This is an automated email from the ASF dual-hosted git repository.
vincbeck pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/airflow.git
The following commit(s) were added to refs/heads/main by this push:
new 2ada89f8c70 fix(providers/fab): restore OAuth callback route exposure
(#62151)
2ada89f8c70 is described below
commit 2ada89f8c70115f99b7c8e0dca4ee87e0a6018f0
Author: Timothy Schroeder <[email protected]>
AuthorDate: Thu Feb 19 08:03:58 2026 -0800
fix(providers/fab): restore OAuth callback route exposure (#62151)
Re-add the CustomAuthOAuthView OAuth callback route decorator and keep a
regression test that verifies the callback endpoint stays exposed with
Flask-AppBuilder route metadata.
Co-authored-by: Cursor <[email protected]>
---
.../src/airflow/providers/fab/auth_manager/views/auth_oauth.py | 2 ++
.../fab/tests/unit/fab/auth_manager/views/test_auth_oauth.py | 8 ++++++++
2 files changed, 10 insertions(+)
diff --git
a/providers/fab/src/airflow/providers/fab/auth_manager/views/auth_oauth.py
b/providers/fab/src/airflow/providers/fab/auth_manager/views/auth_oauth.py
index f00375123aa..9cd23bf47b6 100644
--- a/providers/fab/src/airflow/providers/fab/auth_manager/views/auth_oauth.py
+++ b/providers/fab/src/airflow/providers/fab/auth_manager/views/auth_oauth.py
@@ -22,6 +22,7 @@ from __future__ import annotations
import logging
from flask import session
+from flask_appbuilder import expose
from flask_appbuilder.security.views import AuthOAuthView
from airflow.configuration import conf
@@ -37,6 +38,7 @@ class CustomAuthOAuthView(AuthOAuthView):
the Flask session is not yet committed when the redirect response is sent.
"""
+ @expose("/oauth-authorized/<provider>")
def oauth_authorized(self, provider):
"""
OAuth callback handler that explicitly commits session before redirect.
diff --git a/providers/fab/tests/unit/fab/auth_manager/views/test_auth_oauth.py
b/providers/fab/tests/unit/fab/auth_manager/views/test_auth_oauth.py
index f781cc464dd..d50e284643a 100644
--- a/providers/fab/tests/unit/fab/auth_manager/views/test_auth_oauth.py
+++ b/providers/fab/tests/unit/fab/auth_manager/views/test_auth_oauth.py
@@ -28,6 +28,14 @@ from airflow.providers.fab.auth_manager.views.auth_oauth
import CustomAuthOAuthV
class TestCustomAuthOAuthView:
"""Test CustomAuthOAuthView."""
+ def test_oauth_authorized_keeps_callback_route_exposed(self):
+ """Test oauth callback route is exposed on the custom view."""
+ assert hasattr(CustomAuthOAuthView.oauth_authorized, "_urls")
+ assert any(
+ route == "/oauth-authorized/<provider>"
+ for route, _methods in CustomAuthOAuthView.oauth_authorized._urls
+ )
+
@pytest.mark.parametrize("backend", ["database", "securecookie"])
@mock.patch("airflow.providers.fab.auth_manager.views.auth_oauth.conf")
def test_oauth_authorized_marks_session_modified(self, mock_conf, backend):
