GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects β†’ ministryofjustice β†’ fab-oidc

ministryofjustice / fab-oidc

Licence: MIT license
Flask-AppBuilder SecurityManager for OpenIDConnect

Programming Languages

python
139335 projects - #7 most used programming language

Labels

airflowopenidconnectoidcanalytics-platformanalytical-platformairflow-authentication

Projects that are alternatives of or similar to fab-oidc

oidc
Easy to use OpenID Connect client and server library written for Go and certified by the OpenID Foundation
Stars: ✭ 475 (+1596.43%)
Mutual labels:  openidconnect, oidc
fastapi-azure-auth
Easy and secure implementation of Azure AD for your FastAPI APIs πŸ”’ B2C, single- and multi-tenant support.
Stars: ✭ 174 (+521.43%)
Mutual labels:  openidconnect, oidc
oidc-agent
oidc-agent for managing OpenID Connect tokens on the command line
Stars: ✭ 47 (+67.86%)
Mutual labels:  openidconnect, oidc
Data Science Stack Cookiecutter
πŸ³πŸ“ŠπŸ€“Cookiecutter template to launch an awesome dockerized Data Science toolstack (incl. Jupyster, Superset, Postgres, Minio, AirFlow & API Star)
Stars: ✭ 153 (+446.43%)
Mutual labels:  airflow
Airflow Doc Zh
πŸ“– [θ―‘] Airflow δΈ­ζ–‡ζ–‡ζ‘£
Stars: ✭ 169 (+503.57%)
Mutual labels:  airflow
ms-identity-javascript-tutorial
A chapterwise tutorial that will take you through the fundamentals of modern authentication with Microsoft identity platform in Vanilla JavaScript.
Stars: ✭ 100 (+257.14%)
Mutual labels:  oidc
dex-operator
A Kubernetes operator for Dex
Stars: ✭ 16 (-42.86%)
Mutual labels:  oidc
Airflow Autoscaling Ecs
Airflow Deployment on AWS ECS Fargate Using Cloudformation
Stars: ✭ 136 (+385.71%)
Mutual labels:  airflow
AspNetCore6Experiments
ASP.NET Core Blazor BFF with Azure AD and Razor page
Stars: ✭ 43 (+53.57%)
Mutual labels:  oidc
Example Airflow Dags
Example DAGs using hooks and operators from Airflow Plugins
Stars: ✭ 243 (+767.86%)
Mutual labels:  airflow
Paperboy
A web frontend for scheduling Jupyter notebook reports
Stars: ✭ 221 (+689.29%)
Mutual labels:  airflow
Airflow Testing
Airflow Unit Tests and Integration Tests
Stars: ✭ 175 (+525%)
Mutual labels:  airflow
token-cli
Command line utility for interacting with OAuth2 infrastructure to generate tokens
Stars: ✭ 19 (-32.14%)
Mutual labels:  oidc
Airflow Exporter
Airflow plugin to export dag and task based metrics to Prometheus.
Stars: ✭ 161 (+475%)
Mutual labels:  airflow
AirflowETL
Blog post on ETL pipelines with Airflow
Stars: ✭ 20 (-28.57%)
Mutual labels:  airflow
Airflow Chart
A Helm chart to install Apache Airflow on Kubernetes
Stars: ✭ 137 (+389.29%)
Mutual labels:  airflow
aircan
πŸ’¨πŸ₯« A Data Factory system for running data processing pipelines built on AirFlow and tailored to CKAN. Includes evolution of DataPusher and Xloader for loading data to DataStore.
Stars: ✭ 24 (-14.29%)
Mutual labels:  airflow
Awesome Apache Airflow
Curated list of resources about Apache Airflow
Stars: ✭ 2,755 (+9739.29%)
Mutual labels:  airflow
Airflow Scheduler Failover Controller
A process that runs in unison with Apache Airflow to control the Scheduler process to ensure High Availability
Stars: ✭ 204 (+628.57%)
Mutual labels:  airflow
airflow-dbt-python
A collection of Airflow operators, hooks, and utilities to elevate dbt to a first-class citizen of Airflow.
Stars: ✭ 111 (+296.43%)
Mutual labels:  airflow
View All Similar Projects βž”

Flask-AppBuilder SecurityManager for OpenIDConnect

Wrapper for flask_oidc that exposes a SecurityManager for use with any Flask-AppBuilder app.

It will allow your users to login with OpenIDConnect providers such as Auth0, Okta or Google Apps.

This is roughly inspired by the code in this stackoverflow answer. (MIT Licenced Β© thijsfranck)

Usage

Generic

Just override the default security manager in your Flask Appbuilder app.

from fab_oidc.security import OIDCSecurityManager

appbuilder = AppBuilder(app, db.session, security_manager_class=OIDCSecurityManager)

Airflow

Airflow provides a hook in the webserver_config.py file where you can specify a security manager class. In webserver_config.py import the OIDCSecurityManager and set

from fab_oidc.security import AirflowOIDCSecurityManager
...
SECURITY_MANAGER_CLASS = AirflowOIDCSecurityManager

Airflow now requires that your SECURITY_MANAGER_CLASS is a subclass of AirflowSecurityManager. Use the special AirflowOIDCSecurityManager that is only defined if you're using this library alongside Airflow.

Superset

Superset works in a a similar way. Just as in Airflow, SECURITY_MANAGER_CLASS needs to be a subclass of SupersetSecurityManager the config is in a file called superset_config.py and the hook is called CUSTOM_SECURITY_MANAGER. There now exists a special SupersetOIDCSecurityManager that is only defined if you are using this library alongside Superset.

from fab_oidc.security import SupersetOIDCSecurityManager
...
CUSTOM_SECURITY_MANAGER = SupersetOIDCSecurityManager

Settings

The settings are the same as the flask_oidc settings, so look there for a reference.

if you're happy with flask_oidc's defaults the only thing you'll really need is something like:

OIDC_CLIENT_SECRETS = '/path/to/client_secret.json'

see the flask_oidc manual client registration docs for how to generate or write one.

OIDC Field configuration

If you like to change the default OIDC field that will be used as a username, first name and last name you can set the following env var in the shell you run your process:

export USERNAME_OIDC_FIELD='preferred_username'
export FIRST_NAME_OIDC_FIELD='given_name'
export LAST_NAME_OIDC_FIELD='family_name'

Copyright Β© 2018 HM Government (Ministry of Justice Digital Services). See LICENSE.txt for further details.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].