You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@superset.apache.org by GitBox <gi...@apache.org> on 2022/10/12 03:00:06 UTC

[GitHub] [superset] long-tranvan commented on issue #16030: [API Rest] Redirecting to /login when doing a POST to /api/v1/database/import/

long-tranvan commented on issue #16030:
URL: https://github.com/apache/superset/issues/16030#issuecomment-1275519441

   Hi @pedrohdemedeiros
   You can try this workaround (at least it works for me)
   ```sh
     export SUPERSET_BASE_URL=#your superset endpoint
     export URL_AUTH=$SUPERSET_BASE_URL"/api/v1/security/login"
     export URL_CSRF_TOKEN=$SUPERSET_BASE_URL"/api/v1/security/csrf_token/"
     export URL_DATASET_IMPORT=$SUPERSET_BASE_URL"/api/v1/dataset/import/"
     curl -H "Content-Type: application/json" -X POST --data "{\"username\":\"$SUPERSET_AD_USER\",\"password\":\"$SUPERSET_AD_PWD\",\"provider\":\"db\"}" $URL_AUTH >> auth_token.json
     export ACCESS_TOKEN=$(jq '.access_token' auth_token.json | sed 's/"//g')
     curl -c cookies.txt -H "Authorization: Bearer $ACCESS_TOKEN" -L $URL_CSRF_TOKEN >> csrf_token.json
     export CSRF_TOKEN=$(jq '.result' csrf_token.json | sed 's/"//g')
     value=$(cat cookies.txt) && found=${value##*session} && export COOKIE=$(echo $found | sed -e 's/\t//g')
    
    curl --location --max-redirs 5 \
          --request POST $URL_DATASET_IMPORT \
          --header "Cookie: session=$COOKIE" \
          --header "X-CSRFTOKEN: $CSRF_TOKEN" \
          --header "Authorization: Bearer $ACCESS_TOKEN" \
          --form 'overwrite="true"' \
          --form 'formData=@"artifact.zip"'
    # or
     curl -b cookies.txt --location --max-redirs 5 \
          --request POST $URL_DATASET_IMPORT \
          --header "X-CSRFTOKEN: $CSRF_TOKEN" \
          --header "Authorization: Bearer $ACCESS_TOKEN" \
          --form 'overwrite="true"' \
          --form 'formData=@"artifact.zip"'
   ```
   After investigating, I think the root cause is that superset try to check valid token together cookie which has been provided while getting csrf token.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org