How do I embed Superset in an iframe? - apache-superset

I'm trying to embed Superset (version 1.3) in an iframe and I'm getting a DOMException 18. The installation of Superset itself works fine since I can access it normally at its URL. Ultimately, my need is to allow website X of a completely different origin to embed a view of my superset instance.
I've found a number of github issues and articles online suggesting changes to superset_config.py to allow embedding superset in an iframe and I've made a few of them. In particular, I've made the following changes to config.py (rather than superset_config.py as a temporary measure to be sure that the config changes were indeed being registered):
from .mysecurity import CustomSecurityManager
CUSTOM_SECURITY_MANAGER = CustomSecurityManager
ENABLE_PROXY_FIX = True
HTTP_HEADERS: Dict[str, Any] = {'X-Frame-Options': 'ALLOWALL'}
SESSION_COOKIE_SECURE = True
SESSION_COOKIE_SAMESITE = "None"
I'm using a this as a base for custom security manager (the only changes are that I'm checking a token against another service before logging in the user and I'm providing a redirect in the URL).
This instance of superset is behind NGINX which is setting Access-Control-Allow-Origin * and running with gunicorn.
The following screenshots are from my local host with a basic website that has the following bit of relevant JS logging in a user with role Gamma:
let analytics_div = document.getElementById('analytics');
let report = document.createElement("iframe")
const report_url = new URL("/superset/dashboard/123/?standalone=true", superset_url);
const start_url = new URL(`/login?auth_code=${superset_auth_token}&redirect=${report_url}`, superset_url)
report.src = start_url;
report.width = "100%"
report.height = 700
analytics_div.appendChild(report)
Error I'm getting in the iframe
What I see in the dev tools

Related

Unable to connect two LDAP servers at a time with Apache-Superset application

I am trying to configure Superset with multiple ldap servers, but at this moment, I was able to setup for only one server.
Any work around that can be done in the 'Config.py' to configure multiple servers at a same time??
I have given the following configuration in the ‘config.py’ file.
config.py - LDAP configs
AUTH_TYPE = AUTH_LDAP
AUTH_USER_REGISTRATION = True
AUTH_USER_REGISTRATION_ROLE = "Alpha"
AUTH_LDAP_SERVER = "ldap://ldap_example_server_one:389"
AUTH_LDAP_USE_TLS = False
AUTH_LDAP_BIND_USER = "CN=my_user,OU=my_users,DC=my,DC=domain"
AUTH_LDAP_BIND_PASSWORD = "mypassword"
AUTH_LDAP_SEARCH = "DC=my,DC=domain"
AUTH_LDAP_UID_FIELD = "sAMAccountName"
Note – It worked for ‘ldap_example_server_one:389’ server but when tried to add another server it threw an Configuration failure error.
You can't use multiple LDAP servers with default LDAP authenticator from Flask Appbuilder. You have to implement your own custom security manager which will be able to operate as many LDAP servers as you want.
At first, you should create new file, e.g. my_security_manager.py. Put these lines into it:
from superset.security import SupersetSecurityManager
class MySecurityManager(SupersetSecurityManager):
def __init__(self, appbuilder):
super(MySecurityManager, self).__init__(appbuilder)
Secondly, you should let Superset know that you want to use your brand new security manager. To do so, add these lines to your Superset configuration file (superset_config.py):
from my_security_manager import MySecurityManager
CUSTOM_SECURITY_MANAGER = MySecurityManager
Here is additional information on the topic.

How to embed a Django website in external iframe

I would like to embed my Django website in a specific external website (not any website).
For example, my website is https://www.mywebsite.com and would like to include it in an other website (https://www.example.com) with an iframe like this:
<iframe
src="https://www.mywebsite.com">
</iframe>
I read a lot of docs and I don't understand if I have to use django-csp or X_FRAME_OPTIONS (which seems depreciated), or both to be compatible with every navigators.
I tried to install and setup django-csp but in that case all of the ressources are blocked.
CSP_DEFAULT_SRC = ("'none'", 'https://example.com')
CSP_STYLE_SRC = ("'self'" )
CSP_SCRIPT_SRC = ("'self'" )
CSP_IMG_SRC = ("'self'" )
CSP_FONT_SRC = ("'self'" )
Here is the configuration : Django + REST Framework + React
Thanks a lot!
Use the CSP_FRAME_ANCESTORS policy setting. Update the tuple to include "https://example.com" which is the hostname of your REACT frontend.
CSP_FRAME_ANCESTORS=["https://example.com"]
This policy setting does not use default-src as a fallback which is the reason why your configuration did not allow for iframing.

