, 2019 14:32
@rokroskar rokroskar force-pushed the 115-no-oauth-without-browser branch from cbc5caa to a70c3a5 Compare March 14, 2019 18:35
@rokroskar rokroskar force-pushed the 115-no-oauth-without-browser branch from a70c3a5 to 453e955 Compare March 14, 2019 18:35
@jirikuncar jirikuncar merged commit 453e955 into master Mar 18, 2019
@jirikuncar jirikuncar deleted the 115-no-oauth-without-browser branch March 18, 2019 10:43
@rokroskar rokroskar mentioned this pull request Mar 25, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jirikuncar jirikuncar jirikuncar approved these changes

@ableuler ableuler Awaiting requested review from ableuler

@vfried vfried Awaiting requested review from vfried

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
0.3.2
Development

Successfully merging this pull request may close these issues.

avoid oauth flow if request is not from a browser
2 participants
@rokroskar @jirikuncar