我已设置 Apache Superset 以使用 Auth0 进行身份验证。 Auth0 验证成功,但未重定向到欢迎页面。我收到错误消息:
"Invalid login. Please try again."
我附上了
custom_sso_security_manager.py
和superset_config.py
。是否还有其他文件,需要进行其他修改吗?
我的 Superset 在 Ubuntu 18.04 上使用 Docker 运行。
Docker 日志:
superset_app | DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): dev-xdvt19qd.us.auth0.com:443
superset_app | DEBUG:urllib3.connectionpool:https://dev-xdvt19qd.us.auth0.com:443 "POST /oauth/token HTTP/1.1" 200 None
superset_app | ERROR:flask_appbuilder.security.views:Error returning OAuth user info: Invalid URL 'userinfo': No schema supplied. Perhaps you meant http://userinfo?
custom_sso_security_manager.py
:
from superset.security import SupersetSecurityManager
import logging
logger = logging.getLogger('auth0_login')
class CustomSsoSecurityManager(SupersetSecurityManager):
def oauth_user_info(self, provider, response=None ):
if provider == 'auth0':
res = self.appbuilder.sm.oauth_remotes[provider].get('userinfo')
print(res)
if res.status != 200:
logger.error('Failed to obtain user info: %s', res.data)
return
me = res.data
logger.debug(" user_data: %s", me)
prefix = 'Superset'
return {
'username' : me['email'],
'name' : me['name'],
'email' : me['email'],
'first_name': me['given_name'],
'last_name': me['family_name'],
}
superset_config.py
:
ROW_LIMIT = 5000
SUPERSET_WORKERS = 4
SUPERSET_WEBSERVER_PORT = 8088
import os
import logging
from flask_appbuilder.security.manager import AUTH_OAUTH
#AUTH_OID, AUTH_REMOTE_USER, AUTH_DB,AUTH_LDAP, AUTH_OAUTH
from custom_sso_security_manager import CustomSsoSecurityManager
CUSTOM_SECURITY_MANAGER = CustomSsoSecurityManager
basedir = os.path.abspath(os.path.dirname(__file__))
AUTH_TYPE = AUTH_OAUTH
AUTH_USER_REGISTRATION = True
AUTH_USER_REGISTRATION_ROLE = "Admin"
AUTH_ROLE_ADMIN = 'Admin'
PREFERRED_URL_SCHEME = 'http'
OAUTH_PROVIDERS = [
{
'name':'auth0',
'token_key': 'access_token',
'icon':'fa-google',
'remote_app': {
'client_id': 'xxxxxxxyMs',
'client_secret': 'xxxxxxr0UKg-ubX',
'client_kwargs': {'scope': 'openid profile email',},
'base_url': 'https://dev-x.us.auth0.com',
'access_token_url': 'https://dev-x.us.auth0.com/oauth/token',
'authorize_url': 'https://dev-x.us.auth0.com/authorize',
'access_token_method': 'POST'
}
}
]
请使用:
代替base_url'api_base_url': 'https://{okta.domain}.okta.com/oauth2/v1/',
我在(custom_sso_security_manager.py)中修改了以下代码并解决了问题。
class CustomSsoSecurityManager(SupersetSecurityManager):
authoauthview = CustomOauthView
def oauth_user_info(self, provider, response=None ):
if provider == 'auth0':
res = self.appbuilder.sm.oauth_remotes[provider].get('base_url/userinfo')
me = res.json()
logger.info(" user_data: %s", me)
prefix = 'Superset'
return {
'username' : me['email'],
'name' : me['name'],
'email' : me['email'],
'first_name': me['email'],
'last_name': me['name'],
}
“base_url”需要替换为这样的用户基本 url (https://sssssccvvv.us.auth0.com')