From 59d871463aadfe2ee681037706c9a995e1c690b7 Mon Sep 17 00:00:00 2001
From: Vianney Foucault <vianney.foucault@gmail.com>
Date: Mon, 1 Feb 2021 15:12:22 +0100
Subject: [PATCH] feat: helm chart oauth configuration

Added oauth config within the helm chart.
---
 helm/superset/Chart.yaml             |  2 +-
 helm/superset/templates/_helpers.tpl | 24 ++++++++++++++++++++++++
 helm/superset/values.yaml            | 18 ++++++++++++++++++
 3 files changed, 43 insertions(+), 1 deletion(-)

diff --git a/helm/superset/Chart.yaml b/helm/superset/Chart.yaml
index 973f6c70479c..2bd7914a7dea 100644
--- a/helm/superset/Chart.yaml
+++ b/helm/superset/Chart.yaml
@@ -22,4 +22,4 @@ maintainers:
   - name: Chuan-Yen Chiang
     email: cychiang0823@gmail.com
     url: https://github.com/cychiang
-version: 0.1.0
+version: 0.2.0
diff --git a/helm/superset/templates/_helpers.tpl b/helm/superset/templates/_helpers.tpl
index ac9abc9316e6..a5b85d919d8f 100644
--- a/helm/superset/templates/_helpers.tpl
+++ b/helm/superset/templates/_helpers.tpl
@@ -56,6 +56,24 @@ pip install {{ range .Values.additionalRequirements }}{{ . }} {{ end }}
 
 {{ end -}}
 
+{{- define "superset-common-oauthconfig" }}
+
+from flask_appbuilder.security.manager import AUTH_OAUTH
+AUTH_TYPE = AUTH_OAUTH
+AUTH_USER_REGISTRATION = {{- if .Values.supersetNode.oauth.registration_enabled }} True{{- else }} False{{- end }}
+AUTH_USER_REGISTRATION_ROLE = "{{ .Values.supersetNode.oauth.userRegistrationRole | default "Public" }}"
+
+{{ end -}}
+
+
+{{- define "superset-oauthconfig" }}
+import json
+OAUTH_PROVIDERS = [
+    json.loads('{{ .Values.supersetNode.oauth.config | toJson }}')
+]
+
+{{- end }}
+
 {{- define "superset-config" }}
 import os
 from cachelib.redis import RedisCache
@@ -97,4 +115,10 @@ RESULTS_BACKEND = RedisCache(
       port=env('REDIS_PORT'),
       key_prefix='superset_results'
 )
+
+{{ if .Values.supersetNode.oauth.enabled }}
+{{ include "superset-common-oauthconfig" .  }}
+{{ include "superset-oauthconfig" .  }}
+{{- end }}
+
 {{- end }}
diff --git a/helm/superset/values.yaml b/helm/superset/values.yaml
index 366f7a39b3ba..a7ec06c6fb7f 100644
--- a/helm/superset/values.yaml
+++ b/helm/superset/values.yaml
@@ -101,6 +101,24 @@ supersetNode:
         - secretRef:
             name: '{{ tpl .Values.envFromSecret . }}'
       command: [ "/bin/sh", "-c", "until nc -zv $DB_HOST $DB_PORT -w1; do echo 'waiting for db'; sleep 1; done" ]
+  oauth:
+    enabled: false
+    registration_enabled: true
+    userRegistrationRole: Public
+    config:
+      name: google
+      whitelist: []
+      icon: fa-google
+      token_key: access_token
+      remote_app:
+        api_base_url: https://www.googleapis.com/oauth2/v2/
+        client_kwargs:
+          scope: email profile
+        request_token_url: null
+        access_token_url: https://accounts.google.com/o/oauth2/token
+        authorize_url: https://accounts.google.com/o/oauth2/auth
+        # client_id: xx
+        # client_secret: xx
 
 ##
 ## Superset worker configuration