Okta for Superset 未按预期工作

问题描述 投票:0回答:1

我正在尝试将 Okta 集成到 Apache Superset,但它没有按预期工作。

当我尝试使用 Okta 登录时,我看到一个登录屏幕,告诉我,

The request to sign in was denied.

Superset 的日志不显示有关尝试授权的任何错误或日志。

我的

superset_config.py
的相关部分是:

# Okta Login Logic:
AUTH_USER_REGISTRATION = True
AUTH_USER_REGISTRATION_ROLE = "Public"

OKTA_BASE_URL = "my_url.okta.com"
AUTH_TYPE = AUTH_OAUTH

OKTA_CLIENT_ID = os.environ.get("OKTA_CLIENT_ID")
OKTA_CLIENT_SECRET = os.environ.get("OKTA_CLIENT_SECRET")


class CustomSsoSecurityManager(SupersetSecurityManager):
    def oauth_user_info(self, provider, response=None):

        if provider == "my_company_name": #perhaps this should be okta?
            user_info = self.appbuilder.sm.oauth_remotes[provider].parse_id_token(
                response
            )

            return {
                "name": user_info["name"],
                "email": user_info["email"],
                "id": user_info["email"],
                "username": user_info["email"],
            }

OAUTH_PROVIDERS = [
    {
        "name": "my_company_name",
        "token_key": "access_token",
        "icon": "fa-circle-o",
        "remote_app": {
            "client_id": OKTA_CLIENT_ID,
            "client_secret": OKTA_CLIENT_SECRET,
            "client_kwargs": {"scope": "openid profile email groups"},
            "access_token_method": "POST",
            "api_base_url": f"{OKTA_BASE_URL}/oauth2/v1/",
            "access_token_url": f"{OKTA_BASE_URL}/oauth2/v1/token",
            "authorize_url": f"{OKTA_BASE_URL}/oauth2/v1/authorize",
            "server_metadata_url": f"{OKTA_BASE_URL}/.well-known/openid-configuration",
        },
    }
]

CUSTOM_SECURITY_MANAGER = CustomSsoSecurityManager

# a mapping from the values of `userinfo["role_keys"]` to a list of FAB roles
AUTH_ROLES_MAPPING = {
    "FAB_USERS": ["User"],
    "FAB_ADMINS": ["Admin"],
}

# if we should replace ALL the user's roles each login, or only on registration
AUTH_ROLES_SYNC_AT_LOGIN = True

我已经审阅了所有相关文档和其他几篇 SO 帖子。

okta apache-superset
1个回答
0
投票

有什么解决办法吗?我也有同样的问题

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.