You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@airflow.apache.org by GitBox <gi...@apache.org> on 2021/03/28 17:28:34 UTC

[GitHub] [airflow] luis-serra-ki edited a comment on issue #12499: Redirect URI for Airflow to authenticate using Azure AD

luis-serra-ki edited a comment on issue #12499:
URL: https://github.com/apache/airflow/issues/12499#issuecomment-808928030


   Hello guys,
   
   I'm having a similar problem. I'm running airflow on a kubernetes cluster, and I'm using NGINX as my ingress controller, so all my certificates are being provided/managed by it, and I saw that because of this, airflow are making the auth request with the field redirect_uri using HTTP, but on Azure side, on Authentication App settings there is no way to add an HTTP redirect uri and I'm getting always this error: `AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: 'ddb79b88-b450-48d2-bfea-3ea215508dd2'.`
   
   Is there any way to override the redirect_uri parameter? I tried this but isn't working:
   ```
       
       OAUTH_PROVIDERS = [
         {
           "name": "azure",
           "icon": "fa-windows",
           "token_key": "access_token",
           "remote_app": {
             "client_id": os.environ.get("AZURE_APP_ID"),
             "client_secret": os.environ.get("AZURE_CLIENT_SECRET"),
             "redirect_uri" : "https://airflow.my-domain.com/oauth-authorized/azure",
             "base_url": "https://graph.microsoft.com/v1.0/",
             "request_token_params": {
               "scope": "User.read email profile",
               "resource": os.environ.get("AZURE_APPLICATION_ID"),
             },
           "request_token_url": None,
           "access_token_url": azure_authority + "/token",
           "authorize_url": azure_authority + "/authorize",
           },
         },
       ]
   ```
   
   There is any workaround for this problem?
   
   I made another test, using burp suite to intercept the requests and change the values of the parameters which worked from azure side, but then I got an error from airflow side, because the first request was made with HTTP and the reply is using https.
   
   Thanks


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org