DEVHIDE
Login Or Sign up

Apache Superset OAuth2 (IBM APPID) integration issues

32 Views Asked by At

I am trying to configure oauth on superset.

this is my config file:

from flask_appbuilder.security.manager import AUTH_OAUTH

LOG_LEVEL = "DEBUG"

FEATURE_FLAGS = {
    "ENABLE_TEMPLATE_PROCESSING": True,
}

ENABLE_PROXY_FIX = True
SECRET_KEY = "YOUR_OWN_RANDOM_GENERATED_STRING"

AUTH_TYPE = AUTH_OAUTH
OAUTH_PROVIDERS = [
    {
        'name': 'appid',
        'icon': 'fa-address-card',
        'remote_app': {
            'client_id': 'client-id',
            'client_secret': 'shhhhhh',
            # 'client_kwargs': {
            #     'scope': 'read'  # Scope for the Authorization
            # },
            'server_metadata_url': 'https://eu-de.appid.cloud.ibm.com/oauth/v4/instance-id/.well-known/openid-configuration'
        }
    }
]
# AUTH_ROLE_ADMIN = 'Admin'

from custom_sso_security_manager import CustomSsoSecurityManager

CUSTOM_SECURITY_MANAGER = CustomSsoSecurityManager

# Will allow user self registration, allowing to create Flask users from Authorized User
AUTH_USER_REGISTRATION = True
# The default user self registration role
AUTH_USER_REGISTRATION_ROLE = "Public"

this is my custom_sso_security_manager.py

import logging
from superset.security import SupersetSecurityManager


class CustomSsoSecurityManager(SupersetSecurityManager):

    def oauth_user_info(self, provider, response=None):
        logging.error("CustomSsoSecurityManager Oauth2 provider: {0}.".format(provider))
        if provider == 'appid':
            # As example, this line request a GET to base_url + '/' + userDetails with Bearer  Authentication,
            # and expects that authorization server checks the token, and response with user details
            user_info_response = self.appbuilder.sm.oauth_remotes[provider].get('userinfo')
            logging.error("user_info_response: {0}".format(user_info_response))

            user_detail_response = (self.appbuilder.sm.oauth_remotes[provider].get('userDetails'))
            logging.error("user_detail_response: {0}".format(user_detail_response))

            me = user_detail_response.data
            logging.error("user_data: {0}".format(me))

            return {'name': me['name'], 'email': me['email'], 'id': me['user_name'], 'username': me['user_name'],
                    'first_name': '', 'last_name': ''}

When I try to login, I get correctly redirected to the oauth service for authentication but when I'm redirected back i get the error "Invalid login. Please try again."

this is what i can see in the logs:

DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): eu-de.appid.cloud.ibm.com:443
DEBUG:urllib3.connectionpool:https://eu-de.appid.cloud.ibm.com:443 "POST /oauth/v4/instance-id/token HTTP/1.1" 200 None
ERROR:flask_appbuilder.security.views:Error returning OAuth user info: 'oauth_token'

Unfortunately I can't figure out where the problem is, not even the logging of the line logging.error("CustomSsoSecurityManager Oauth2 provider: {0}.".format(provider)) works.

Does anyone has suggestions on how i can troubleshoot this problem?

oauth-2.0 apache-superset ibm-appid
Original Q&A
0

There are 0 best solutions below

Related Questions in OAUTH-2.0

Related Questions in APACHE-SUPERSET

Related Questions in IBM-APPID

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Popular Questions

.

Copyright © 2021 Jogjafile Inc.