PyPI - airflow-ldap-auth-manager - Versions diffs - 0.1.0__tar.gz → 0.1.1__tar.gz - Mend

airflow-ldap-auth-manager 0.1.0tar.gz → 0.1.1tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

{airflow_ldap_auth_manager-0.1.0 → airflow_ldap_auth_manager-0.1.1}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: airflow-ldap-auth-manager
-Version: 0.1.0
+Version: 0.1.1
 Summary: LDAP-based AuthManager for Apache Airflow 3.x
 Author-email: Emre Can <emredjan@gmail.com>
 License-Expression: Apache-2.0
@@ -76,7 +76,7 @@ Changes needed in `airflow.cfg`:
 ```ini
 [core]
 # Fully qualified path to the auth manager class in this repo
-auth_manager = airflow_ldap_auth_manager.LDAPAuthManager
+auth_manager = airflow_ldap_auth_manager.LdapAuthManager
 ```
@@ -140,7 +140,7 @@ Restart the api-server after changes.
 ``` ini
 [ldap_auth_manager]
-# LDAP authentication/authorization settings for LDAPAuthManager.
+# LDAP authentication/authorization settings for LdapAuthManager.
 # This section supports multiple redundant servers, secure transport (LDAPS or StartTLS),
 # and secret indirection for bind credentials via Airflow’s Secrets Backend.
@@ -283,11 +283,17 @@ logout_redirect = /
 #
 debug_logging = false
-# Optional login hint shown under "Sign in". Leave empty to hide.
+# Optional login hint shown under "Sign in" title. Leave empty to hide.
 #
 # Variable: AIRFLOW__LDAP_AUTH_MANAGER__LOGIN_TIP
 #
 login_tip = Using your Company credentials
+# Optional override to the support hint shown under the "Sign in" button.
+#
+# Variable: AIRFLOW__LDAP_AUTH_MANAGER__SUPPORT_TIP
+#
+support_tip = Having issues? Raise a ticket to the helpdesk.
 ```

{airflow_ldap_auth_manager-0.1.0 → airflow_ldap_auth_manager-0.1.1}/README.md RENAMED Viewed

@@ -54,7 +54,7 @@ Changes needed in `airflow.cfg`:
 ```ini
 [core]
 # Fully qualified path to the auth manager class in this repo
-auth_manager = airflow_ldap_auth_manager.LDAPAuthManager
+auth_manager = airflow_ldap_auth_manager.LdapAuthManager
 ```
@@ -118,7 +118,7 @@ Restart the api-server after changes.
 ``` ini
 [ldap_auth_manager]
-# LDAP authentication/authorization settings for LDAPAuthManager.
+# LDAP authentication/authorization settings for LdapAuthManager.
 # This section supports multiple redundant servers, secure transport (LDAPS or StartTLS),
 # and secret indirection for bind credentials via Airflow’s Secrets Backend.
@@ -261,11 +261,17 @@ logout_redirect = /
 #
 debug_logging = false
-# Optional login hint shown under "Sign in". Leave empty to hide.
+# Optional login hint shown under "Sign in" title. Leave empty to hide.
 #
 # Variable: AIRFLOW__LDAP_AUTH_MANAGER__LOGIN_TIP
 #
 login_tip = Using your Company credentials
+# Optional override to the support hint shown under the "Sign in" button.
+#
+# Variable: AIRFLOW__LDAP_AUTH_MANAGER__SUPPORT_TIP
+#
+support_tip = Having issues? Raise a ticket to the helpdesk.
 ```

{airflow_ldap_auth_manager-0.1.0 → airflow_ldap_auth_manager-0.1.1}/pyproject.toml RENAMED Viewed

@@ -5,7 +5,7 @@ build-backend = "setuptools.build_meta"
 [project]
 name = "airflow-ldap-auth-manager"
-version = "0.1.0"
+version = "0.1.1"
 description = "LDAP-based AuthManager for Apache Airflow 3.x"
 readme = "README.md"
 requires-python = ">=3.9"

{airflow_ldap_auth_manager-0.1.0 → airflow_ldap_auth_manager-0.1.1}/src/airflow_ldap_auth_manager/ldap_auth_manager.py RENAMED Viewed

