mrtsrdm opened a new issue, #23443:
URL: https://github.com/apache/superset/issues/23443
I am trying to use superset with Custom OAuth2 Configuration.
This is my "superset_config.py" file ->
from flask_appbuilder.security.manager import AUTH_OAUTH
from custom_sso_security_manager import CustomSsoSecurityManager
CUSTOM_SECURITY_MANAGER = CustomSsoSecurityManager
AUTH_TYPE = AUTH_OAUTH
OAUTH_PROVIDERS = [
{ 'name':'egaSSO',
'token_key':'acces_token', # Name of the token in the response of
access_token_url
'icon':'fa-address-card', # Icon for the provider
'remote_app': {
'client_id':'ca4ca995-3b1e-4e01-81e1-1f226686a3f7', # Client Id (Identify
Superset application)
'client_secret':'86086186-f97a-442e-925b-35ed25882d0a', # Secret for this
Client Id
'client_kwargs':{
'scope': 'offline_access' # Scope for the Authorization
},
'access_token_method':'POST', # HTTP Method to call access_token_url
'access_token_params':{ # Additional parameters for calls to access_token_url
'grant_type':'authorization_code',
'client_id':'ca4ca995-3b1e-4e01-81e1-1f226686a3f7',
'client_secret':'86086186-f97a-442e-925b-35ed25882d0a'
},
'api_base_url':'http://my-test.com:5100',
'access_token_url':'http://my-test.com:5100/oauth/token',
'authorize_url':'http://my-test.com:5100/connect/authorize',
"request_token_url": None,
}
}
]
AUTH_USER_REGISTRATION = True
AUTH_USER_REGISTRATION_ROLE = "Gamma"
AUTH_ROLES_SYNC_AT_LOGIN = True
and this is my "custom_sso_security_manager.py" file ->
from superset.security import SupersetSecurityManager
class CustomSsoSecurityManager(SupersetSecurityManager):
def oauth_user_info(self, provider, response=None):
if provider == 'egaSSO':
return { 'name' : 'mrt', 'email' :
'[[email protected]](mailto:[email protected])', 'id' : '1',
'username' : 'mrt', 'first_name':'', 'last_name':''}
---->
scenario to explain promlem:
1- ı click signin button in the superset login page
2- page redirects me to my own custom signin page
3- ı enter my username and pasword, and login succesfully
4- ı click logout button
5- page redirects me to superset lgin page
6- ı click signin button in the superset login page
7 The page redirects me directly to the welcome page as logged-in instead
of redirecting me to my own signin page
the system somehow stores my username and pasword info and make me
logged-in. What can ı prevent this situation ?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
