Oauth authentication in Apache SuperSet
You have to change the superset_config.py. Look at this example config, it works for me.
import osfrom flask_appbuilder.security.manager import AUTH_OID, AUTH_REMOTE_USER, AUTH_DB, AUTH_LDAP, AUTH_OAUTHbasedir = os.path.abspath(os.path.dirname(__file__))ROW_LIMIT = 5000SUPERSET_WORKERS = 4SECRET_KEY = 'a long and random secret key'SQLALCHEMY_DATABASE_URI = ‘postgresql://username:pass@host:port/dbname’CSRF_ENABLED = TrueAUTH_TYPE = AUTH_OAUTHAUTH_USER_REGISTRATION = TrueAUTH_USER_REGISTRATION_ROLE = "Public"OAUTH_PROVIDERS = [ { 'name': 'google', 'whitelist': ['@company.com'], 'icon': 'fa-google', 'token_key': 'access_token', 'remote_app': { 'base_url': 'https://www.googleapis.com/oauth2/v2/', 'request_token_params': { 'scope': 'email profile' }, 'request_token_url': None, 'access_token_url': 'https://accounts.google.com/o/oauth2/token', 'authorize_url': 'https://accounts.google.com/o/oauth2/auth', 'consumer_key': 'GOOGLE_AUTH_KEY', 'consumer_secret': 'GOOGLE_AUTH_SECRET' } }]
2021 update: The FAB OAuth provider schema seems like it changed a bit since this answer. If you're trying to do this with Superset >= 1.1.0, try this instead:
OAUTH_PROVIDERS = [ { 'name': 'google', 'icon': 'fa-google', 'token_key': 'access_token', 'remote_app': { 'client_id': 'GOOGLE_KEY', 'client_secret': 'GOOGLE_SECRET', 'api_base_url': 'https://www.googleapis.com/oauth2/v2/', 'client_kwargs':{ 'scope': 'email profile' }, 'request_token_url': None, 'access_token_url': 'https://accounts.google.com/o/oauth2/token', 'authorize_url': 'https://accounts.google.com/o/oauth2/auth' } }]
Of course, sub out GOOGLE_KEY and GOOGLE_SECRET. The rest should be fine. This was cribbed from the FAB security docs for the next time there is drift.