Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Issues with Shinyapps.io when we have more than one worker #76

Open
sada1993 opened this issue Jul 10, 2020 · 5 comments
Open

Issues with Shinyapps.io when we have more than one worker #76

sada1993 opened this issue Jul 10, 2020 · 5 comments

Comments

@sada1993
Copy link

Faced this issue recently where if we have access to more than one worker process (Basic and above plans on shinyapps.io) then the authentication does not work as expected and enters a loop. This is because initially, shiny redirects the user to Auth0 for verification, and after authentication Auth0 redirects the user back to the app. In this redirect, there is no guarantee that the user will connect to the same process they left from and hence the internal check of the state variable fails and triggers the app to reauthenticate. This process is repeated a random number of times. We can see this reauthentication in the URL which changes repeatedly.

Unsure how we can solve this problem without removing the condition to check the state of the app, this is also not recommended for security reasons. This may be a fundamental limitation in scaling this solution. If you guys have any ideas on how we can overcome this hurdle lets discuss.

@jtrecenti
Copy link
Member

Hi @sada1993 , thanks for the issue. I have a basic plan on shinyapps.io and never faced this issue. Do you have an open source example?

Thanks?

@ferguskeatinge
Copy link

@sada1993 Did you ever find a solution to this issue? I'm also experiencing a similar problem.

@sada1993
Copy link
Author

Apologies, I need to come up with a simple reproducible example for this.

@ferguskeatinge
Copy link

I had a working example and submited tickets to Auth0 and was in a discussion with Julio about this. Looks like an issue that cant really be solved for now: Here is what Auth0 said @sada1993.

"it is not processing the callback correctly, it should be trying to exchange the authorization code for a token after receiving the callback, but it is just starting another /authorize request. I can see when this issue is occurring that no attempt to call the /oauth/token endpoint is being made.
(https://auth0.com/docs/flows/authorization-code-flow). "

They also suggested this:

"Whilst I couldn't find anything documented for shinyapps.io, I did find this blog post - https://auth0.com/blog/adding-authentication-to-shiny-server/
This utilises a reverse proxy to protect the application and enforce authentication via Auth0 using Shiny Server instead of shinyapps.io. Also your app is showing as a SPA currently but I believe it should be a 'Regular web app' type. The main difference is the allowed "token endpoint auth method" settings available between the two."

F.

@sada1993
Copy link
Author

sada1993 commented Oct 28, 2020

Thanks @ferguskeatinge . I Guess we can close this issue then?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants