joaoferrao commented on PR #30081:
URL: https://github.com/apache/superset/pull/30081#issuecomment-2448584707
> I've reviewed the setup and ensured that the OAuth tokens are obtained
correctly from Okta, and all necessary permissions seem in place. Are there any
additional configurations or specifics for Trino that this PR setup might
require? Any guidance or insights on further troubleshooting would be greatly
appreciated!
A bit more detail would help fine tune the issue. Can I ask if you, even if
redundantly:
1) Have you confirmed trino is working with OAuth2 without superset?
Meaning: trino cli with `trino --server='<your trino endpoint uri>'
--external-authentication=true`?
2) Does that work with the exact same user your are trying to impersonate
from superset?
3) Have you configured superset to use the same "username" as you are using
for trino?
If you are sure you are getting the access token back from the IdP (after
being requested to authenticate), then this is what is sent to trino:
```python
if backend_name == "trino" and username is not None:
connect_args["user"] = username
if access_token is not None:
http_session = requests.Session()
http_session.headers.update({"Authorization": f"Bearer
{access_token}"})
connect_args["http_session"] = http_session
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
