我正在尝试通过 OIDC 将 Apache Superset 与 Jumpcloud 集成。以下配置是在Jump云端完成的。
login url - https://superset.dev/login
redirect url - https://superset.dev/oauth-authorized/jumpcloud
超集最终配置如下:-
from flask_appbuilder.security.manager import AUTH_OAUTH
AUTH_TYPE = AUTH_OAUTH
AUTH_USER_REGISTRATION = False
ENABLE_PROXY_FIX = True
PROXY_FIX_CONFIG = {"x_for": 1, "x_proto": 1, "x_host": 1, "x_port": 0, "x_prefix": 1}
OAUTH_PROVIDERS = [
{
'name': 'jumpcloud',
'icon': 'fa-address-card',
'remote_app': {
'client_id': 'abc',
'client_secret': 'xyz',
'server_metadata_url': 'https://oauth.id.jumpcloud.com/.well-known/openid-configuration',
'redirect_uri': 'https://superset.dev/oauth-authorized/jumpcloud'
}
}
]
import logging
from superset.security import SupersetSecurityManager
class CustomSsoSecurityManager(SupersetSecurityManager):
def oauth_user_info(self, provider, response=None):
logging.debug("Oauth2 provider: {0}.".format(provider))
if provider == 'jumpcloud':
# As example, this line request a GET to base_url + '/' + userDetails with Bearer Authentication,
# and expects that authorization server checks the token, and response with user details
me = self.appbuilder.sm.oauth_remotes[provider].get('userDetails').data
logging.debug("user_data: {0}".format(me))
return { 'name' : me['name'], 'email' : me['email'], 'id' : me['user_name'], 'username' : me['user_name'], 'first_name' : me['first_name'], 'last_name' : me['last_name']}
CUSTOM_SECURITY_MANAGER = CustomSsoSecurityManager
问题是我可以在 Jump cloud 控制台中看到 superset 图标,当我单击 superset 时,它会转到登录页面,但然后返回到 Jump cloud 控制台。我在 chrome 中遇到以下错误。
The+request+is+missing+a+required+parameter%2C+includes+an+invalid+parameter+value%2C+includes+a+parameter+more+than+once%2C+or+is+otherwise+malformed.+The+%27redirect_uri%27+parameter+does+not+match+any+of+the+OAuth+2.0+Client%27s+pre-registered+redirect+urls.#/
另外,当我在 chrome 中进行检查时,我得到如下所示的重定向 URL
redirect_uri=http%3A%2F%2Fsuperset.dev%2Foauth-authorized%2Fjumpcloud
我怀疑在检查中获取重定向uri是
http
但是在jumpcloud端它配置了https
。
有人可以帮助我吗?
我希望 superset 应该通过 Jumpcloud 登录。
@surya 你找到这个问题的解决方案了吗? 我在 Jumpcloud 和 Superset 方面面临着同样的问题,但无法使其正常工作