dpgaspar / Flask-AppBuilder

Simple and rapid application development framework, built on top of Flask. includes detailed security, auto CRUD generation for your models, google charts and much more. Demo (login with guest/welcome) - http://flaskappbuilder.pythonanywhere.com/
BSD 3-Clause "New" or "Revised" License
4.7k stars 1.36k forks source link

Airflow Google OAuth redirect_uri using http instead of https #2030

Closed JustMaris closed 1 year ago

JustMaris commented 1 year ago

Environment

Flask-Appbuilder version: 4.1.4

pip freeze output:

aiofiles==22.1.0
aiohttp==3.8.4
aiosignal==1.3.1
alembic==1.10.3
amqp==5.1.1
anyio==3.6.2
apache-airflow==2.5.3
apache-airflow-providers-amazon==7.4.1
apache-airflow-providers-celery==3.1.0
apache-airflow-providers-cncf-kubernetes==5.3.0
apache-airflow-providers-common-sql==1.4.0
apache-airflow-providers-elasticsearch==4.4.0
apache-airflow-providers-ftp==3.3.1
apache-airflow-providers-google==8.12.0
apache-airflow-providers-hashicorp==3.3.1
apache-airflow-providers-http==4.3.0
apache-airflow-providers-imap==3.1.1
apache-airflow-providers-mysql==4.0.2
apache-airflow-providers-odbc==3.2.1
apache-airflow-providers-oracle==3.6.0
apache-airflow-providers-postgres==5.4.0
apache-airflow-providers-redis==3.1.0
apache-airflow-providers-sftp==4.2.4
apache-airflow-providers-slack==7.2.0
apache-airflow-providers-snowflake==4.0.4
apache-airflow-providers-sqlite==3.3.1
apache-airflow-providers-ssh==3.6.0
apispec==3.3.2
argcomplete==2.1.2
asgiref==3.6.0
asn1crypto==1.5.1
async-timeout==4.0.2
attrs==22.2.0
Authlib==1.2.0
Babel==2.12.1
backoff==2.2.1
bcrypt==4.0.1
beautifulsoup4==4.12.2
billiard==3.6.4.0
blinker==1.5
boto3==1.26.115
botocore==1.29.115
cachelib==0.9.0
cachetools==5.3.0
cattrs==22.2.0
celery==5.2.7
certifi==2022.12.7
cffi==1.15.1
chardet==4.0.0
charset-normalizer==2.1.1
click==8.1.3
click-didyoumean==0.3.0
click-plugins==1.1.1
click-repl==0.2.0
clickclick==20.10.2
cloudpickle==2.0.0
colorama==0.4.6
colorlog==4.8.0
ConfigUpdater==3.1.1
connexion==2.14.2
cron-descriptor==1.2.35
croniter==1.3.14
cryptography==39.0.2
decorator==5.1.1
Deprecated==1.2.13
dill==0.3.6
distlib==0.3.6
dnspython==2.3.0
docutils==0.19
elasticsearch==7.17.9
elasticsearch-dbapi==0.2.2
elasticsearch-dsl==7.4.1
email-validator==1.3.1
exceptiongroup==1.1.1
filelock==3.12.0
Flask==2.2.3
Flask-AppBuilder==4.1.4
Flask-Babel==2.0.0
Flask-Caching==2.0.2
Flask-JWT-Extended==4.4.4
Flask-Login==0.6.2
Flask-Session==0.4.0
Flask-SQLAlchemy==2.5.1
Flask-WTF==1.1.1
flower==1.2.0
frozenlist==1.3.3
future==0.18.3
gcloud-aio-auth==4.2.1
gcloud-aio-bigquery==6.3.0
gcloud-aio-storage==8.2.0
google-ads==18.0.0
google-api-core==2.8.2
google-api-python-client==1.12.11
google-auth==2.17.3
google-auth-httplib2==0.1.0
google-auth-oauthlib==0.8.0
google-cloud-aiplatform==1.13.1
google-cloud-appengine-logging==1.1.3
google-cloud-audit-log==0.2.4
google-cloud-automl==2.8.0
google-cloud-bigquery==2.34.3
google-cloud-bigquery-datatransfer==3.7.0
google-cloud-bigquery-storage==2.14.1
google-cloud-bigtable==2.11.1
google-cloud-build==3.9.0
google-cloud-compute==0.7.0
google-cloud-container==2.11.1
google-cloud-core==2.3.2
google-cloud-datacatalog==3.9.0
google-cloud-dataflow-client==0.5.4
google-cloud-dataform==0.2.0
google-cloud-dataplex==1.1.0
google-cloud-dataproc==5.0.0
google-cloud-dataproc-metastore==1.6.0
google-cloud-dlp==3.8.0
google-cloud-kms==2.12.0
google-cloud-language==1.3.2
google-cloud-logging==3.2.1
google-cloud-memcache==1.4.1
google-cloud-monitoring==2.11.0
google-cloud-orchestration-airflow==1.4.1
google-cloud-os-login==2.7.1
google-cloud-pubsub==2.13.5
google-cloud-redis==2.9.0
google-cloud-resource-manager==1.6.0
google-cloud-secret-manager==1.0.2
google-cloud-spanner==1.19.3
google-cloud-speech==1.3.4
google-cloud-storage==2.8.0
google-cloud-tasks==2.10.1
google-cloud-texttospeech==1.0.3
