FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    Embed an application that requires FusionAuth for logging in

    Scheduled Pinned Locked Moved Unsolved
    Q&A
    1
    1
    783
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      IvanYingX
      last edited by

      Hi everyone

      In one of my previous posts I asked if anyone had some experiences integrating FusionAuth and JupyterHub through an LTI authenticator. I am mostly done with that, but there are a few missing pieces in the puzzle (I will write my discoveries once I get everything sorted out)

      The flow goes like this:

      • I make a POST request to the Jupyterhub endpoint that starts the authorization flow: hub/lti13/oauth_login with some parameters to include the issuer, the login_hint and other needed parameters.
      • The endpoint is responsible to add some request parameters like the nonce, or the callback_url to then send the request to fusionauth /oauth2/authorize.
      • FusionAuth passes the id_token to the callback_url, which in turn checks that the necessary keys are correct (I added a Lambda function to add required LTI parameters)
      • JupyterHub checks that everything is correct, and if so, it proceeds and redirects finally the user to the JupyterHub notebooks

      So far so good, everything seems to be working fine. Except when I try to embed it in an iframe!

      I was already logged in, but then it asks me to log in again inside the Iframe. But when I try it, it just loops and asks me again for my credentials. After checking the Network tab, when I try to log in fusionAuth by hitting the Submit button, it makes a POST request to /oauth2/authorize, which returns a /oauth2/complete-registration, which upon requesting, it returns again oauth2/authorize (Hope that can be understood)

      c0d9e459-1906-431b-a03e-e85c9da7923a-image.png

      I already added the jupyterhub url in the Application "Authorized request origin URLs"

      12b5bd8a-c145-4f66-a06e-ccb899b9370c-image.png

      What I assume is that it is because of the cookies not being correctly passed, but I don't know how that affects the looping behaviour this presents

      Can anyone shed some light please? I've been struggling with this during days and I dont know what else I can do :(.

      Also, I really hope this is not the issue, but I am currently testing the frontend using localhost. JupyterHub and FA are already in (separate) https domains

      Thank you very much,
      Ivan

      1 Reply Last reply Reply Quote 0
      • First post
        Last post

      Looks like your connection to FusionAuth Forum was lost, please wait while we try to reconnect.