Make a POST request to the user endpoint to fetch user profile details upon authorization. #46
Description
Current requirement functionality
This functionality partially exists currently.
User Story
During ouath2 authorization with onadata, superset makes a GET request to fetch the user profile details on this endpoint api/v1/user.json. This is a problem because at the point of authorization, authentication credentials are usually stored in the master db before being synced to the read replica db, hence making a GET request will always go to the read replica db which at that point in time might not have the user's details. This results to a 401 error. The best way to handle this, is to make a POST request with no payload to the same endpoint, which will always go to the master db that will always have the user's credentials.
Proposed Implementation
- Have superset make a
POSTrequest to theapi/v1/user.jsonendpoint. - Remove the subsequent request to the
api/v1/profiles/<username>.jsonendpoint since theapi/v1/user.jsonendpoint has all the user's details required.
Required Changes
- Update this line of code
superset-patchup/superset_patchup/oauth.py
Line 273 in ba62faf
to:
user_data = (self.appbuilder.sm.oauth_remotes[provider].post(
"api/v1/user.json").data)
- Remove this line of code
superset-patchup/superset_patchup/oauth.py
Line 276 in ba62faf