Incubator-superset: How to use google OAuth in caravel

Created on 13 Jul 2016 · 7Comments · Source: apache/incubator-superset

Hi guys,

I have a question about how to use google OAuth in caravel, I check the docs from http://flask-appbuilder.readthedocs.io/en/latest/security.html#authentication-oauth, and add the following codes in config.py file:

AUTH_TYPE = AUTH_OAUTH

OAUTH_PROVIDERS = [
    {'name':'twitter', 'icon':'fa-twitter',
        'remote_app': {
            'consumer_key':'TWITTER KEY',
            'consumer_secret':'TWITTER SECRET',
            'base_url':'https://api.twitter.com/1.1/',
            'request_token_url':'https://api.twitter.com/oauth/request_token',
            'access_token_url':'https://api.twitter.com/oauth/access_token',
            'authorize_url':'https://api.twitter.com/oauth/authenticate'}
    },
    {'name':'google', 'icon':'fa-google', 'token_key':'access_token',
        'remote_app': {
            'consumer_key':'GOOGLE KEY',
            'consumer_secret':'GOOGLE SECRET',
            'base_url':'https://www.googleapis.com/plus/v1/',
            'request_token_params':{
              'scope': 'https://www.googleapis.com/auth/userinfo.email'
            },
            'request_token_url':None,
            'access_token_url':'https://accounts.google.com/o/oauth2/token',
            'authorize_url':'https://accounts.google.com/o/oauth2/auth'}
    }
]

But I don't know where I should write the code like following according to the docs:

@appbuilder.sm.oauth_user_info_getter
def my_user_info_getter(sm, provider, response=None):
    if provider == 'github':
        me = sm.oauth_remotes[provider].get('user')
        return {'username': me.data.get('login')}
    else:
        return {}

Anyone help me?

Source

tanminhnu

Most helpful comment

Managed to set it up after reading source codes on both Superset and Flask_appbuilder.

https://medium.com/@aungmt/superset-with-google-oauth-3ba7a1c1f459

Aung-Myint-Thein on 9 Aug 2017

👍2

All 7 comments

You should ask in the flask-appbuilder GH epo

mistercrunch on 22 Jul 2016

@Thomasmisfit you ever have any luck getting Google OAuth to work with Caravel?

dugjason on 14 Oct 2016

I'm integrating superset with a different oauth provider, and, while I have it working, it is an (awful) hack.

Here are some tips:
1.- Install Flask-OAuthlib (pip), last version, 0.9.3
2.- The decorated function (my_user_info_getter) is not longer receiving the sm object, but the providers list (sm.oauth_remotes). You can check the declaration of the decorator in flask_appbuilder/security/manager.py
3.- The decorated function needs access to the superset appbuilder object (defined in superset/__init_.py).
4.- I'm also using the decorated function to check the info of the user that is already stored on the superset user datamodel, and the superset roles, and for that, I need access to the sm object. I'm totally breaking responsibilities here :(...

I think that a good example of accessing sm and appbuilder is superset/views.py... so I guess that one solution is to create a superset/my_own_security.py and put a reference on superset/ for that new library. It should be relatively easy to get new superset features working in your fork in the future.

iaperez on 24 Nov 2016

@iaperez have you solve the problem? i want to integrating superset with our company oauth provider. can you give me your demo? thanks. my email: [email protected]

fenlon on 6 Dec 2016

👍1

Managed to set it up after reading source codes on both Superset and Flask_appbuilder.

https://medium.com/@aungmt/superset-with-google-oauth-3ba7a1c1f459

Aung-Myint-Thein on 9 Aug 2017

👍2

@iaperez: i have same requirement. can you help me to implement the requirement.
or provide an example of "superset with a different oauth provider"
mailid :[email protected]