Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

codeserver 3.11.0 broken #26

Open
johrstrom opened this issue Mar 23, 2022 · 6 comments
Open

codeserver 3.11.0 broken #26

johrstrom opened this issue Mar 23, 2022 · 6 comments

Comments

@johrstrom
Copy link
Contributor

It appears that the problem described in in #2 (comment) is again occurring with bc_osc_codeserver 0.4.0 and code-server >= 3.11.0 (but 3.10.2 works OK)

Originally posted by @nathanweeks in #2 (comment)
@johrstrom johrstrom mentioned this issue Mar 23, 2022
Merged
@orbsmiv
Copy link

orbsmiv commented Apr 6, 2022

Further to this I'm attempting to update our OnDemand Code Server app to use version 4.2.0, which has undergone a fairly substantial refactoring to bring it inline with some upstream VS Code changes. They've also changed some of the Cookie handling, as outlined in the following issue:

coder/code-server#4691 (comment)

I've not looked in detail but the following PR may be significant:
coder/code-server#4548

@johrstrom
Copy link
Contributor Author

I also just patched OnDemand with the PR below for an entirely separate reason. But it may catch relative URLs better.

OSC/ondemand#1934

Another route would be to set the app up as /node instead of /rnode, though I don't know if it's possible.

@dgtim
Copy link

dgtim commented Oct 27, 2022

The auth problem persists while trying the server version 4.7.0. Launching like code-server --auth="password" ... with the PASSWORD set brings us to the login screen with

"Welcome to code-server
Please log in below. Password was set from $PASSWORD."

and a password submit field.

@CALMorACT
Copy link

This problem can be solved by changing the method of mocking cookie.

code-server has changed the hash algorism of cookie from the 3.11.0.
The new algorism is argon2, so the additional ruby package ruby-argon2 need to added in dashboard. (I don' t know how to add the additional package for interactive apps, but add it in dashboard app, it runs well)

@jaguillette
Copy link

The previous comment is correct in that it's necessary to change the hashing method for the cookie created in view.html.erb, but there's an alternative auth mechanism in view.html.erb. The auth mechanism that's conditionally used for code-server 4.8.3 works for >= 3.11 with the argon2 hashing algorithm. In our case I was able to change the 4.8.3 in view.html.erb to match the default version of code-server we set in our form.yml and auth in without a password prompt. If you can add the Ruby package for argon2 as the previous post suggests, you can make the cookie option work, but in our case the hidden form input alternative worked.

@KasperSkytte
Copy link

My solution was to use this form:

<form id="<%= form_id %>" action="/rnode/<%= host %>/<%= port %>/login?to=" method="post" target="_blank">
  <input type="hidden" name="password" value="<%= password %>">
  <button class="btn btn-primary" type="submit">
    <i class="fa fa-cogs"></i> Connect to Code Server
  </button>
</form>

Works with code-server version 4.23.1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@jaguillette @johrstrom @dgtim @orbsmiv @KasperSkytte @CALMorACT