본문 바로가기
카테고리 없음

superset docker-compose 및 kakao oauth

by reikop.com 2023. 6. 22.

DOCKER-COMPOSE 올리기

sudo curl -L "https://github.com/docker/compose/releases/download/v2.19.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
git clone https://github.com/apache/superset.git
cd superset
docker-compose -f docker-compose-non-dev.yml up -d

KAKAO 소셜로그인 OAUTH2 설정

# docker/pythonpath_dev/superset_config.py
from flask_appbuilder.security.manager import AUTH_OAUTH

CSRF_ENABLED = True
ENABLE_PROXY_FIX=True
AUTH_TYPE = AUTH_OAUTH
AUTH_USER_REGISTRATION = True
AUTH_USER_REGISTRATION_ROLE = "Cerebro"
FEATURE_FLAGS = {
    "EMBEDDED_SUPERSET": True
}
SESSION_COOKIE_SAMESITE = 'None'  # One of [None, 'Lax', 'Strict']
SESSION_COOKIE_SECURE = True
TALISMAN_CONFIG = {
"content_security_policy": None,
"force_https": False,
"force_https_permanent": False,
}

CSRF_ENABLED = False
CORS_OPTIONS = {
  'supports_credentials': True,
  'allow_headers': ['*'],
  'resources':['*'],
  'origins': ['http://127.0.0.1:5173', '[site]']
}

OAUTH_PROVIDERS = [
    {
        "name": "kakao",
        "icon": "fa-coffee-bean",
        "token_key": "access_token",
        "remote_app": {
            "api_base_url": "https://kapi.kakao.com/v2/",
            "client_kwargs": {
                "scope": "account_email profile_image"
            },
            "request_token_url": None,
            "access_token_url": "https://kauth.kakao.com/oauth/token",
            'access_token_headers':{
               "Content-Type": "application/x-www-form-urlencoded",
               "Cache-Control": "no-cache",
            },
            "access_token_params": {
                "grant_type": "authorization_code",
                "client_id": "",
                "client_secret": "",
                "redirect_uri": "[site]/oauth-authorized/kakao",
                # "code": code,
            },
            "authorize_url": "https://kauth.kakao.com/oauth/authorize",
            "client_id": "",
            "client_secret": "",
        },
    }
]

import logging
from superset.security import SupersetSecurityManager
class CustomSsoSecurityManager(SupersetSecurityManager):

    def oauth_user_info(self, provider, response=None):
        logging.debug("Oauth2 provider: {0}.".format(provider))
        if provider == 'kakao':
            logging.debug(self.appbuilder.sm.oauth_remotes[provider])
            me = self.appbuilder.sm.oauth_remotes[provider].get('user/me').json()
            kakao_account = me['kakao_account']
            profile = me['properties']
            nick_name = profile.get('nickname', kakao_account['email'])
            return { 'name' : nick_name, 'email' : kakao_account["email"], 'id' : kakao_account["email"], 'username' : nick_name, 'first_name':'', 'last_name':''}

CUSTOM_SECURITY_MANAGER = CustomSsoSecurityManager

 

# docker/requirements-local.txt

Authlib~=1.2.0

 

티스토리툴바