Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SNOW-878938: OKTA authentication with EXTERNALBROWSER auth uses random ports making it hard to work with in VSCode DevContainers #1670

Closed
jfo8001 opened this issue Jul 28, 2023 · 2 comments
Closed

SNOW-878938: OKTA authentication with EXTERNALBROWSER auth uses random ports making it hard to work with in VSCode DevContainers #1670

jfo8001 opened this issue Jul 28, 2023 · 2 comments
Assignees
@sfc-gh-dszmolka
Labels
bug

Comments

@jfo8001
Copy link

jfo8001 commented Jul 28, 2023
edited
Loading

Python version

Python 3.9.2 (default, Feb 28 2021, 17:03:44)

Operating system and processor architecture

Linux-5.15.49-linuxkit-pr-aarch64-with-glibc2.31

Installed packages

[tool.poetry.dependencies]

python = ">=3.8,<4.0"
snowflake-connector-python = {extras = ["pandas"], version = "3.0.3"}

What did you do?

The code we use is this - inside a VSCode dev container instance

    context = snowflake.connector.connect(
        user=snowflake_user, 
        account=snowflake_account, 
        warehouse=snowflake_warehouse, 
        role=snowflake_role, 
        authenticator="externalbrowser"

So here's the problem - trying to use OKTA for small projects but we are in a devcontainer environment - which means that the code being executed is inside the a docker container and we're running out of a shell inside VSCode. Links are port forwarded out of docker and opened on the desktop environment.

When we go to use this connector, we get the prompt to go log into OKTA, and half of the time the link out to localhost does not forward correctly out of the container. When I manually adjust the dev container to forward that port it starts working better.

The problem is this is not a permanent solution because the python connector appears to be starting random ports each time. I think I have the ability to do a range of ports in the .devcontainer settings.

What did you expect to see?

We should be getting the the "you can go back to where you came from screen"

Quite often I get the "you cannot load this page" message - and we have to smash the reload button several times.

This makes it an unusable workflow for my developers.

Additionally because the Auth is built into the connector itself - if an app establishes 2 or three connections to snowflake - EACH TIME it forces you to re-log in. Its super painful experience.

Notably the node connector suffers some of the same problems but the python one is distinctively more painful.
@github-actions github-actions bot changed the title OKTA authentication with EXTERNALBROWSER auth uses random ports SNOW-878938: OKTA authentication with EXTERNALBROWSER auth uses random ports Jul 28, 2023
@jfo8001 jfo8001 changed the title SNOW-878938: OKTA authentication with EXTERNALBROWSER auth uses random ports SNOW-878938: OKTA authentication with EXTERNALBROWSER auth uses random ports making it hard to work with in VSCode DevContainers Jul 28, 2023
@RobbertDM
Copy link

Can you use the SF_AUTH_SOCKET_PORT environment variable to fix this port?

snowflake-connector-python/src/snowflake/connector/auth/webbrowser.py

Line 122 in 9b6b0a6

int(os.getenv("SF_AUTH_SOCKET_PORT", 0)),

@sfc-gh-dszmolka
Copy link
Contributor

marking this one as closed as workaround has been provided but please let us know if you still see the issue, and we can look further.

@sfc-gh-dszmolka sfc-gh-dszmolka self-assigned this Mar 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sfc-gh-dszmolka sfc-gh-dszmolka

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@sfc-gh-dszmolka @jfo8001 @RobbertDM