mandeeplohan opened a new issue #16749:
URL: https://github.com/apache/superset/issues/16749
We configured the Superset_config.py as suggested on the documentation page.
It is getting authenticated using OIDC and returning with a valid code. However
it is doing POST method call to get access token. No Error in logs.
***Changes in Superset_cofig.py file********
from custom_sso_security_manager import CustomSsoSecurityManager
from flask_appbuilder.security.manager import AUTH_OAUTH,AUTH_OID
CUSTOM_SECURITY_MANAGER = CustomSsoSecurityManager
AUTH_TYPE = AUTH_OAUTH
OAUTH_PROVIDERS = [
{ 'name':'PING',
'token_key':'access_token', # Name of the token in the response of
access_token_url
'icon':'fa-address-card', # Icon for the provider
'remote_app': {
'client_id':'client_id', # Client Id (Identify Superset
application)
'client_secret':'client_secret', # Secret for this Client Id
(Identify Superset application)
'client_kwargs':{
'scope': 'openid profile address email phone',
# Scope for the Authorization
},
'access_token_method':'POST', # HTTP Method to call
access_token_url
'access_token_params':{ # Additional parameters for calls
to access_token_url
'client_id':'client_id',
'grant_type' : 'authorization_code',
'client_secret' :'client_secret',
'redirect_uri' : 'http://localhost:8088/'
},
'access_token_headers':{ # Additional headers for calls to
access_token_url
'Authorization': 'Basic Base64EncodedClientIdAndSecret',
'Content-Type': 'application/x-www-form-urlencoded'
},
'api_base_url':'api_base_url',
'access_token_url':'access_token_url',
'authorize_url':'authorize_url'
}
}
]
# Will allow user self registration, allowing to create Flask users from
Authorized User
AUTH_USER_REGISTRATION = True
# The default user self registration role
AUTH_USER_REGISTRATION_ROLE = "Public"
#***********
### Expected results
Oauth should be working expected after configs.
### Actual results
Authentication happening with Get call and returing with a valid code and
status on the browser.
what actually happens.
1. http://localhost:8088/
2. Eneter MS ID and password
3. Auth success
4. in browser it comes with a valid code:
https://localhost:8088/oauth-authorized/PING?code=aaaaaaaaaaaaaaaaa&state=bbbbbbbbbbb.cccccccccc.ddddddd-ffffff-gggggggg-Y
5. Error on browser is "This site can’t be reached"
6. LOGS:
superset_app | 2021-09-20
14:45:19,097:DEBUG:authlib.integrations.base_client.base_app:Saving authorize
data: {'redirect_uri': 'http://localhost:8088/oauth-authorized/PING', 'nonce':
'S6JvBApadi4z3wOIyMWE', 'url':
'https://url/as/authorization.oauth2?response_type=code&client_id=client_id&redirect_uri=http%3A%2F%2Flocalhost%3A8088%2Foauth-authorized%2FPING&scope=openid+profile+address+email+phone&state=aaaaaaa.bbbbbbb.cccccc-ddddd-eeeee-Y&nonce=S6JvBApadi4z3wOIyKVU',
'state': 'eyL0eEAiOiMNS1QiLCJhbGciOiJIUzI1NiJ9.eeeeeee.bbbbbb-vvvvv-vvvvvv-Y'}
superset_app | 172.18.0.1 - - [20/Sep/2021:14:45:19 +0000] "GET
/login/PING?next= HTTP/1.1" 302 951 "http://localhost:8088/login/"; "Mozilla/5.0
(Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/93.0.4577.82 Safari/537.36"
superset_app | 127.0.0.1 - - [20/Sep/2021:14:45:22 +0000] "GET
/health HTTP/1.1" 200 2 "-" "curl/7.64.0"
#### Screenshots
If applicable, add screenshots to help explain your problem.
#### How to reproduce the bug
1. Git clone: https://github.com/apache/superset.git
2. configure superset_config.py with Oauth changes
3. add a custum sso file as on document page
4. build docker image : docker build -t superset-dev:latest .
5. docker-compose -f docker-compose-non-dev.yml up
6. http://localhost:8088/
7. enter MS id and password
8. Auth success
9. in browser it comes with a valid code:
https://localhost:8088/oauth-authorized/PING?code=aaaaaaaaaaaaaaaaa&state=bbbbbbbbbbb.cccccccccc.ddddddd-ffffff-gggggggg-Y
10. Error on browser is "This site can’t be reached"
### Environment
Local : https://localhost:8088/
(please complete the following information):
- superset version: Could not figure out the version info. However took the
lates source code from here: https://github.com/apache/superset.git and
modified files and built a docker image.
- python version: 3.7.9
- node.js version: 14
- any feature flags active:
### Additional context
Add any other context about the problem here.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
