Punxsutawney

PostsComments

SSolara

•Created by Punxsutawney on 5/9/2024 in #questions-issues

Issue. MismatchingStateError with Auth0 in Solara Auth Sample on AWS EC2

Hello, I'm experiencing a persistent MismatchingStateError with the "Solara authentication sample" from your web using my custom Auth0 credentials on an Amazon Linux AWS EC2 instance. I'm using the "Solara authentication sample" on this page: https://solara.dev/documentation/advanced/enterprise/oauth The application functions perfectly on macOS, Raspberry Pi, and Windows, even with a Cloudflare tunnel. However, when deployed on AWS without any proxy or tunnel and accessible directly at port 8765, it throws an error after the Auth0 login sequence. Here are the details of my setup: Operating System: Amazon Linux 2023.4.20240429 Python Version: 3.11.9 Solara Version: 1.32.1 Authlib Version: 1.3.0 Starlette Version: 0.37.2 Here's the error message from the server logs: File "/home/ec2-user/miniconda3/envs/solara_env/lib/python3.11/site-packages/authlib/integrations/base_client/sync_app.py", line 234, in _format_state_params raise MismatchingStateError() authlib.integrations.base_client.errors.MismatchingStateError: mismatching_state: CSRF Warning! State not equal in request and response. This error occurs after I click the "Login" button; the Auth0 login page appears and seems to work, but once authenticated, I receive an 'Internal Server Error' in the browser. The Solara server starts without issues and the UI is accessible. I’ve confirmed that port 8765 is open and no network-related issues should be affecting the Auth0 callbacks. Additionally, I have tested the starlette Auth0 demo on the same AWS server without encountering any problems. Has anyone faced a similar issue or have any suggestions on further debugging steps? Any help would be greatly appreciated! Thank you in advance!

9 replies

SSolara

•Created by Punxsutawney on 5/4/2024 in #questions-issues

Issue with Event Handling in Solara Integration with Auth0 on Inactivity

Hi everyone, I am currently testing Solara with Auth0 authentication and things have been going smoothly for the most part. However, I've noticed an intermittent issue where, if the application window is left open for an extended period, the event handling seems to stop functioning as if the connection has been severed. I may be wrong in assuming this issue is related to Auth0, but from a user's perspective, it appears as though everything is still operational when it is not. I would prefer the Auth0 session being explicity closed. Perhaps I'm dealing with two different topics here... Anyway, I am wondering if there's a way to "automatically" close the Auth0 connection after a certain period of inactivity, which I would like to define specifically, say 30 minutes, and then prompt the user to re-enter their credentials. Is this possible? Any guidance or suggestions on how to implement this would be greatly appreciated. Thank you!

8 replies