In our organistaion we are now using login via our identity provider (SAML) on our new instance of tutor edX. Everything works fine for https://bootcamp.nc3.cz, but if the not logged users tries to login using https://studio.bootcamp.nc3.cz, they get the message “Page not found The page that you were looking for was not found. Go back to the homepage.” If the user re-enters “https://studio.bootcamp.nc3.cz” in the web browser, it is shown that he is already logged in and all is correct. Here is the log of this action: bootcamp SAML logs - Pastebin.com
I noticed that the message about CORS_ORIGIN_WHITELIST appears multiple times in the log (line 15, 18, 22, 26, 41, 46). Is there any way to solve this problem?
That stacktrace line from the logs is the actual problem:
cms_1 | File "/openedx/venv/lib/python3.8/site-packages/social_core/utils.py", line 248, in wrapper
cms_1 | return func(*args, **kwargs)
cms_1 | File "/openedx/venv/lib/python3.8/site-packages/social_core/backends/oauth.py", line 375, in auth_complete
cms_1 | state = self.validate_state()
cms_1 | File "/openedx/venv/lib/python3.8/site-packages/social_core/backends/oauth.py", line 87, in validate_state
cms_1 | raise AuthStateMissing(self, 'state')
cms_1 | social_core.exceptions.AuthStateMissing: Session value state missing.
This is a real problem that I already reported here and that @sambapete also observed here. You should follow the GitHub issue to keep track of the resolution.