Comments (1)
gugupy
commented on May 29, 2024
You can achive by extending the AuthOAuthView.login method and add below line start of the login view.
if provider is None:
providers = [k for k in self.appbuilder.sm.oauth_remotes.keys()]
if len(providers) == 1:
provider = providers[0]or simply provider = "keycloak"
Since you using superset you have to tell the security manager that you have different authoauthview.
class CustomSecurityManager(SupersetSecurityManager):
authoauthview = SupersetAuthOAuthViewYou can add the above script in your helm values file without modifying the code base.
extraSecrets:
custom_security_manager.py: |-
import logging
import os
import json
from flask_appbuilder import const as c
from superset.security import SupersetSecurityManager
from werkzeug.security import generate_password_hash
import jwt
from typing import Optional
from flask import flash, g, redirect, request, session, url_for
from flask_appbuilder._compat import as_unicode
from flask_appbuilder.security.utils import generate_random_string
from flask_appbuilder.views import expose
from flask_appbuilder.security.views import AuthOAuthView
from werkzeug.wrappers import Response as WerkzeugResponse
log = logging.getLogger(__name__)
class SupersetAuthOAuthView(AuthOAuthView):
@expose("/login/")
@expose("/login/<provider>")
def login(self, provider: Optional[str] = None) -> WerkzeugResponse:
if provider is None:
providers = [k for k in self.appbuilder.sm.oauth_remotes.keys()]
if len(providers) == 1:
provider = providers[0]
log.debug("Provider: %s", provider)
if g.user is not None and g.user.is_authenticated:
log.debug("Already authenticated %s", g.user)
return redirect(self.appbuilder.get_url_for_index)
if provider is None:
return self.render_template(
self.login_template,
providers=self.appbuilder.sm.oauth_providers,
title=self.title,
appbuilder=self.appbuilder,
)
log.debug("Going to call authorize for: %s", provider)
random_state = generate_random_string()
state = jwt.encode(
request.args.to_dict(flat=False), random_state, algorithm="HS256"
)
session["oauth_state"] = random_state
try:
if provider == "twitter":
return self.appbuilder.sm.oauth_remotes[provider].authorize_redirect(
redirect_uri=url_for(
".oauth_authorized",
provider=provider,
_external=True,
state=state,
)
)
else:
return self.appbuilder.sm.oauth_remotes[provider].authorize_redirect(
redirect_uri=url_for(
".oauth_authorized", provider=provider, _external=True
),
state=state.decode("ascii") if isinstance(state, bytes) else state,
)
except Exception as e:
log.error("Error on OAuth authorize: %s", e)
flash(as_unicode(self.invalid_login_message), "warning")
return redirect(self.appbuilder.get_url_for_index)
class CustomSecurityManager(SupersetSecurityManager):
authoauthview = SupersetAuthOAuthView
configOverrides:
enable_oauth: |
from custom_security_manager import CustomSecurityManager
CUSTOM_SECURITY_MANAGER = CustomSecurityManagerI hope this helps you.
from flask-appbuilder.
Related Issues (20)
- When redefining created and changed by fks to change the custom view, they get nullified HOT 2
- Actual way for Keycloak integration
- Can we add optimistic locking in user land?
- actions on child/related views (multiple childs exist) not working properly HOT 2
- TypeError occured on front-end when using the 'extra_classes=readonly' argument for the Select2Widget HOT 1
- Cannot use anonymous user with LDAP
- user_registration error
- Add support for marshmallow-sqlalchemy 1.0.0
- Support Personal Access Tokens in addition to AUTH_TYPE HOT 1
- [Request] Implement compatibility for Flask 3.0.2
- /static/appbuilder/css/webfonts/fa-regular-400.woff2 file is not found HOT 1
- Wrong url while getting userinfo from Keycloak HOT 1
- Changed by user column in ab_user table is not updated when user logged in through LDAP HOT 2
- HTML <a> target attribute for menu item
- adding back-end code and passing 'calculated' value to a view template - how to? HOT 1
- Use PKCE Code challenge for OAUTH authentication scheme
- Handling Non-Standard OAuth2 Implementations HOT 2
- How to support both account password login and Oauth2 login? HOT 1
- Very old sqlalchemy library
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from flask-appbuilder.