You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@superset.apache.org by GitBox <gi...@apache.org> on 2021/06/10 12:55:22 UTC

[GitHub] [superset] Ceridan commented on issue #15081: Use PKCE to secure the authorization code flow

Ceridan commented on issue #15081:
URL: https://github.com/apache/superset/issues/15081#issuecomment-858597271


   You may set up PKCE by passing the `code_challange_method` in the `client_kwargs`. Here is an example of the custom OAUTH provider setup. Be sure, that your server-side is supports PKCE too.
   
   ```python
   CUSTOM_OAUTH_PROVIDER = {
       "name": "myAUTH",
       "icon": "fa-empire",
       "token_key": "access_token",
       "remote_app": {
           "client_id": os.environ["AUTH_KEY"],
           "client_secret": os.environ["AUTH_SECRET"],
           "api_base_url": "https://example.com",
           "client_kwargs": {
               "scope": "profile email",
               "code_challenge_method": "S256",
           },
           "request_token_url": None,
           "access_token_url": "https://example.com/token",
           "authorize_url": "https://example.com/authorize",
       },
   }
   ```


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org