0

我正在关注此链接以获取超集的 OAuth 集成 - https://superset.apache.org/docs/installation/configuring-superset

根据配置:

AUTH_TYPE = AUTH_OAUTH
OAUTH_PROVIDERS = [
    {   'name':'egaSSO',
        'token_key':'access_token', # Name of the token in the response of access_token_url
        'icon':'fa-address-card',   # Icon for the provider
        'remote_app': {
            'client_id':'myClientId',  # Client Id (Identify Superset application)
            'client_secret':'MySecret', # Secret for this Client Id (Identify Superset application)
            'client_kwargs':{
                'scope': 'read'               # Scope for the Authorization
            },
            'access_token_method':'POST',    # HTTP Method to call access_token_url
            'access_token_params':{        # Additional parameters for calls to access_token_url
                'client_id':'myClientId'
            },
            'access_token_headers':{    # Additional headers for calls to access_token_url
                'XYZ': 'mock-header xyz'
            },
            'api_base_url':'https://myAuthorizationServer/oauth2AuthorizationServer/',
            'access_token_url':'https://myAuthorizationServer/oauth2AuthorizationServer/token',
            'authorize_url':'https://myAuthorizationServer/oauth2AuthorizationServer/authorize'
        }
    }
]

# Will allow user self registration, allowing to create Flask users from Authorized User
AUTH_USER_REGISTRATION = True

# The default user self registration role
AUTH_USER_REGISTRATION_ROLE = "Public"

根据此配置,我们希望 access_token_url 应该使用名为 XYZ 的标头调用,其值为“mock-header xyz”。但是,实际调用包括以下标题

Authorization: Basic Base64EncodedmyClientIDandMySecret

这是预期的行为吗?还是应该被上面配置的标头覆盖?

4

1 回答 1

0

最后使用 nginx 删除特定请求的授权标头,因为无法从超集中找到解决方案。

于 2022-01-18T05:45:58.937 回答