Flask-AppBuilder SecurityManager for OpenIDConnect
Project description
Flask-AppBuilder SecurityManager for OpenIDConnect
Wrapper for flask_oidc that exposes a SecurityManager for use with any Flask-AppBuilder app.
It will allow your users to login with OpenIDConnect providers such as Auth0, Okta or Google Apps.
This is roughly inspired by the code in this stackoverflow answer. (MIT Licenced © thijsfranck)
Usage
Generic
Just override the default security manager in your Flask Appbuilder app.
from fab_oidc.security import OIDCSecurityManager
appbuilder = AppBuilder(app, db.session, security_manager_class=OIDCSecurityManager)
Airflow
Airflow provides a hook in the webserver_config.py file where you can specify a security manager class.
In webserver_config.py import the OIDCSecurityManager and set
from fab_oidc.security import AirflowOIDCSecurityManager
...
SECURITY_MANAGER_CLASS = AirflowOIDCSecurityManager
Airflow now requires that your SECURITY_MANAGER_CLASS is a subclass of AirflowSecurityManager.
Use the special AirflowOIDCSecurityManager that is only defined if you're using this library alongside Airflow.
Superset
Superset works the same way except the config is in a file called superset_config.py and the hook is called CUSTOM_SECURITY_MANAGER
from fab_oidc.security import OIDCSecurityManager
...
CUSTOM_SECURITY_MANAGER = OIDCSecurityManager
Settings
The settings are the same as the flask_oidc settings, so look there for a reference.
if you're happy with flask_oidc's defaults the only thing you'll really need is something like:
OIDC_CLIENT_SECRETS = '/path/to/client_secret.json'
see the flask_oidc manual client registration docs for how to generate or write one.
Copyright © 2018 HM Government (Ministry of Justice Digital Services). See LICENSE.txt for further details.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
