Create create_token method in FAB auth manager
#59245
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 tasks
vincbeck
force-pushed
the
vincbeck/fab_create_token
branch
from
4288fee to
a1290ad
Compare
potiuk
approved these changes
Dec 9, 2025
Member
|
I will include it in the current provider's wave :) |
Contributor
Author
|
Nice! This will be usable right away then! |
52 tasks
Contributor
Contributor
Author
Member
|
He he ... and report in #59259 :) |
jscheffl
reviewed
Jan 21, 2026
| body["username"], body["password"], rotate_session_id=False | ||
| ) | ||
|
|
||
| return user |
Contributor
There was a problem hiding this comment.
@vincbeck I was stumbling aver this today, I assume the type definition is not correct in the signature? I would assume the function returns User | None if user is not found as it then does not raise an exception?
Contributor
Author
There was a problem hiding this comment.
You are correct :)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Resolves #51362.
As mentioned in #51362, some users are frustrated because the way to generate a JWT token to call Airflow public API is not customizable like it used to be in Airflow 2. Some deployment managers want to allow users to use oauth to generate a token whereas the current implementation force them to use basic authentication.
Auth backends no longer exist in Airflow 3 but we need to find an alternative so that deployment managers can set their own logic in regards to JWT token generation to call Airflow API.
The solution is to create a new method in FAB auth manager
create_token. This method is called to generate a token from the create token API payload. Therefore, if a deployment manager wants to customize the way users are able to authenticate in order to generate a JWT token, they only need to override this new method.^ Add meaningful description above
Read the Pull Request Guidelines for more information.
In case of fundamental code changes, an Airflow Improvement Proposal (AIP) is needed.
In case of a new dependency, check compliance with the ASF 3rd Party License Policy.
In case of backwards incompatible changes please leave a note in a newsfragment file, named
{pr_number}.significant.rstor{issue_number}.significant.rst, in airflow-core/newsfragments.