Commerce Server with Sitecore - how to update orders status

May I ask how to update orders status with Sitecore Commerce 8 powered by Commerce Server. Or in sitecore 7.2 if possible.
Based on the class Sitecore.Commerce.Connect.CommerceServer.Orders.Models.CommerceOrder class, we tried to save StatusCode as "InProcess" but it was not updated.
CartServiceProvider provider = new CartServiceProvider();
var orderRequest = new SubmitVisitorOrderRequest(buyCart);
var orderResult = orderService.SubmitVisitorOrder(orderRequest);
var order = orderResult.Order as CommerceOrder;
order.StatusCode = "InProcess";
provider.SaveCart(new SaveCartRequest(order));
We have tried the code below but got an error.
https://social.msdn.microsoft.com/Forums/en-US/a4e74c33-cf4f-4a1b-843c-acf2514db3f2/how-to-update-purchase-order-status?forum=commserver2009#44ff5a5e-b6af-4b82-aebe-1c53beff9f5c
We modified the code to update status as admin
OrderSiteAgent orderAgent = new OrderSiteAgent("website", true, "");
Error : on line OrderManagementContext context = OrderManagementContext.Create(ordersAgent);
There was a problem reading the site resources from the Commerce Server administration database for the site 'website'. Please check that resources exist for the site and that the process has permission to access the database. The InnerException contains more details.

Facebook login not working properly using django-social-auth

I'm trying to integrate facebook login on a site I'm working on, but so far, it doesn't seem to be working. I'd expect to get something similar to the usual dialog I get like what comes up at the test page at http://social.matiasaguirre.net/
But so far what I'm getting is this
To setup the app on Facebook, I've only added the domain, then under how it integrates with Facebook, I've selected the first option for logging in via Facebook. Then I've copied the id and secret key to my settings file as required by django-social-auth.
My settings file:
SOCIAL_AUTH_ENABLED_BACKENDS = ('facebook', 'twitter')
SOCIAL_AUTH_COMPLETE_URL_NAME = 'socialauth_complete'
SOCIAL_AUTH_ASSOCIATE_URL_NAME = 'associate_complete'
SOCIAL_AUTH_DEFAULT_USERNAME = 'socialauth_user'
SOCIAL_AUTH_CREATE_USERS = True
SOCIAL_AUTH_FORCE_RANDOM_USERNAME = False
SOCIAL_AUTH_CHANGE_SIGNAL_ONLY = False
SOCIAL_AUTH_ERROR_KEY = 'socialauth_error'
SOCIAL_AUTH_ASSOCIATE_BY_MAIL = True
AUTHENTICATION_BACKENDS = (
'social_auth.backends.twitter.TwitterBackend',
'social_auth.backends.facebook.FacebookBackend',
# 'django.contrib.auth.backends.ModelBackend',
'apps.members.backends.Sha256Backend',
)
AUTH_PROFILE_MODULE = 'members.Member'
What could be the problem? I tried running the demo that comes with django-social-auth, and I still get the same results, so my thinking was I'm missing something on Facebook. Any ideas will be appreciated. Thanks.
Update 1
So I've set up the example project that comes with the social auth app, and the error I get is Incorrect authentication service after I click 'Install' on the auth dialog box
What you're showing above is the difference between the new enhanced auth dialog and the older dialog. You can change your app setting to use either one.
Go to: https://developers.facebook.com/apps/{appId}/advanced and set the "Enhanced Auth Dialog" setting to Disabled. And now you will get a similar dialog.

