I have set up Apache Superset to authenticate with Auth0. Auth0 validation is successful but does not redirect to the welcome page. I get the error message: "Invalid login. Please try again."
I attached custom_sso_security_manager.py & superset_config.py. Is there any other files, any other modification required?
My Superset is running with Docker on Ubuntu 18.04.
Docker Log:
superset_app | DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): dev-xdvt19qd.us.auth0.com:443
superset_app | DEBUG:urllib3.connectionpool:https://dev-xdvt19qd.us.auth0.com:443 "POST /oauth/token HTTP/1.1" 200 None
superset_app | ERROR:flask_appbuilder.security.views:Error returning OAuth user info: Invalid URL 'userinfo': No schema supplied. Perhaps you meant http://userinfo?
custom_sso_security_manager.py:
from superset.security import SupersetSecurityManager
import logging
logger = logging.getLogger('auth0_login')
class CustomSsoSecurityManager(SupersetSecurityManager):
def oauth_user_info(self, provider, response=None ):
if provider == 'auth0':
res = self.appbuilder.sm.oauth_remotes[provider].get('userinfo')
print(res)
if res.status != 200:
logger.error('Failed to obtain user info: %s', res.data)
return
me = res.data
logger.debug(" user_data: %s", me)
prefix = 'Superset'
return {
'username' : me['email'],
'name' : me['name'],
'email' : me['email'],
'first_name': me['given_name'],
'last_name': me['family_name'],
}
superset_config.py:
ROW_LIMIT = 5000
SUPERSET_WORKERS = 4
SUPERSET_WEBSERVER_PORT = 8088
import os
import logging
from flask_appbuilder.security.manager import AUTH_OAUTH
#AUTH_OID, AUTH_REMOTE_USER, AUTH_DB,AUTH_LDAP, AUTH_OAUTH
from custom_sso_security_manager import CustomSsoSecurityManager
CUSTOM_SECURITY_MANAGER = CustomSsoSecurityManager
basedir = os.path.abspath(os.path.dirname(__file__))
AUTH_TYPE = AUTH_OAUTH
AUTH_USER_REGISTRATION = True
AUTH_USER_REGISTRATION_ROLE = "Admin"
AUTH_ROLE_ADMIN = 'Admin'
PREFERRED_URL_SCHEME = 'http'
OAUTH_PROVIDERS = [
{
'name':'auth0',
'token_key': 'access_token',
'icon':'fa-google',
'remote_app': {
'client_id': 'xxxxxxxyMs',
'client_secret': 'xxxxxxr0UKg-ubX',
'client_kwargs': {'scope': 'openid profile email',},
'base_url': 'https://dev-x.us.auth0.com',
'access_token_url': 'https://dev-x.us.auth0.com/oauth/token',
'authorize_url': 'https://dev-x.us.auth0.com/authorize',
'access_token_method': 'POST'
}
}
]
I modified the code as below in(custom_sso_security_manager.py) and issue resolved.
class CustomSsoSecurityManager(SupersetSecurityManager):
authoauthview = CustomOauthView
def oauth_user_info(self, provider, response=None ):
if provider == 'auth0':
res = self.appbuilder.sm.oauth_remotes[provider].get('base_url/userinfo')
me = res.json()
logger.info(" user_data: %s", me)
prefix = 'Superset'
return {
'username' : me['email'],
'name' : me['name'],
'email' : me['email'],
'first_name': me['email'],
'last_name': me['name'],
}
"base_url" needs to replace with User base url like this (https://sssssccvvv.us.auth0.com')