OneLogin Integration


#1

Hi there!

I have been successfully using Redash v3 configured to authenticate users using SAML (OneLogin).
Testing the upgrade to v6, SAML setup with OneLogin seems to have broken.

Finally, I made it work by small edits in the v6 code but I am afraid that this could mean breaking things or having problems upgrading to the next version, so I am looking for a “cleaner” solution.

The problems I met:

  1. Redash connector offered by OneLogin does not send the parameter org_slug=default (or any org name) in the response and cannot be configured to do so. My solution was to remove org_slug=org.slug from line https://github.com/getredash/redash/blob/release/6.0.x/redash/authentication/saml_auth.py#L23

  2. User groups: Again Redash OneLogin connector cannot be configured to send the RedashGroups parameter. As a result (as mentioned in User Guide/Authentication Options) users logging lose their groups and fall back just to default group. Until now (in v3) groups were not handled by OneLogin but by Redash itself. I solved this by commenting out line https://github.com/getredash/redash/blob/release/6.0.x/redash/authentication/saml_auth.py#L93

I would appreciate any help/directions to a cleaner solution that does not involve messing with the code.

Thanks!