nikiit007 opened a new issue #17725: URL: https://github.com/apache/airflow/issues/17725
**Apache Airflow version:** _2.0.2_ **OS:** _PRETTY_NAME="Debian GNU/Linux 10 (buster)" NAME="Debian GNU/Linux" VERSION_ID="10" VERSION="10 (buster)" VERSION_CODENAME=buster ID=debian_ **Apache Airflow Provider versions:** _apache-airflow-providers-amazon==1.3.0 apache-airflow-providers-celery==1.0.1 apache-airflow-providers-cncf-kubernetes==1.1.0 apache-airflow-providers-docker==1.1.0 apache-airflow-providers-elasticsearch==1.0.3 apache-airflow-providers-ftp==1.0.1 apache-airflow-providers-google==3.0.0 apache-airflow-providers-grpc==1.1.0 apache-airflow-providers-hashicorp==1.0.2 apache-airflow-providers-http==1.1.1 apache-airflow-providers-imap==1.0.1 apache-airflow-providers-microsoft-azure==1.3.0 apache-airflow-providers-mysql==1.1.0 apache-airflow-providers-postgres==1.0.1 apache-airflow-providers-redis==1.0.1 apache-airflow-providers-sendgrid==1.0.2 apache-airflow-providers-sftp==1.1.1 apache-airflow-providers-slack==3.0.0 apache-airflow-providers-sqlite==1.0.2 apache-airflow-providers-ssh==1.3.0_ **Deployment:** Helm Chart : 8.3.0 https://artifacthub.io/packages/helm/airflow-helm/airflow/8.3.0 **Please include your deployment tools and versions:** HELM Kubernetes: Kubectl version- Client Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.3", GitCommit:"2d3c76f9091b6bec110a5e63777c332469e0cba2", GitTreeState:"clean", BuildDate:"2019-08-19T11:13:54Z", GoVersion:"go1.12.9", Compiler:"gc", Platform:"linux/amd64"} Server Version: version.Info{Major:"1", Minor:"18+", GitVersion:"v1.18.20-gke.900", GitCommit:"1facb91642e16cb4f5be4e4a632c488aa4700382", GitTreeState:"clean", BuildDate:"2021-06-28T09:19:58Z", GoVersion:"go1.13.15b4", Compiler:"gc", Platform:"linux/amd64"} **What happened? :** Enabled Github Enterprise authentication in WebServer_config.py. Here is what happening in browser: Airflow Home Page -> login page> OAuth provider login page -> Successful login -> Redirecting to following page and getting 404 https://<ghe_url>/oauth/authorize?response_type=code&client_id=xxxx&redirect_uri=http%3A%2F%2F<airflow_url>%2Foauth-authorized%2Fgithub&scope=user&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuZXh0IjpbImh0dHA6Ly9haXJmbG93LWNsZWFucm9vbS1pbnQubmJjdS1kcy1zdGFibGUtaW50LmRldi5uYmN1cGVhLnVzLXdlc3QyLm1nbXQtZ2NwLmdlb290dC5jb20vaG9tZSJdfQ.pGKpkTZzcs5OZU7ax3fiyufSuIii0iU9yeYFPY9DOOI **In the github Oauth app the authorization callback url is : <airflow_url>/oauth-authorized/github** In the airflow-artifacthub-github.yaml.jinja2 which is template for deployment in our cluster, we have added the following : ` {% if enable_oauth == true %} web: extraPipPackages: ## the following configs require Flask-AppBuilder 3.2.0 (or later) - "Flask-AppBuilder~=3.2.0" ## the following configs require Authlib - "Authlib~=0.15.3" webserverConfig: stringOverride: |- from airflow import configuration as conf from flask_appbuilder.security.manager import AUTH_OAUTH SQLALCHEMY_DATABASE_URI = conf.get('core', 'SQL_ALCHEMY_CONN') AUTH_TYPE = AUTH_OAUTH # registration configs AUTH_USER_REGISTRATION = True # allow users who are not already in the FAB DB AUTH_USER_REGISTRATION_ROLE = "Public" # this role will be given in addition to any AUTH_ROLES_MAPPING OAUTH_PROVIDERS = [{ 'name':'github', 'token_key':'access_token', 'icon':'fa-github', 'remote_app': { 'api_base_url':'https://<ghe_url>/api/v3/users', 'client_kwargs' : { 'scope' : 'user'}, 'access_token_url':'https:// <ghe_url>/login/oauth/access_token', 'authorize_url':'https:// <ghe_url>/oauth/authorize', 'request_token_url': None, 'client_id': 'xxxx', 'client_secret': 'xxxx' } }] {% endif %} webserver: service: type: NodePort authenticate: false {% if enable_oauth == true %} # Github Enterprise OAuth AIRFLOW__WEBSERVER__AUTHENTICATE: "True" AIRFLOW__WEBSERVER__AUTH_BACKEND: "airflow.contrib.auth.backends.github_enterprise_auth" AIRFLOW__GITHUB_ENTERPRISE__HOST: "<ghe_url>" AIRFLOW__GITHUB_ENTERPRISE__OAUTH_CALLBACK_ROUTE: "/oauth-authorized/github" {% else %} AIRFLOW__WEBSERVER__AUTHENTICATE: "False" AIRFLOW__WEBSERVER__AUTH_BACKEND: "airflow.api.auth.backend.default" {% endif %} ` What you expected to happen: Successful login after authentication What do you think went wrong? Not sure How often does this problem occur? Once? Every time etc? Every time --> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@airflow.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org