Re: [D] Redirect URl [superset]

Sun, 30 Mar 2025 04:26:48 -0700 


GitHub user devyash786 added a comment to the discussion: Redirect URl

@Dosu
OAUTH_PROVIDERS = [{
  'name': 'azure',
  'token_key': 'access_token',
  'icon': 'fa-windows',
  'remote_app': {
    'api_base_url': f "https://login.microsoftonline.com/{Tenant_id}/";,
    'client_kwargs': {
      "scope": "User.read name preferred_username email profile upn",
      "resource": f "{AAD_CLIENT_ID}",
      "verify_signature": False
    },
    'request_token_url': None,
    'request_token_params': {
      'scope': 'User.read openid email profile'
    },
    'access_token_url': f 
"https://login.microsoftonline.com/{Tenant_id}/oauth2/v2.0/token";,
    "access_token_params": {
      'scope': 'User.read openid email profile',
    },
    'authorize_url': f 
"https://login.microsoftonline.com/{Tenant_id}/oauth2/v2.0/authorize";,
    "authorize_params": {
      'scope': 'User.read openid email profile',
    },
    'client_id': f "{AAD_CLIENT_ID}",
    'client_secret': f "{AAD_CLIENT_SECRET}",
    'jwks_uri': 'https://login.microsoftonline.com/common/discovery/v2.0/keys',
    'redirect_url': 'https://super-set-url/oauth-authorized/azure',
  }
}]

 from superset.security import SupersetSecurityManager
    import logging
    class CustomSsoSecurityManager(SupersetSecurityManager):
        # Implement your custom security logic here
        def oauth_user_info(self, provider, response=None):
            # Example implementation for handling OAuth user information
            logger.info(f"oauth_user_info called for provider: {provider}")
            if provider == 'azure':
                logger.info(f"Azure OAuth response: {response}")
                access_token = response.get('access_token')
                me = 
self.appbuilder.sm.oauth_remotes[provider].get('https://graph.microsoft.com/oidc/userinfo',headers={'Authorization':
 f'Bearer {access_token}'})
                data = me.json()
                logger.info(f"User details from Azure: {data}")
                user_info = {
                    'name': data.get('displayName'),
                    'email': data.get('mail') or data.get('userPrincipalName'),
                    'id': data.get('userPrincipalName'),
                    'username': data.get('userPrincipalName'),
                    'first_name': data.get('givenName', ''),
                    'last_name': data.get('surname', '')
                }
                logger.info(f"Returning user info: {user_info}")

                return user_info

    CUSTOM_SECURITY_MANAGER = CustomSsoSecurityManager
    
    
    I am using above configuration still getting '2025-03-30 
09:54:38,971:ERROR:flask_appbuilder.security.views:Error authorizing OAuth 
access token: Invalid JSON Web Key Set
115.112.239.136 - - [30/Mar/2025:09:54:38 +0000] "GET 
/oauth-authorized/azure?code='
All permission are given in Azure AD.

GitHub link: 
https://github.com/apache/superset/discussions/32883#discussioncomment-12666547

----
This is an automatically sent email for [email protected].
To unsubscribe, please send an email to: 
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to