django socialauth twitter , google oauth , facebook does not work

This is my first post, and I have a problem I could not make it work django OMAB socialauth of three things I just need to google, facebook, and twitter, google works well with open id, but not much twitter and I put in my
settings. py:
TWITTER_CONSUMER_KEY = '00' this is no real
TWITTER_CONSUMER_SECRET = '00' this is no real
FACEBOOK_APP_ID = '' ihave no key
FACEBOOK_API_SECRET = ''
LINKEDIN_CONSUMER_KEY = ''
LINKEDIN_CONSUMER_SECRET = ''
ORKUT_CONSUMER_KEY = ''
ORKUT_CONSUMER_SECRET = ''ihave no key
GOOGLE_OAUTH2_CLIENT_ID = ''
GOOGLE_OAUTH2_CLIENT_SECRET = ''
SOCIAL_AUTH_CREATE_USERS = True
SOCIAL_AUTH_FORCE_RANDOM_USERNAME = False
SOCIAL_AUTH_DEFAULT_USERNAME = 'socialauth_user'
SOCIAL_AUTH_COMPLETE_URL_NAME = 'socialauth_complete'
LOGIN_ERROR_URL = '/login/error/'
#SOCIAL_AUTH_USER_MODEL = 'app.CustomUser'
SOCIAL_AUTH_ERROR_KEY = 'socialauth_error'
GITHUB_APP_ID = ''
GITHUB_API_SECRET = ''
FOURSQUARE_CONSUMER_KEY = ''
FOURSQUARE_CONSUMER_SECRET = ''
LOGIN_URL = '/login-form/'
LOGIN_REDIRECT_URL = '/'
LOGIN_ERROR_URL = '/login-error/'
I am using the example that comes in the zip of OMAB socialauth django , but not working.
When I created my twitter app, I wrote my domain www.sisvei.com , I am testing locally socialauth django ie 127.0.0.1:8000, then sign in with twitter sends me to this url:
http://127.0.0.1:8000/login/error/ and a message saying is the Incorrect authentication service
this happens with facebook and google oauth and oauth2
I'm new to django and I this much work comprising this part of django socialath hopefully help me, thank you very much.
You need to be more specific on "why it doesn't work". Where are you getting the errors?
When debugging a third-party oauth/openid app in Django, generally it boils down to:
configuration & keys - did you make sure to obtain all of the necessary API keys for the services you will be using, and to add them to your configuration?
urls - did you remember to add the necessary urlpatterns to your base urls.py file?
authentication setup on the server - often, you'll need to have a file available or respond with a specific header when the authentication service hits your server. Have you checked to make sure that is set up?
databases - have you run syncdb after installing the app? Are all the tables set up?
templates - if the third party app requires you to set up templates, do you have them set up?
custom views - are you using custom views? If so, try using the built-in views that came with the third party app first, to see if they work
After those are confirmed, you're going to want to be able to see what requests are taking place. Use the debugger included in Chrome/Safari, or get the web developer add-on for Firefox, and look at the network requests as they happen. Do you see HTTP responses other than 200 (say, 404, 500, 403, etc?) those mean that the services aren't responding correctly.
From your error, it looks like you have not correctly set up your callback URL on Twitter. It should be sending you to www.sisvei.com, not 127.0.0.1. Alternatively, check the URL when you get to the Twitter login page -- is the callback URL in the URL, and is it pointing to 127.0.0.1? Then Django is sending it the wrong callback URL.
Finally this:
I wrote my domain www.sisvei.com python does not support this
Is unclear. As far as I know, Python doesn't care what the domain is.
WAIT A MINUTE ...
Are you using runserver? Are you getting the following error?
Error: "www.sisvei.com" is not a valid port number or address:port pair.
If so, there is an easy fix! Just run it like so:
python manage.py runserver www.sisvei.com:80
That should resolve your error if that's what's happening. You're probably running it as
python manage.py runserver 127.0.0.1
127.0.0.1 is a reserved IP address that points back to localhost, your own computer. As a result, it is not possible to use it for authentication or any other purpose outside of programs running on your own machine. See this article for more info.
I'm not sure, but I might be having similar problems, oscar. For me, SocialAuth was generating an AuthenticationURL for facebook, foursquare and hotmail, but not for google, twitter or any of the other address it supports. I think it may be something wrong with the API, so I posted an issue on the social-auth google group...you may want to check there to see if anyone updates!!
https://code.google.com/p/socialauth/issues/detail?id=282&colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary%20Modified