vincbeck commented on code in PR #51657:
URL: https://github.com/apache/airflow/pull/51657#discussion_r2145003432
##########
providers/keycloak/src/airflow/providers/keycloak/auth_manager/keycloak_auth_manager.py:
##########
@@ -216,6 +221,7 @@ def _is_authorized(
resource_id: str | None = None,
attributes: dict[str, str | None] | None = None,
) -> bool:
+ return True
Review Comment:
?
##########
providers/keycloak/src/airflow/providers/keycloak/auth_manager/keycloak_auth_manager.py:
##########
@@ -245,6 +251,12 @@ def _is_authorized(
def _get_token_url(server_url, realm):
return f"{server_url}/realms/{realm}/protocol/openid-connect/token"
+ @staticmethod
+ def get_keycloak_logout_url(server_url, realm):
Review Comment:
```suggestion
def _get_keycloak_logout_url(server_url, realm):
```
##########
providers/keycloak/provider.yaml:
##########
@@ -67,3 +67,11 @@ config:
version_added: 1.0.0
example: ~
default: "http://host.docker.internal:48080";
+ all_admins:
Review Comment:
I am not against it, but do we want this option? I dont think it is needed
##########
providers/keycloak/src/airflow/providers/keycloak/auth_manager/keycloak_auth_manager.py:
##########
@@ -263,3 +275,15 @@ def _get_headers(access_token):
"Authorization": f"Bearer {access_token}",
"Content-Type": "application/x-www-form-urlencoded",
}
+
+ def get_url_logout(self, **kwargs) -> str:
+ base_url = conf.get("api", "base_url", fallback="/")
+ return urljoin(base_url, f"{AUTH_MANAGER_FASTAPI_APP_PREFIX}/logout")
+
+ def get_redirected_logout_url(self, url: str) -> str:
Review Comment:
Where is it used?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
