Advertisement
pashalvov

oauth adsf

Feb 13th, 2024
694
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 2.02 KB | None | 0 0
  1. ################ Файл superset_config.py
  2. from custom_sso_security_manager import CustomSsoSecurityManager
  3.  
  4. CUSTOM_SECURITY_MANAGER = CustomSsoSecurityManager
  5.  
  6. ###### OAUTH AUTH
  7.  
  8. AUTH_TYPE = AUTH_OAUTH
  9. AUTH_USER_REGISTRATION = True
  10. AUTH_USER_REGISTRATION_ROLE = "ReportViewOnly"
  11. AUTH_ROLES_SYNC_AT_LOGIN = True
  12.  
  13. AUTH_ROLES_MAPPING = {
  14.     "Users": ["ReportViewOnly"],
  15.     "Admins": ["Admin"],
  16.     "Gamma": ["Gamma"],
  17. }
  18.  
  19. OAUTH_PROVIDERS = [
  20. {
  21.    'name': 'adfs',
  22.         'icon': 'fa-key',
  23.         'token_key': 'access_token',
  24.         'remote_app': {
  25.             'client_id': 'client_id',
  26.             'client_secret': 'client_secret',
  27.             'api_base_url': 'https://ouath/',
  28.             'client_kwargs':{
  29.               'scope': 'profile'
  30.             },
  31.             'request_token_url': None,
  32.             'access_token_url': 'https://ouath/adfs/oauth2/token',
  33.             'authorize_url': 'https://ouath/adfs/oauth2/authorize'
  34.    }
  35. }]
  36.  
  37. ################ Файл custom_sso_security_manager.py там же где и superset_config.py
  38. import logging
  39. import requests
  40. import jwt
  41. from superset.security import SupersetSecurityManager
  42.  
  43.  
  44. class CustomSsoSecurityManager(SupersetSecurityManager):
  45.     def oauth_user_info(self, provider, response=None):
  46.         logging.debug("Oauth2 provider: {0}.".format(provider))
  47.         if provider == "adfs":
  48.             access_token = response["access_token"]
  49.             # logging.debug("АААааа! Токен: {0}".format(access_token))
  50.             decoded = jwt.decode(access_token, options={"verify_signature": False})
  51.             # decoded = jwt.decode(access_token, verify=False)
  52.             logging.debug("Свойства AD: {0}".format(decoded))
  53.             return {
  54.                 "email": decoded["email"],
  55.                 # "id": user_data["login"],
  56.                 "username": decoded["login"],
  57.                 "first_name": decoded["firstName"],
  58.                 "last_name": decoded["lastName"],
  59.                 "role_keys": decoded["roles"],
  60.             }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement