yujunjun/OpenMetadata
1
0
Fork 0
mirror of https://github.com/open-metadata/OpenMetadata.git synced 2025-09-22 07:19:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

re: Azure SSO added (#3989)

Browse Source 
* Azure SSO added

* Azure SSO added
This commit is contained in:
Ayush Shah 2022-04-09 07:58:40 -07:00 committed by GitHub
parent 524c647f1f
commit 0b44bbdde1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 35 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
catalog-rest-service/src/main/resources/json/schema/metadataIngestion/workflow.json
View File

@ -5,6 +5,32 @@
"description": "OpenMetadata Ingestion Framework definition.", "description": "OpenMetadata Ingestion Framework definition.",
"type": "object", "type": "object",
"definitions": { "definitions": {
"azureSSOConfig": {
"description": "Azure SSO client security configs.",
"type": "object",
"properties": {
"clientSecret": {
"description": "Azure SSO client secret key",
"type": "string"
},
"authority": {
"description": "Azure SSO Authority",
"type": "string"
},
"clientId": {
"description": "Azure Client ID.",
"type": "string"
},
"scopes": {
"description": "Azure Client ID.",
"items": {
"type": "string"
}
}
},
"additionalProperties": false,
"required": ["clientSecret", "clientId", "authority", "scopes"]
},
"googleSSOConfig": { "googleSSOConfig": {
"description": "Google SSO client security configs.", "description": "Google SSO client security configs.",
"type": "object", "type": "object",
@ -120,6 +146,9 @@
{ {
"$ref": "#/definitions/auth0SSOConfig" "$ref": "#/definitions/auth0SSOConfig"
}, },
{
"$ref": "#/definitions/azureSSOConfig"
},
{ {
"$ref": "#/definitions/customOidcSSOConfig" "$ref": "#/definitions/customOidcSSOConfig"
} }

11
ingestion/src/metadata/ingestion/ometa/auth_provider.py
View File

@ -25,6 +25,7 @@ import requests
from metadata.config.common import ConfigModel from metadata.config.common import ConfigModel
from metadata.generated.schema.metadataIngestion.workflow import ( from metadata.generated.schema.metadataIngestion.workflow import (
Auth0SSOConfig, Auth0SSOConfig,
AzureSSOConfig,
CustomOidcSSOConfig, CustomOidcSSOConfig,
GoogleSSOConfig, GoogleSSOConfig,
OktaSSOConfig, OktaSSOConfig,
@ -278,7 +279,7 @@ class AzureAuthenticationProvider(AuthenticationProvider):
# TODO: Prepare JSON for Azure Auth # TODO: Prepare JSON for Azure Auth
def __init__(self, config: OpenMetadataServerConfig): def __init__(self, config: OpenMetadataServerConfig):
self.config = config self.config = config
self.security_config: AzureSSOConfig = self.config.securityConfig
self.generated_auth_token = None self.generated_auth_token = None
self.expiry = None self.expiry = None
@ -292,11 +293,11 @@ class AzureAuthenticationProvider(AuthenticationProvider):
) )
app = ConfidentialClientApplication( app = ConfidentialClientApplication(
client_id=self.config.client_id, client_id=self.security_config.clientId,
client_credential=self.config.secret_key, client_credential=self.security_config.clientSecret,
authority=self.config.authority, authority=self.security_config.authority,
) )
token = app.acquire_token_for_client(scopes=self.config.scopes) token = app.acquire_token_for_client(scopes=self.security_config.scopes)
try: try:
self.generated_auth_token = token["access_token"] self.generated_auth_token = token["access_token"]
self.expiry = token["expires_in"] self.expiry = token["expires_in"]