worldlyjohn commented on PR #33550: URL: https://github.com/apache/superset/pull/33550#issuecomment-2902048042
> * how does auth work here? I'd assume the in-slack browser wouldn't have access to the dashboard, unless maybe if it's public? @mistercrunch You're right, Slack’s crawler is not logged in, so it receives this redirect and never reaches the dashboard page. Upon further research, unfurling works for analytics tools like Mixpanel because they have [developed Slack integrations](https://apache-superset.slack.com/marketplace/AKMP1USA3-mixpanel) that provide an access token. Appears a similar Preset/Superset Slack integration would need to handle auth before this scope of work is relevant 🤷♂️ . Alternative approaches: - **Wrap metadata behind a small “unfurl” view.** Create a lightweight endpoint that serves only the Open Graph tags (and optional screenshot) without loading the full application. Slack would be sent to this endpoint via the public link. Downside is this could leak possibly confidential dashboard titles to anyone with a dashboard link. - **Provide Slack access via a token.** Use the existing guest-token mechanism (`SecurityRestApi.guest_token`) to generate a short-lived token that authorizes Slack to fetch only the metadata. The request could include `?guest_token=<token>` so the crawler receives the correct page without a redirect. Downside is a request for this link that cloaks itself as a Slack request (modifying HTTP request headers perhaps) to retrieve the dashboard title. - **Develop a Superset Slack integration**. wdyt? (I likely don't have the bandwidth atm to work on these alternative paths, but this unfurling support would be a welcomed addition as we roll out Superset/Preset to our 1000 person org next month) :) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
