GitHub user rsaleev edited a comment on the discussion: Keycloak to superset Redirecting
> @dosu I have configured the keycloack with superset , but upon signing in > with the keycloack with the credentials which I created in keycloack , so > when I sign in its redirecting to the superset sign in page where it shows > sign in with keycloack again , even though I received the token its still not > redirecting properly > > In keycloack I have provided redirect URI as * and domain/superset @Aswin2002CSE https://github.com/apache/superset/discussions/36203 I suppose you have to refactor for your case. and to bypass login page and redirect to Keycloak instantly. ```python def FLASK_APP_MUTATOR(app): """Modify Flask app after creation""" # import logging # import uuid # import jwt from flask import ( g, redirect, request, session, url_for, # Response ) import logging @app.before_request def make_session_permanent(): session.permanent = True @app.before_request def log_request(): logging.debug( f"📥 {request.method} {request.path} | " f"Endpoint: {request.endpoint} | " f"Args: {dict(request.args)}" ) @app.before_request def require_login(): if request.endpoint and ( request.endpoint.startswith("static") or request.endpoint in { # custom "KeycloakOAuthView.login", # "KeycloakOAuthView.login_provider", "KeycloakOAuthView.oauth_authorized", "KeycloakOAuthView.logout", # FAB "security.logout", "SecurityApi.login", # Add FAB API endpoints "SecurityApi.refresh", "AuthDBView.login", "SupersetAuthView.login", "SecurityApi.login", "SecurityApi.refresh", # system "health.health", "HealthView.show", } ): return None if g.user is None or not getattr(g.user, "is_authenticated", False): logging.info( f"🔐 Redirecting unauthenticated access to {request.endpoint} → Keycloak" ) session["next"] = request.url return redirect( url_for( "KeycloakOAuthView.login", _external=True, provider=DEFAULT_PROVIDER, ) ) ``` Tested on Superset 6.0. Check logs for errors and cycle redirections. Better to set logs to debug level, I have refactored Keycloak OAauth already and code from link is a little bit outdated, but functional. Keep it in mind, that multiple roles must be mapped to one role so `roles:["Admin", "Manager"]` must return "Admin" that will be mapped to built-in Superset role. GitHub link: https://github.com/apache/superset/discussions/29713#discussioncomment-15803149 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
