(airflow) branch main updated: Adaptions for custom auth manager example in documentation (#59355)

Tue, 16 Dec 2025 08:35:17 -0800 

This is an automated email from the ASF dual-hosted git repository.

vincbeck pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/airflow.git


The following commit(s) were added to refs/heads/main by this push:
     new ab5ba5ca053 Adaptions for custom auth manager example in documentation 
(#59355)
ab5ba5ca053 is described below

commit ab5ba5ca0535065a15a44710c712d20dac5e75a9
Author: Daniel Wolf <[email protected]>
AuthorDate: Tue Dec 16 17:34:58 2025 +0100

    Adaptions for custom auth manager example in documentation (#59355)
    
    * Allow skipping of session ID rotation when using OAuth in auth manager
    
    * Remove login_user function from custom auth manager example
---
 providers/fab/docs/auth-manager/token.rst                           | 6 +-----
 .../airflow/providers/fab/auth_manager/security_manager/override.py | 5 +++--
 2 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/providers/fab/docs/auth-manager/token.rst 
b/providers/fab/docs/auth-manager/token.rst
index c669bd5b33f..0377d030ee6 100644
--- a/providers/fab/docs/auth-manager/token.rst
+++ b/providers/fab/docs/auth-manager/token.rst
@@ -144,7 +144,7 @@ This custom logic overrides the default ``create_token`` 
method from the FAB aut
                     "role_keys": groups,
                 }
 
-                user = self.security_manager.auth_user_oauth(userinfo)
+                user = self.security_manager.auth_user_oauth(userinfo, 
rotate_session_id=False)
 
             # Fall back to the default implementation
             else:
@@ -152,8 +152,4 @@ This custom logic overrides the default ``create_token`` 
method from the FAB aut
 
             log.info("User: %s", user)
 
-            # Log user into the session
-            if user is not None:
-                login_user(user, remember=False)
-
             return user
diff --git 
a/providers/fab/src/airflow/providers/fab/auth_manager/security_manager/override.py
 
b/providers/fab/src/airflow/providers/fab/auth_manager/security_manager/override.py
index 94775d1a2ec..464ce6b1ea5 100644
--- 
a/providers/fab/src/airflow/providers/fab/auth_manager/security_manager/override.py
+++ 
b/providers/fab/src/airflow/providers/fab/auth_manager/security_manager/override.py
@@ -2019,7 +2019,7 @@ class 
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
             if _provider["name"] == provider:
                 return _provider.get("token_secret", "oauth_token_secret")
 
-    def auth_user_oauth(self, userinfo):
+    def auth_user_oauth(self, userinfo, rotate_session_id=True):
         """
         Authenticate user with OAuth.
 
@@ -2073,7 +2073,8 @@ class 
FabAirflowSecurityManagerOverride(AirflowSecurityManagerV2):
 
         # LOGIN SUCCESS (only if user is now registered)
         if user:
-            self._rotate_session_id()
+            if rotate_session_id:
+                self._rotate_session_id()
             self.update_user_auth_stat(user)
             return user
         return None

Reply via email to