google-cloud-translate==1.7.2
google-cloud-videointelligence==1.16.3
google-cloud-vision==1.0.2
google-cloud-workflows==1.7.1
google-crc32c==1.5.0
google-resumable-media==2.4.1
googleapis-common-protos==1.56.4
graphviz==0.20.1
greenlet==2.0.2
grpc-google-iam-v1==0.12.4
grpcio==1.54.0
grpcio-gcp==0.2.2
grpcio-status==1.48.2
gunicorn==20.1.0
h11==0.14.0
httpcore==0.16.3
httplib2==0.21.0
httpx==0.23.3
humanize==4.6.0
hvac==1.1.0
idna==3.4
importlib-metadata==4.13.0
importlib-resources==5.12.0
inflection==0.5.1
itsdangerous==2.1.2
jaraco.classes==3.2.3
jeepney==0.8.0
Jinja2==3.1.2
jmespath==1.0.1
json-merge-patch==0.2
jsonpath-ng==1.5.3
jsonschema==4.17.3
keyring==23.13.1
kombu==5.2.4
kubernetes==23.6.0
kubernetes-asyncio==24.2.2
langdetect==1.0.9
lazy-object-proxy==1.9.0
linkify-it-py==2.0.0
lockfile==0.12.2
looker-sdk==23.6.0
lxml==4.9.2
Mako==1.2.4
Markdown==3.4.3
markdown-it-py==2.2.0
MarkupSafe==2.1.2
marshmallow==3.19.0
marshmallow-enum==1.5.1
marshmallow-oneofschema==3.0.1
marshmallow-sqlalchemy==0.26.1
mdit-py-plugins==0.3.5
mdurl==0.1.2
more-itertools==9.1.0
multidict==6.0.4
mypy-boto3-appflow==1.26.115
mypy-boto3-rds==1.26.114
mypy-boto3-redshift-data==1.26.109
mysql-connector-python==8.0.33
mysqlclient==2.1.1
numpy==1.24.2
oauthlib==3.2.2
oracledb==1.3.0
oscrypto==1.3.0
packaging==23.0
pandas==1.5.3
pandas-gbq==0.13.2
paramiko==3.1.0
pathspec==0.9.0
pendulum==2.1.2
pipdeptree==2.7.0
pkgutil_resolve_name==1.3.10
platformdirs==3.2.0
pluggy==1.0.0
ply==3.11
plyvel==1.5.0
prison==0.2.1
prometheus-client==0.16.0
prompt-toolkit==3.0.38
proto-plus==1.19.6
protobuf==3.20.0
psutil==5.9.5
psycopg2-binary==2.9.6
pyarrow==10.0.1
pyasn1==0.4.8
pyasn1-modules==0.2.8
pycparser==2.21
pycryptodomex==3.17
pydata-google-auth==1.7.0
Pygments==2.15.1
pyhcl==0.4.4
PyJWT==2.6.0
PyNaCl==1.5.0
pyodbc==4.0.39
pyOpenSSL==23.1.1
pyparsing==3.0.9
pyrsistent==0.19.3
python-daemon==3.0.1
python-dateutil==2.8.2
python-nvd3==0.15.0
python-slugify==8.0.1
pytz==2022.7.1
pytzdata==2020.1
pywin32-ctypes==0.2.0
PyYAML==6.0
redis==3.5.3
redshift-connector==2.0.910
requests==2.28.2
requests-oauthlib==1.3.1
requests-toolbelt==0.10.1
rfc3339-validator==0.1.4
rfc3986==1.5.0
rich==13.3.4
rsa==4.9
s3transfer==0.6.0
scramp==1.4.4
SecretStorage==3.3.3
setproctitle==1.3.2
six==1.16.0
slack-sdk==3.21.2
sniffio==1.3.0
snowflake-connector-python==3.0.1
snowflake-snowpark-python==1.3.0
snowflake-sqlalchemy==1.4.7
soupsieve==2.4
SQLAlchemy==1.4.47
sqlalchemy-bigquery==1.6.1
SQLAlchemy-JSONField==1.0.1.post0
sqlalchemy-redshift==0.8.14
SQLAlchemy-Utils==0.40.0
sqlparse==0.4.4
sshtunnel==0.4.0
statsd==4.0.1
tabulate==0.9.0
tenacity==8.2.2
termcolor==2.2.0
text-unidecode==1.3
tornado==6.3
typing_extensions==4.5.0
uc-micro-py==1.0.1
unicodecsv==0.14.1
Unidecode==1.3.6
uritemplate==3.0.1
urllib3==1.26.15
vine==5.0.0
virtualenv==20.21.0
watchtower==2.0.1
wcwidth==0.2.6
websocket-client==1.5.1
Werkzeug==2.2.3
wrapt==1.15.0
WTForms==3.0.1
yarl==1.8.2
zipp==3.15.0

Describe the expected results

redirect_uri uses the https. same as the requester url when using google oauth.

Describe the actual results

redirect_uri uses http URL, while requester is https.

I have looked through a lot of different configurations and I have not found a way how to set redirect_uri for FAB Google Oauth config, so that it would use the expected redirect_uri.

JustMaris commented 1 year ago

The issue was caused by our infrastructure team not noticing a misconfiguration.

mariajgrimaldi commented 1 year ago

Hi there! I'm having the same issue. Can you explain a bit more about how you folks solved it?

JustMaris commented 1 year ago

I don't know what exactly was done, as that was done by a different team, but it was related to AWS Ingress Controller configuration. Maybe something related to outgoing connections.

seunggabi commented 1 year ago

I fronted same issue..