You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@airflow.apache.org by GitBox <gi...@apache.org> on 2021/08/20 11:18:00 UTC

[GitHub] [airflow] timothyclarke removed a comment on issue #15601: Access is denied alert after successful login using OIDC

timothyclarke removed a comment on issue #15601:
URL: https://github.com/apache/airflow/issues/15601#issuecomment-902549482


   If the scope contains `openid`, The custom security manager should and oauth_user_info should not be required. 
   ```
   SECURITY_MANAGER_CLASS = GoogleAirflowSecurityManager
   class GoogleAirflowSecurityManager(AirflowSecurityManager):
       def oauth_user_info(self, provider, resp):
   ```
   The log shows `DEBUG - OAUTH Authorized resp:` ... `'id_token': '<redacted>'`  The id token should contain all the user info. Looking at [authlib flask docs](https://docs.authlib.org/en/latest/client/flask.html#flask-openid-connect-client) you can [decode the contents of the `id_token`](https://jwt.io) on many web sites
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@airflow.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org