GitHub user squalou added a comment to the discussion: Using Keycloak as
identity provider wihtout role mappings (manage roles inside superset - like
google oauth2)
It *almost* works but I think I see what's wrong now.
Had to change CustomSsoSecurityManager a bit, as existiing federated google idp
behinf keycloak seems to store "email" in "preferred_username" place, so this
kind of works ... but
```python
return {
"username": me.get("preferred_username"),
"email": me.get("preferred_username"),
"first_name": me.get("given_name", ""),
"last_name": me.get("family_name", ""),
"id": me.get("sub"),
}
```
.... but now I get an integrity error, my user being detected as existing but
with a different internal id.
```
ERROR:flask_appbuilder.security.sqla.manager:Error adding new user to database.
(MySQLdb.IntegrityError) (1062, "Duplicate entry '[email protected]' for key
'ab_user.email'")
```
It totally makes sense and I suppose I'll have somehow to devise how to find
the right user id ?
GitHub link:
https://github.com/apache/superset/discussions/36242#discussioncomment-15065481
----
This is an automatically sent email for [email protected].
To unsubscribe, please send an email to:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
