betodealmeida commented on code in PR #27631: URL: https://github.com/apache/superset/pull/27631#discussion_r1541145078
########## superset/databases/api.py: ########## @@ -1050,6 +1054,86 @@ def validate_sql(self, pk: int) -> FlaskResponse: except DatabaseNotFoundError: return self.response_404() + @expose("/oauth2/", methods=["GET"]) + @event_logger.log_this_with_context( + action=lambda self, *args, **kwargs: f"{self.__class__.__name__}.oauth2", + log_to_statsd=True, + ) + def oauth2(self) -> FlaskResponse: + """ + --- + get: + summary: >- + Receive personal access tokens from OAuth2 + description: -> + Receive and store personal access tokens from OAuth for user-level + authorization + parameters: + - in: query + name: state + schema: + type: string + - in: query + name: code + schema: + type: string + - in: query + name: scope + schema: + type: string + - in: query + name: error + schema: + type: string + responses: + 200: + description: A dummy self-closing HTML page + content: + text/html: + schema: + type: string + 400: + $ref: '#/components/responses/400' + 500: + $ref: '#/components/responses/500' + """ + parameters = request.args.to_dict() Review Comment: Yeah, good point, I'll add that. I do think the validation should ignore unknown fields, and just check that all fields needed are present. I had a problem in the past where [PKCE](https://oauth.net/2/pkce/) was introduced to an identity provider, and even though it was optional my website stopped working because I was validating the response against a schema that didn't have the field. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org For additional commands, e-mail: notifications-h...@superset.apache.org