Issue Summary

Hello all. I have a Redash deployment where all users log in through SAML Login. Therefore, I need to automate the login process so users can bypass the login screen when their sessions expire. The goal is to authenticate users with SAML automatically when they visit our Redash installation, without them having to click the “SAML Login” button.

The recommended approach was to insert some JavaScript that will auto-click the “SAML Login” button when a user visits Redash (if their active session has expired). I tried to at first add the JS inline to login.html but received the error message: “Refused to execute a script because its hash, its nonce, or ‘unsafe-inline’ does not appear in the script-src directive of the Content Security Policy”. I found that when using Flask, static files like JS and CSS need to be stored in a folder named Static. I tried creating this folder and storing my JS file there but whenever the html loads, I get a 404 error not found for the JS File.

Is there any recommendation on where to insert this JavaScript so it can reference the “SAML Login” button in redash/templates/login.html?

Additionally, are there any other recommendations for addressing this problem? Thank you.

Technical details:

  • Redash Version: 10.1.0
  • Browser/OS: chrome v97.0.4692.71 / macos v11.6.2
  • How did you install Redash: contrib-helm-chart