srgrn · December 31, 2025 06:22 · srgrn · Dec 31, 2025
diff --git a/config.py b/config.py
 import os
 from flask_appbuilder.security.manager import AUTH_OAUTH

 basedir = os.path.abspath(os.path.dirname(__file__))

 SECRET_KEY = "thisismyscretkey"
 SQLALCHEMY_DATABASE_URI = "sqlite:///" + os.path.join(basedir, "app.db")

 # Flask-WTF flag for CSRF
 CSRF_ENABLED = True

 # ------------------------------
 # GLOBALS FOR APP Builder
 # ------------------------------
 APP_NAME = "OAUTH Roles Example"

 # ----------------------------------------------------
 # AUTHENTICATION CONFIG
 # ----------------------------------------------------
 # The authentication type
 # AUTH_OID : Is for OpenID
 # AUTH_DB : Is for database (username/password()
 # AUTH_LDAP : Is for LDAP
 # AUTH_REMOTE_USER : Is for using REMOTE_USER from web server
 # AUTH_OAUTH : Is for OAuth
 AUTH_TYPE = AUTH_OAUTH

 # Will allow user self registration
 AUTH_USER_REGISTRATION = True

 # The default user self registration role
 AUTH_USER_REGISTRATION_ROLE = "Public"
 AUTH_ROLES_SYNC_AT_LOGIN = True
 AUTH_USER_REGISTRATION_ROLE_JMESPATH = "(role_keys && role_keys[0]) || 'Public'"
 OAUTH_PROVIDERS = [
    {
        "name": "azure",
        "icon": "fa-windows",
        "token_key": "access_token",
        "remote_app": {
            "client_id": os.environ.get("AZURE_APPLICATION_ID"),
            "client_secret": os.environ.get("AZURE_SECRET"),
            "api_base_url": f"https://login.microsoftonline.com/{os.environ.get('AZURE_TENANT_ID')}/oauth2",
            "client_kwargs": {
                "scope": "User.read name preferred_username email profile upn",
                "resource": os.environ.get("AZURE_APPLICATION_ID"),
            },
            "access_token_url": f"https://login.microsoftonline.com/{os.environ.get('AZURE_TENANT_ID')}/oauth2/token",
            "authorize_url": f"https://login.microsoftonline.com/{os.environ.get('AZURE_TENANT_ID')}/oauth2/authorize",
        },
    }
 ]
	import os
	from flask_appbuilder.security.manager import AUTH_OAUTH

	basedir = os.path.abspath(os.path.dirname(__file__))

	SECRET_KEY = "thisismyscretkey"
	SQLALCHEMY_DATABASE_URI = "sqlite:///" + os.path.join(basedir, "app.db")

	# Flask-WTF flag for CSRF
	CSRF_ENABLED = True

	# ------------------------------
	# GLOBALS FOR APP Builder
	# ------------------------------
	APP_NAME = "OAUTH Roles Example"

	# ----------------------------------------------------
	# AUTHENTICATION CONFIG
	# ----------------------------------------------------
	# The authentication type
	# AUTH_OID : Is for OpenID
	# AUTH_DB : Is for database (username/password()
	# AUTH_LDAP : Is for LDAP
	# AUTH_REMOTE_USER : Is for using REMOTE_USER from web server
	# AUTH_OAUTH : Is for OAuth
	AUTH_TYPE = AUTH_OAUTH

	# Will allow user self registration
	AUTH_USER_REGISTRATION = True

	# The default user self registration role
	AUTH_USER_REGISTRATION_ROLE = "Public"
	AUTH_ROLES_SYNC_AT_LOGIN = True
	AUTH_USER_REGISTRATION_ROLE_JMESPATH = "(role_keys && role_keys[0]) \|\| 'Public'"
	OAUTH_PROVIDERS = [
	{
	"name": "azure",
	"icon": "fa-windows",
	"token_key": "access_token",
	"remote_app": {
	"client_id": os.environ.get("AZURE_APPLICATION_ID"),
	"client_secret": os.environ.get("AZURE_SECRET"),
	"api_base_url": f"https://login.microsoftonline.com/{os.environ.get('AZURE_TENANT_ID')}/oauth2",
	"client_kwargs": {
	"scope": "User.read name preferred_username email profile upn",
	"resource": os.environ.get("AZURE_APPLICATION_ID"),
	},
	"access_token_url": f"https://login.microsoftonline.com/{os.environ.get('AZURE_TENANT_ID')}/oauth2/token",
	"authorize_url": f"https://login.microsoftonline.com/{os.environ.get('AZURE_TENANT_ID')}/oauth2/authorize",
	},
	}
	]
No results found