Open sundar68 opened 2 days ago
Hey @sundar68! I'm here to help you with any issues or questions you have. Let's tackle this bug together!
I found some similar discussions and a closed issue that might be relevant to your problem:
The closed issue suggested a solution involving downgrading certain packages:
pip uninstall wtforms
pip install wtforms==2.3.3
pip uninstall flask
pip install flask==2.0.3
pip uninstall werkzeug
pip install werkzeug==2.0.3
Regarding the 500 internal server error for the /api/v1/security/login
endpoint, it is likely due to an issue within the guest_token
method. Here are some potential causes:
ValidationError
will be raised. This should return a 400 error, but if there is an unhandled validation issue, it could result in a 500 error.GUEST_TOKEN_VALIDATOR_HOOK
is not callable or fails validation, it raises a SupersetGenericErrorException
or ValidationError
, respectively. If these exceptions are not properly caught, they could result in a 500 error.create_guest_access_token
method, it could also result in a 500 error.Here is the relevant code snippet that could be causing the issue:
try:
body = guest_token_create_schema.load(request.json)
self.appbuilder.sm.validate_guest_token_resources(body["resources"])
guest_token_validator_hook = current_app.config.get("GUEST_TOKEN_VALIDATOR_HOOK")
if guest_token_validator_hook is not None:
if callable(guest_token_validator_hook):
if not guest_token_validator_hook(body):
raise ValidationError(message="Guest token validation failed")
else:
raise SupersetGenericErrorException(
message="Guest token validator hook not callable"
)
token = self.appbuilder.sm.create_guest_access_token(
body["user"], body["resources"], body["rls"]
)
return self.response(200, token=token)
except EmbeddedDashboardNotFoundError as error:
return self.response_400(message=error.message)
except ValidationError as error:
return self.response_400(message=error.messages)
To debug this issue, you should:
GuestTokenCreateSchema
.GUEST_TOKEN_VALIDATOR_HOOK
is correctly configured and callable.create_guest_access_token
for any potential issues [5][6].Additionally, the expected input and output schemas for the /api/v1/security/login
endpoint are as follows:
Input Schema:
{
"type": "object",
"properties": {
"password": {
"description": "The password for authentication",
"example": "complex-password",
"type": "string"
},
"provider": {
"description": "Choose an authentication provider",
"enum": ["db", "ldap"],
"example": "db",
"type": "string"
},
"refresh": {
"description": "If true a refresh token is provided also",
"example": true,
"type": "boolean"
},
"username": {
"description": "The username for authentication",
"example": "admin",
"type": "string"
}
},
"required": true
}
Output Schema:
{
"type": "object",
"properties": {
"access_token": {
"type": "string"
},
"refresh_token": {
"type": "string"
}
}
}
To continue talking to Dosu, mention @dosu.
Bug description
Superset is working fine when try to use sdk, while fetching accesstoken it's throwing 500 error. API:
/api/v1/security/login
payload:Response: {"message":"Fatal error"}
Tried giving Gamma & public user credentials and Admin user credentials, but same error. When I tried to hit from swagger getting "Not Authorized error"
This is my superset_config.py file
How to reproduce the bug
Try to hit above mentioned api with above config file.
Screenshots/recordings
Superset version
master / latest-dev
Python version
3.9
Node version
16
Browser
Chrome
Additional context
No response
Checklist