vinit2580 opened a new issue #13948:
URL: https://github.com/apache/superset/issues/13948
Hi,
I am trying to integrate okta using OAuth but everytime it gives me
invalid login. Please try again message.
My superset_config.py has below configuration:
import os
from flask import Flask
import logging
from flask_appbuilder.security.manager import AUTH_OID, AUTH_REMOTE_USER,
AUTH_DB, AUTH_LDAP, AUTH_OAUTH
from superset.security import SupersetSecurityManager
import logging
from flask_appbuilder import SQLA, AppBuilder
class CustomSsoSecurityManager(SupersetSecurityManager):
def oauth_user_info(self, provider, response=None):
logging.info("Oauth2 provider: {0}.".format(provider))
if provider == 'okta':
# As example, this line request a GET to base_url + '/' +
userDetails with Bearer Authentication,
# and expects that authorization server checks the token, and
response with user details
res =
self.appbuilder.sm.oauth_remotes[provider].get('https://dev-514411.okta.com/oauth2/default/v1/userinfo')
logging.info(" {0}".format(res))
if res.status != 200:
logger.error('Failed to obtain user info: %s', res.data)
return
logging.info("user_data: {0}".format(res))
return {'name': res['firstName'], 'email': res['email'], 'id':
res['login'], 'username': res['login'],
'first_name': '', 'last_name': ''}
# return {'name': 'neeraj', 'email': '[email protected]', 'id':
'[email protected]', 'username': '[email protected]',
# 'first_name': '', 'last_name': ''}
# Superset specific config
ROW_LIMIT = 5000
AUTH_USER_REGISTRATION = True
AUTH_USER_REGISTRATION_ROLE = 'Admin'
AUTH_ROLE_ADMIN = 'Admin'
AUTH_ROLE_PUBLIC = 'Admin'
WTF_CSRF_EXEMPT_LIST = ['']
# Flask App Builder configuration
# Your App secret key
SECRET_KEY = '\2\1thisismyscretkey\1\2\e\y\y\h'
AUTH_TYPE = AUTH_OAUTH
OAUTH_PROVIDERS = [{
'name': 'okta',
'token_key': 'access_token', # Name of the token in the response of
access_token_url
'icon':'fa-circle-o', # Icon for the provider
'remote_app': {
'client_id': '0oa8hoe9t1c8555666091z357', # Client Id (Identify
Superset application)
'client_secret': 'b8exxJID0BQOXlvMl1234565frU4OY7FX3cXDOMLM', #
Secret for this Client Id (Identify Superset application)
'client_kwargs': {
'scope': 'openid'
},
'access_token_method': 'POST', # HTTP Method to call
access_token_url
'access_token_headers': { # Additional headers for calls to
access_token_url
'Authorization': 'Basic
MG9hOGhvZTl0MWM4THhCMXozNTc6YjhleHhKSUQwQlFPWGx2TWxRYTVUbzVmclU0T1k3RlgzY1hET01MTQ=='
},
'base_url': 'https://dev-514411.okta.com/oauth2/default/',
'authorize_url':
'https://dev-514411.okta.com/oauth2/default/v1/authorize',
'access_token_url':
'https://dev-514411.okta.com/oauth2/default/v1/token',
'redirect_uris': ['http://127.0.0.1:8088/oauth-authorized/okta']
}
}]
CUSTOM_SECURITY_MANAGER = CustomSsoSecurityManager
Whenever i try to login. It gives below error message :
I got stuck here. i followed the steps mentioned into superset configuration
settings. Can someone help me here please ?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
