lziosi commented on issue #16398:
URL: https://github.com/apache/superset/issues/16398#issuecomment-1179206710
I am using Superset 1.5.0. I have attempted to use the REST APIs for login
and for obtaining the CSRF token.
When I attempt to create a database, providing the Authorization header and
the X-CSRFToken headers, I get:
```{"errors": [{"message": "400 Bad Request: The CSRF session token is
missing.", "error_type": "GENERIC_BACKEND_ERROR", "level": "error", "extra":
{"issue_codes": [{"code": 1011, "message": "Issue 1011 - Superset encountered
an unexpected error."}]}}]}```
```
import requests
import json
BASE_URL = ...
USERNAME = ...
PASSWORD = ...
SUPERSET_DB_NAME = ...
DB_NAME = ...
DB_PORT = ...
DB_HOST = ...
DB_USER = ...
DB_PASSWORD = ...
def login(base_url, username, password):
url = base_url + 'api/v1/security/login'
payload = {'password': password, 'provider': 'ldap', 'refresh': 'true',
'username': username}
payload_json = json.dumps(payload)
headers = {'Content-Type': 'application/json'}
try:
# TODO: import the certificate instead of using verify=False
res = requests.post(url, data=payload_json,
verify=False, headers=headers)
res.raise_for_status()
access_token = res.json()['access_token']
refresh_token = res.json()['refresh_token']
return access_token, refresh_token
except requests.exceptions.RequestException as err:
print("Request Exception:", err)
def get_csrf_token(base_url, access_token):
url = base_url + 'api/v1/security/csrf_token'
# Construct the Authorization header of the form Bearer access_token
headers = {'Authorization': 'Bearer ' + access_token}
try:
# TODO: import the certificate instead of using verify=False
res = requests.get(url, verify=False, headers=headers)
res.raise_for_status()
csrf_token = res.json()['result']
return csrf_token
except requests.exceptions.RequestException as err:
print("Request Exception:", err)
def create_database(base_url, access_token, csrf_token,
superset_database_name, database_name, database_port,
database_host,
database_user, database_password):
url = base_url + 'api/v1/database'
payload = {
"database_name": superset_database_name,
"engine": "postgresql",
"configuration_method": "sqlalchemy_form",
"sqlalchemy_uri": "postgresql+psycopg2://{}:{}@{}:{}/{}".\
format(database_user, database_password, database_host,
database_port, database_name)
}
payload_json = json.dumps(payload)
#headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer
' + access_token, 'X-CSRFToken': csrf_token}
try:
session = requests.Session()
session.headers['X-CSRFToken'] = csrf_token
session.headers['Authorization'] = 'Bearer ' + access_token
session.headers['Content-Type'] = 'application/json'
# TODO: import the certificate instead of using verify=False
res = session.post(url, data=payload_json, verify=False)
print(res.text)
res.raise_for_status()
except requests.exceptions.RequestException as err:
print("Request Exception:", err)
if __name__ == '__main__':
access_token, refresh_token = login(BASE_URL, USERNAME, PASSWORD)
csrf_token = get_csrf_token(BASE_URL, access_token)
create_database(BASE_URL, access_token, csrf_token, SUPERSET_DB_NAME,
DB_NAME, DB_PORT, DB_HOST,
DB_USER, DB_PASSWORD)
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
