gioargyr opened a new issue, #27918: URL: https://github.com/apache/superset/issues/27918
### Bug description I setup Superset with my Keycloak instance. When Superset redirects to get userinfo from Keycloak, it uses this URL: `https://<my_domain>/realms/<realm_name>/openid-connect/userinfo` which slightly, but critically wrong comparing to the right one. The right one should be `https://<my_domain>/realms/<realm_name>/**protocol**/openid-connect/userinfo` Somehow `protocol` is not included in this specific URL, while I define it everywhere in the configuration. These are the `api_base_url`, `authorize_url`, and `access_token_url` that I define: ``` "api_base_url": "https://<my_domain>/realms/<realm_name>/protocol" "authorize_url": "https://<my_domain>/realms/<realm_name>/protocol/openid-connect/auth" "access_token_url": "https://<my_domain>/realms/<realm_name>/protocol/openid-connect/token" ``` I even tried defining `userinfo_url`, `user_info_url`, and `userinfo_uri`, but it keeps using a URL without `protocol` in it! ### How to reproduce the bug My installation is Superset on my Kubernetes cluster. Kubernetes i version 1.28.7 Superset is in APP VERSION 3.1.1, while CHART VERSION is 0.12.7 ### Screenshots/recordings _No response_ ### Superset version master / latest-dev ### Python version 3.10 ### Node version 16 ### Browser Chrome ### Additional context ERROR:flask_appbuilder.security.views:Error returning OAuth user info: 404 Client Error: Not Found for url: https://<my_domain>/realms/<realm_name>/openid-connect/userinfo ### Checklist - [X] I have searched Superset docs and Slack and didn't find a solution to my problem. - [X] I have searched the GitHub issue tracker and didn't find a similar bug report. - [X] I have checked Superset's logs for errors and if I found a relevant Python stacktrace, I included it here as text in the "additional context" section. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
