csp33 commented on issue #39204:
URL: https://github.com/apache/airflow/issues/39204#issuecomment-2074705563

   > > In production we're using the GitHub login. In local (where we have the 
user/pwd login) I can still see the Pools menu 🤔
   > > Added to the issue description, thanks!
   > 
   > What's your Github integration configuration @csp33 (Without secrets?) ?
   
   This is my `webserver_config.py` :
   
   ```python
           import os
           from typing import Dict, Any, List, Union
   
           from airflow.www.security import AirflowSecurityManager
           from flask_appbuilder import expose
           from flask_appbuilder.security.manager import AUTH_OAUTH
           from flask_appbuilder.security.views import AuthOAuthView
   
           AUTH_TYPE = AUTH_OAUTH
           AUTH_USER_REGISTRATION = True
           AUTH_USER_REGISTRATION_ROLE = "Viewer"
           PERMANENT_SESSION_LIFETIME = 1800
   
   
           OAUTH_PROVIDERS = [
               {
                   "name": "github",
                   "icon": "fa-github",
                   "token_key": "access_token",
                   "remote_app": {
                       "client_id": os.getenv("GITHUB_OAUTH_APP_ID"),
                       "client_secret": os.getenv("GITHUB_OAUTH_APP_SECRET"),
                       "api_base_url": "https://api.github.com";,
                       "client_kwargs": {"scope": "read:user, read:org"},
                       "access_token_url": 
"https://github.com/login/oauth/access_token";,
                       "authorize_url": 
"https://github.com/login/oauth/authorize";,
                       "request_token_url": None,
                   },
               },
           ]
   
           class CustomAuthRemoteUserView(AuthOAuthView):
               @expose("/logout/")
               def logout(self):
                   """Delete access token before logging out."""
                   return super().logout()
   
   
           class GithubAuthorizer(AirflowSecurityManager):
               authoauthview = CustomAuthRemoteUserView
   
               def get_oauth_user_info(
                       self, provider: str, resp: Any
               ) -> Dict[str, Union[str, List[str]]]:
                   remote_app = self.appbuilder.sm.oauth_remotes[provider]
                   me = remote_app.get("user")
                   user_data = me.json()
                   username = user_data["login"]
   
                   try:
                       name_surname_list = user_data['name'].split(" ", 1)
                       first_name = name_surname_list[0]
                       last_name = name_surname_list[1]
                   except Exception:
                       first_name = last_name = "unknown"
   
                   return {
                       "username": username,
                       "email": user_data["email"],
                       "first_name": first_name,
                       "last_name": last_name,
                   }
   
           SECURITY_MANAGER_CLASS = GithubAuthorizer
   ```


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to