AWS Cognito authentication documentation improvement request

[reiner2]

Hello TLJH Team, Installing TLJH on AWS with Cognito Authentication, I came across a potential documentation issue, here:

http://tljh.jupyter.org/en/latest/howto/auth/awscognito.html?highlight=cognito#authenticate-using-aws-cognito

This section suggests [Service] Environment=AWSCOGNITO_DOMAIN=https://<<my_jupyter_hub>.auth.eu-west-1.amazoncognito.com

Maybe there is one "<" too much?

So I tried: [Service] Environment=AWSCOGNITO_DOMAIN=https://<my_jupyter_hub>.auth.eu-west-1.amazoncognito.com

In the logs, this looks good: JupyterHub oauth2:100] OAuth redirect: 'https://<my_jupyter_hub>/hub/oauth_callback'

However, the next log entry looks like: JupyterHub log:174] 302 GET /hub/oauth_login?next= -> https://https://<my_jupyter_hub>.auth.us-east-2.amazoncognito.com/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2F<.....>com%2Fhub%2Foauth_callback&client_id=<.......>&state=[secret] (@AAA.BBB.CCC.DDD)

This part: https://https://<my_jupyter_hub>.auth.us-east-2.amazoncognito.com appeared to be the issue ;)

Made this change: [Service] Environment=AWSCOGNITO_DOMAIN=<my_jupyter_hub>.auth.eu-west-1.amazoncognito.com

And AWS Cognito authentication works as expected.

Suggested fix: Change the [Service] section to:

[Service] Environment=AWSCOGNITO_DOMAIN=<my_jupyter_hub>.auth.eu-west-1.amazoncognito.com

[consideRatio]

Thanks for catching this and describing that the workaround worked out! This is a clear documentation bug that can be fixed easily.