romanzdk opened a new issue, #67476: URL: https://github.com/apache/airflow/issues/67476
### Under which category would you file this issue? Airflow Core ### Apache Airflow version 3.2.0 ### What happened and how to reproduce it? ### Apache Airflow version 3.2.0 ### If "Other Airflow 2/3 version" selected, which one? Also reproduced on 3.1.8. ### What happened? When a user opens a deep link to an Airflow resource (e.g. a specific DAG run / task) in a browser session that does not yet have a valid `_token` JWT cookie, they are redirected to the homepage (`/`) instead of the originally requested URL after the auto-login completes. Concretely: - **1st open of the deep link** → goes through `SimpleAuthManager` auto-login → lands on `/` (homepage), **not** the requested URL. - **2nd open of the same deep link** (now that the `_token` cookie exists) → resolves correctly to the requested resource. Example URL that exhibits the issue: ``` https://<airflow-host>/dags/<dag_id>/runs/scheduled__2026-05-20T06:30:00+00:00/tasks/<task_id> ``` This makes sharing Airflow links between colleagues unreliable — the recipient always sees the landing page first and has to manually re-open the link (or paste it twice) to actually reach the resource. ### Investigation Our internal investigation points to the `SimpleAuthManager` login flow ignoring the `next` query parameter: the auto-login endpoint (in our reading: `/auth/token/login`) does not propagate `next` into the post-login redirect, so the final redirect target is always the homepage. No `[core]` / `[fab]` / `[api]` config setting we tried changes this behavior. This looks like a regression or an incomplete fix relative to: - #44848 — "Pass down the previous page (referrer) in the URL after logging in successfully with simple auth manager" - #44856 — the PR that closed #44848 The behavior is similar in spirit to the older FAB-side report in #36832, but here the affected component is the new `SimpleAuthManager` in Airflow 3. ### What you think should happen instead? After auto-login (and after a manual login), `SimpleAuthManager` should redirect the user to the URL they originally requested — i.e. the value of the `next` parameter (or equivalent referrer) — and only fall back to the homepage when no such target is present. ### How to reproduce 1. Use the default `SimpleAuthManager` (no custom auth backend). 2. Open an incognito / private window (so there's no `_token` cookie). 3. Paste a deep link, e.g. `https://<airflow-host>/dags/<dag_id>/runs/<run_id>/tasks/<task_id>`. 4. Complete the auto-login. 5. **Observe:** browser ends up at `/` (homepage) instead of the deep link. 6. Open the same URL a second time in the same session. 7. **Observe:** the deep link now resolves correctly. ### Deployment Other ### Deployment details Self-hosted Airflow 3.1.8 and 3.2.0 with the default `SimpleAuthManager`: ``` [core] auth_manager = airflow.api_fastapi.auth.managers.simple.simple_auth_manager.SimpleAuthManager ``` ### Anything else? - Reproduced on both **3.1.8** and **3.2.0**. - Happens **every time** on the first visit in a fresh session; never on the second visit (once `_token` is cached). - No configuration option we tried fixes it. - Workaround for end users: open the link twice. ### What you think should happen instead? _No response_ ### Operating System _No response_ ### Deployment Other Docker-based deployment ### Apache Airflow Provider(s) _No response_ ### Versions of Apache Airflow Providers _No response_ ### Official Helm Chart version Not Applicable ### Kubernetes Version _No response_ ### Helm Chart configuration _No response_ ### Docker Image customizations _No response_ ### Anything else? _No response_ ### Are you willing to submit PR? - [ ] Yes I am willing to submit a PR! ### Code of Conduct - [x] I agree to follow this project's [Code of Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
