配置 Oauth OIDC 时缺少必需参数

问题描述 投票:0回答:1

我正在尝试通过 OIDC 将 Apache Superset 与 Jumpcloud 集成。以下配置是在Jump云端完成的。

login url - https://superset.dev/login
redirect url - https://superset.dev/oauth-authorized/jumpcloud

超集最终配置如下:-

from flask_appbuilder.security.manager import AUTH_OAUTH
    AUTH_TYPE = AUTH_OAUTH
    AUTH_USER_REGISTRATION = False
    ENABLE_PROXY_FIX = True
    PROXY_FIX_CONFIG = {"x_for": 1, "x_proto": 1, "x_host": 1, "x_port": 0, "x_prefix": 1}
    OAUTH_PROVIDERS = [
    {
        'name': 'jumpcloud',
        'icon': 'fa-address-card',
        'remote_app': {
            'client_id': 'abc',
            'client_secret': 'xyz',
            'server_metadata_url': 'https://oauth.id.jumpcloud.com/.well-known/openid-configuration',
            'redirect_uri': 'https://superset.dev/oauth-authorized/jumpcloud'
        }
    }
    ]
    import logging
    from superset.security import SupersetSecurityManager
    
    class CustomSsoSecurityManager(SupersetSecurityManager):
    
        def oauth_user_info(self, provider, response=None):
            logging.debug("Oauth2 provider: {0}.".format(provider))
            if provider == 'jumpcloud':
                # As example, this line request a GET to base_url + '/' + userDetails with Bearer  Authentication,
        # and expects that authorization server checks the token, and response with user details
                me = self.appbuilder.sm.oauth_remotes[provider].get('userDetails').data
                logging.debug("user_data: {0}".format(me))
                return { 'name' : me['name'], 'email' : me['email'], 'id' : me['user_name'], 'username' : me['user_name'], 'first_name' : me['first_name'], 'last_name' : me['last_name']}
    CUSTOM_SECURITY_MANAGER = CustomSsoSecurityManager

问题是我可以在 Jump cloud 控制台中看到 superset 图标,当我单击 superset 时,它会转到登录页面,但然后返回到 Jump cloud 控制台。我在 chrome 中遇到以下错误。

The+request+is+missing+a+required+parameter%2C+includes+an+invalid+parameter+value%2C+includes+a+parameter+more+than+once%2C+or+is+otherwise+malformed.+The+%27redirect_uri%27+parameter+does+not+match+any+of+the+OAuth+2.0+Client%27s+pre-registered+redirect+urls.#/

另外,当我在 chrome 中进行检查时,我得到如下所示的重定向 URL

redirect_uri=http%3A%2F%2Fsuperset.dev%2Foauth-authorized%2Fjumpcloud

我怀疑在检查中获取重定向uri是

http
但是在jumpcloud端它配置了
https

有人可以帮助我吗?

我希望 superset 应该通过 Jumpcloud 登录。

oauth-2.0 oauth openid-connect apache-superset
1个回答
0
投票

@surya 你找到这个问题的解决方案了吗? 我在 Jumpcloud 和 Superset 方面面临着同样的问题,但无法使其正常工作

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.