Simple and rapid application development framework, built on top of Flask. includes detailed security, auto CRUD generation for your models, google charts and much more. Demo (login with guest/welcome) - http://flaskappbuilder.pythonanywhere.com/
BSD 3-Clause "New" or "Revised" License
4.66k
stars
1.36k
forks
source link
Wrong url while getting userinfo from Keycloak #2226
If you'd like to report a bug in Flask-Appbuilder, fill out the template below. Provide
any extra information that may be useful
Responsible disclosure:
We want to keep Flask-AppBuilder safe for everyone. If you've discovered a security vulnerability
please report to danielvazgaspar@gmail.com.
Somehow, when the application searches for user info, it raises this error:
ERROR:flask_appbuilder.security.views:Error returning OAuth user info: 404 Client Error: Not Found for url: https://<my_domain>/realms/<realm_name>/openid-connect/userinfo
As you can see, it omits /protocol in the URL, so it returns error 404.
Is there any variable I can define so that flask_appbuilder will use the correct URL when tries to retrieve ?
Describe the actual results
Tell us what happens instead.
When the application searched for user info, it raises this error:
ERROR:flask_appbuilder.security.views:Error returning OAuth user info: 404 Client Error: Not Found for url: https://<my_domain>/realms/<realm_name>/openid-connect/userinfo
Steps to reproduce
For reproducing this issue you need to deploy Superset on Kubernetes and have a Keycloack instance for managing auth.
If you'd like to report a bug in Flask-Appbuilder, fill out the template below. Provide any extra information that may be useful
Responsible disclosure: We want to keep Flask-AppBuilder safe for everyone. If you've discovered a security vulnerability please report to danielvazgaspar@gmail.com.
Environment
Flask-Appbuilder version: 4.3.11
Describe the expected results
Tell us what should happen.
I use Flask-AppBuilder for managing Auth in Apache Superset through Keycloak: https://superset.apache.org/docs/installation/configuring-superset/#custom-oauth2-configuration All the URLs I define in
remote_app
dictionary, have this base URL:https://<my_domain>/realms/<realm_name>/protocol
Somehow, when the application searches for
user info
, it raises this error:As you can see, it omits
/protocol
in the URL, so it returns error 404. Is there any variable I can define so thatflask_appbuilder
will use the correct URL when tries to retrieve ?Describe the actual results
Tell us what happens instead. When the application searched for
user info
, it raises this error:ERROR:flask_appbuilder.security.views:Error returning OAuth user info: 404 Client Error: Not Found for url: https://<my_domain>/realms/<realm_name>/openid-connect/userinfo
Steps to reproduce
For reproducing this issue you need to deploy Superset on Kubernetes and have a Keycloack instance for managing auth.