@@ -1,5 +1,5 @@
 """
-LDAPAuthManager for Apache Airflow 3.1+
+LdapAuthManager for Apache Airflow 3.1+
 Key notes:
 * Implements all abstract methods from BaseAuthManager, including
@@ -329,8 +329,8 @@ class LdapAuthManager(BaseAuthManager[LdapUser]):
         return f"/auth/login?next={next_url}"
     def get_url_logout(self) -> Optional[str]:
-        """Return the configured logout redirect target."""
-        return conf.get("ldap_auth_manager", "logout_redirect", fallback="/")
+        """Return the auth manager logout endpoint."""
+        return "/auth/logout"
     @override
     def serialize_user(self, user: LdapUser) -> dict:
@@ -442,6 +442,9 @@ class LdapAuthManager(BaseAuthManager[LdapUser]):
             - If write_scope == "dag_run" (or DagAccessEntity.DAG_RUN), Editor+
             - Else Admin only
         """
+        if not user:
+            return False
         role = self._policy.role_for(user.groups)
         if role == Role.NONE:
             return False  # deny outright
@@ -582,8 +585,9 @@ class LdapAuthManager(BaseAuthManager[LdapUser]):
         instance_name = conf.get("api", "instance_name", fallback="Airflow")
         login_tip = conf.get("ldap_auth_manager", "login_tip", fallback="")
+        support_tip = conf.get("ldap_auth_manager", "support_tip", fallback="Having issues? Contact your admin.")
-        jinja_env.globals.update(instance_name=instance_name, login_tip=login_tip)
+        jinja_env.globals.update(instance_name=instance_name, login_tip=login_tip, support_tip=support_tip)
         def render(name: str, **ctx) -> HTMLResponse:
             """Render ``name`` with the provided context."""
@@ -717,7 +721,9 @@ class LdapAuthManager(BaseAuthManager[LdapUser]):
             target = _sanitize_next(next_param, request) # type: ignore[arg-type]
             resp = RedirectResponse(url=target or "/", status_code=303)
             secure = (request.base_url.scheme == "https") or bool(conf.get("api", "ssl_cert", fallback=""))
-            resp.set_cookie(COOKIE_NAME_JWT_TOKEN, token, secure=secure, httponly=False, samesite="lax", path="/")
+            resp.set_cookie(
+                COOKIE_NAME_JWT_TOKEN, token, secure=secure, httponly=False, samesite='lax', path='/', max_age=exp_secs
+            )
             return resp
         @router.get("/logout")

{airflow_ldap_auth_manager-0.1.0 → airflow_ldap_auth_manager-0.1.1}/src/airflow_ldap_auth_manager/templates/ldap_login.html RENAMED Viewed

@@ -33,7 +33,7 @@
           <button type="submit">Sign in</button>
         </div>
       </form>
-      <div class="foot almost-hidden">Having issues? Contact your admin.</div>
+      <div class="foot almost-hidden">{{ support_tip }}</div>
     </div>
   </div>
   <script>try{document.getElementById('username').focus()}catch(e){}</script>

{airflow_ldap_auth_manager-0.1.0 → airflow_ldap_auth_manager-0.1.1}/src/airflow_ldap_auth_manager.egg-info/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: airflow-ldap-auth-manager
-Version: 0.1.0
+Version: 0.1.1
 Summary: LDAP-based AuthManager for Apache Airflow 3.x
 Author-email: Emre Can <emredjan@gmail.com>
 License-Expression: Apache-2.0
@@ -76,7 +76,7 @@ Changes needed in `airflow.cfg`:
 ```ini
 [core]
 # Fully qualified path to the auth manager class in this repo
-auth_manager = airflow_ldap_auth_manager.LDAPAuthManager
+auth_manager = airflow_ldap_auth_manager.LdapAuthManager
 ```
@@ -140,7 +140,7 @@ Restart the api-server after changes.
 ``` ini
 [ldap_auth_manager]
-# LDAP authentication/authorization settings for LDAPAuthManager.
+# LDAP authentication/authorization settings for LdapAuthManager.
 # This section supports multiple redundant servers, secure transport (LDAPS or StartTLS),
 # and secret indirection for bind credentials via Airflow’s Secrets Backend.
@@ -283,11 +283,17 @@ logout_redirect = /
 #
 debug_logging = false
-# Optional login hint shown under "Sign in". Leave empty to hide.
+# Optional login hint shown under "Sign in" title. Leave empty to hide.
 #
 # Variable: AIRFLOW__LDAP_AUTH_MANAGER__LOGIN_TIP
 #
 login_tip = Using your Company credentials
+# Optional override to the support hint shown under the "Sign in" button.
+#
+# Variable: AIRFLOW__LDAP_AUTH_MANAGER__SUPPORT_TIP
+#
+support_tip = Having issues? Raise a ticket to the helpdesk.
 ```