re: Azure SSO added (#3989)

* Azure SSO added * Azure SSO added
2025-09-21 14:59:57 +00:00 · 2022-04-09 07:58:40 -07:00 · 2022-04-09 07:58:40 -07:00 · 0b44bbdde1
commit 0b44bbdde1
parent 524c647f1f
2 changed files with 35 additions and 5 deletions
--- a/catalog-rest-service/src/main/resources/json/schema/metadataIngestion/workflow.json
+++ b/catalog-rest-service/src/main/resources/json/schema/metadataIngestion/workflow.json
@ -5,6 +5,32 @@
  "description": "OpenMetadata Ingestion Framework definition.",
  "type": "object",
  "definitions": {
+    "azureSSOConfig": {
+      "description": "Azure SSO client security configs.",
+      "type": "object",
+      "properties": {
+        "clientSecret": {
+          "description": "Azure SSO client secret key",
+          "type": "string"
+        },
+        "authority": {
+          "description": "Azure SSO Authority",
+          "type": "string"
+        },
+        "clientId": {
+          "description": "Azure Client ID.",
+          "type": "string"
+        },
+        "scopes": {
+          "description": "Azure Client ID.",
+          "items": {
+            "type": "string"
+          }
+        }
+      },
+      "additionalProperties": false,
+      "required": ["clientSecret", "clientId", "authority", "scopes"]
+    },
    "googleSSOConfig": {
      "description": "Google SSO client security configs.",
      "type": "object",
@ -120,6 +146,9 @@
            {
              "$ref": "#/definitions/auth0SSOConfig"
            },
+            {
+              "$ref": "#/definitions/azureSSOConfig"
+            },
            {
              "$ref": "#/definitions/customOidcSSOConfig"
            }
--- a/ingestion/src/metadata/ingestion/ometa/auth_provider.py
+++ b/ingestion/src/metadata/ingestion/ometa/auth_provider.py
@ -25,6 +25,7 @@ import requests
 from metadata.config.common import ConfigModel
 from metadata.generated.schema.metadataIngestion.workflow import (
    Auth0SSOConfig,
+    AzureSSOConfig,
    CustomOidcSSOConfig,
    GoogleSSOConfig,
    OktaSSOConfig,
@ -278,7 +279,7 @@ class AzureAuthenticationProvider(AuthenticationProvider):
    # TODO: Prepare JSON for Azure Auth
    def __init__(self, config: OpenMetadataServerConfig):
        self.config = config
-
+        self.security_config: AzureSSOConfig = self.config.securityConfig
        self.generated_auth_token = None
        self.expiry = None

@ -292,11 +293,11 @@ class AzureAuthenticationProvider(AuthenticationProvider):
        )

        app = ConfidentialClientApplication(
-            client_id=self.config.client_id,
-            client_credential=self.config.secret_key,
-            authority=self.config.authority,
+            client_id=self.security_config.clientId,
+            client_credential=self.security_config.clientSecret,
+            authority=self.security_config.authority,
        )
-        token = app.acquire_token_for_client(scopes=self.config.scopes)
+        token = app.acquire_token_for_client(scopes=self.security_config.scopes)
        try:
            self.generated_auth_token = token["access_token"]
            self.expiry = token["expires_in"]