You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@superset.apache.org by GitBox <gi...@apache.org> on 2021/09/20 15:17:08 UTC
[GitHub] [superset] mandeeplohan opened a new issue #16749: OAuth not working
mandeeplohan opened a new issue #16749:
URL: https://github.com/apache/superset/issues/16749
We configured the Superset_config.py as suggested on the documentation page. It is getting authenticated using OIDC and returning with a valid code. However it is doing POST method call to get access token. No Error in logs.
***Changes in Superset_cofig.py file********
from custom_sso_security_manager import CustomSsoSecurityManager
from flask_appbuilder.security.manager import AUTH_OAUTH,AUTH_OID
CUSTOM_SECURITY_MANAGER = CustomSsoSecurityManager
AUTH_TYPE = AUTH_OAUTH
OAUTH_PROVIDERS = [
{ 'name':'PING',
'token_key':'access_token', # Name of the token in the response of access_token_url
'icon':'fa-address-card', # Icon for the provider
'remote_app': {
'client_id':'client_id', # Client Id (Identify Superset application)
'client_secret':'client_secret', # Secret for this Client Id (Identify Superset application)
'client_kwargs':{
'scope': 'openid profile address email phone', # Scope for the Authorization
},
'access_token_method':'POST', # HTTP Method to call access_token_url
'access_token_params':{ # Additional parameters for calls to access_token_url
'client_id':'client_id',
'grant_type' : 'authorization_code',
'client_secret' :'client_secret',
'redirect_uri' : 'http://localhost:8088/'
},
'access_token_headers':{ # Additional headers for calls to access_token_url
'Authorization': 'Basic Base64EncodedClientIdAndSecret',
'Content-Type': 'application/x-www-form-urlencoded'
},
'api_base_url':'api_base_url',
'access_token_url':'access_token_url',
'authorize_url':'authorize_url'
}
}
]
# Will allow user self registration, allowing to create Flask users from Authorized User
AUTH_USER_REGISTRATION = True
# The default user self registration role
AUTH_USER_REGISTRATION_ROLE = "Public"
#***********
### Expected results
Oauth should be working expected after configs.
### Actual results
Authentication happening with Get call and returing with a valid code and status on the browser.
what actually happens.
1. http://localhost:8088/
2. Eneter MS ID and password
3. Auth success
4. in browser it comes with a valid code:
https://localhost:8088/oauth-authorized/PING?code=aaaaaaaaaaaaaaaaa&state=bbbbbbbbbbb.cccccccccc.ddddddd-ffffff-gggggggg-Y
5. Error on browser is "This site can’t be reached"
6. LOGS:
superset_app | 2021-09-20 14:45:19,097:DEBUG:authlib.integrations.base_client.base_app:Saving authorize data: {'redirect_uri': 'http://localhost:8088/oauth-authorized/PING', 'nonce': 'S6JvBApadi4z3wOIyMWE', 'url': 'https://url/as/authorization.oauth2?response_type=code&client_id=client_id&redirect_uri=http%3A%2F%2Flocalhost%3A8088%2Foauth-authorized%2FPING&scope=openid+profile+address+email+phone&state=aaaaaaa.bbbbbbb.cccccc-ddddd-eeeee-Y&nonce=S6JvBApadi4z3wOIyKVU', 'state': 'eyL0eEAiOiMNS1QiLCJhbGciOiJIUzI1NiJ9.eeeeeee.bbbbbb-vvvvv-vvvvvv-Y'}
superset_app | 172.18.0.1 - - [20/Sep/2021:14:45:19 +0000] "GET /login/PING?next= HTTP/1.1" 302 951 "http://localhost:8088/login/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36"
superset_app | 127.0.0.1 - - [20/Sep/2021:14:45:22 +0000] "GET /health HTTP/1.1" 200 2 "-" "curl/7.64.0"
#### Screenshots
If applicable, add screenshots to help explain your problem.
#### How to reproduce the bug
1. Git clone: https://github.com/apache/superset.git
2. configure superset_config.py with Oauth changes
3. add a custum sso file as on document page
4. build docker image : docker build -t superset-dev:latest .
5. docker-compose -f docker-compose-non-dev.yml up
6. http://localhost:8088/
7. enter MS id and password
8. Auth success
9. in browser it comes with a valid code:
https://localhost:8088/oauth-authorized/PING?code=aaaaaaaaaaaaaaaaa&state=bbbbbbbbbbb.cccccccccc.ddddddd-ffffff-gggggggg-Y
10. Error on browser is "This site can’t be reached"
### Environment
Local : https://localhost:8088/
(please complete the following information):
- superset version: Could not figure out the version info. However took the lates source code from here: https://github.com/apache/superset.git and modified files and built a docker image.
- python version: 3.7.9
- node.js version: 14
- any feature flags active:
### Additional context
Add any other context about the problem here.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] mandeeplohan edited a comment on issue #16749: [HELP NEEDED] OAuth not working- NO POST call happening
Posted by GitBox <gi...@apache.org>.
mandeeplohan edited a comment on issue #16749:
URL: https://github.com/apache/superset/issues/16749#issuecomment-925807924
@junlincc @eschutho
Will you be able to help me here please ? :)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] eschutho commented on issue #16749: [HELP NEEDED] OAuth not working- NO POST call happening
Posted by GitBox <gi...@apache.org>.
eschutho commented on issue #16749:
URL: https://github.com/apache/superset/issues/16749#issuecomment-926962895
@dpgaspar do you have any insight into this?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] mandeeplohan commented on issue #16749: [HELP NEEDED] OAuth not working- NO POST call after GET call
Posted by GitBox <gi...@apache.org>.
mandeeplohan commented on issue #16749:
URL: https://github.com/apache/superset/issues/16749#issuecomment-925807924
@junlincc Will you be able to help me here please ? :)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org