bugraoz93 commented on code in PR #51657:
URL: https://github.com/apache/airflow/pull/51657#discussion_r2145437638
##########
providers/keycloak/src/airflow/providers/keycloak/auth_manager/routes/login.py:
##########
@@ -48,39 +45,81 @@ def login_callback(request: Request):
code = request.query_params.get("code")
if not code:
return HTMLResponse("Missing code", status_code=400)
-
- client = _get_keycloak_client()
redirect_uri = request.url_for("login_callback")
-
- tokens = client.token(
- grant_type="authorization_code",
+ token = KeycloakAuthManagerLogin.refresh_token(
Review Comment:
Thanks a lot for the review, Vincent! I had a learning curve in some parts
of Keycloak, which is why it took a while. They are all working. I have tested
all the parts other than token expire auto login and finding the problem with
JWT token generation because I saw there was a problem with segments, and
mostly unit tests remain. I think I only missed the part where it should be in
this PR :sweat_smile: I understand what is needed, just interpreted a bit wrong
and mixed with all_admins and included, let me fix this.
I may struggle on the UI end. If we can split and you can help with the UI
part, I would be happy to cover/help on all backend sides :) I am still happy
to do my best. I have two questions for the UI
- Should we create UI pieces in Keycloak or core ui? Asking because the
wording `Optional method to refresh token across auth managers`
- Do we want to move the code from Keycloak that will be persisted in the
Cookie to local storage afterwards, similar to the JWT internal token? Asking
this because we don't persist anything in the Cookie after all, they are
generally in the local storage
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
