Skip to content

Change logic in auth with swagger ui #53597

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jason810496 merged 7 commits into from
Aug 1, 2025
Merged

Change logic in auth with swagger ui #53597

jason810496 merged 7 commits into from
Aug 1, 2025

Conversation

@kyungjunleeme
Copy link
Contributor

@kyungjunleeme kyungjunleeme commented Jul 21, 2025
edited
Loading

Descritpion

422 root cause related with this https://github.com/fastapi/fastapi/issues/1431

first)
I added this logic to manually convert the request body to a LoginBody instance when it’s received as a dictionary (e.g., from application/x-www-form-urlencoded).

changed my mind)
I think that airflow needs to support both application/json and application/x-www-form-urlencoded content types.

This helps prevent FastAPI from raising a 422 Unprocessable Entity error due to automatic validation failure.

#53567 related. (first this pr merged -> 53597)

image
  • "Using the RequestBody option in Swagger UI causes a 422 error."
image - "Only accept application/json content-type" image - swagger UI

Result

image - Requestbody image - Authroization header image - content-type: application/json, application/x-www-form-urlencoded

cf) https://github.com/koxudaxi/datamodel-code-generator

^ Add meaningful description above
Read the Pull Request Guidelines for more information.
In case of fundamental code changes, an Airflow Improvement Proposal (AIP) is needed.
In case of a new dependency, check compliance with the ASF 3rd Party License Policy.
In case of backwards incompatible changes please leave a note in a newsfragment file, named {pr_number}.significant.rst or {issue_number}.significant.rst, in airflow-core/newsfragments.

@kyungjunleeme kyungjunleeme requested a review from vincbeck as a code owner July 21, 2025 15:24
@boring-cyborg boring-cyborg bot added the area:API Airflow's REST/HTTP API label Jul 21, 2025
vincbeck
vincbeck reviewed Jul 21, 2025
View reviewed changes
Copy link
Contributor

@vincbeck vincbeck left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice! Can you update tests to cover that?

@kyungjunleeme kyungjunleeme changed the title Change logic in auth with swagger uI Change logic in auth with swagger ui Jul 21, 2025
@kyungjunleeme kyungjunleeme force-pushed the feature/temp-fix-422 branch from 5e27f9d to 8bb8ae6 Compare July 21, 2025 22:30
@kyungjunleeme kyungjunleeme marked this pull request as draft July 22, 2025 02:04
@kyungjunleeme kyungjunleeme marked this pull request as ready for review July 22, 2025 03:31
@kyungjunleeme kyungjunleeme force-pushed the feature/temp-fix-422 branch from ebd3ec8 to 25becb1 Compare July 22, 2025 03:32
@kyungjunleeme
Copy link
Contributor Author

kyungjunleeme commented Jul 22, 2025
edited
Loading

I found CI bug. -> I will make 2 PR

  1. id: generate-airflowctl-datamodels FIX - pre-commit scope (generate-airflowctl-datamodels) #53624
image
  1. id: ts-compile-lint-simple-auth-manager-ui Change pre-commit propety(v1) #53636
image

@kyungjunleeme kyungjunleeme marked this pull request as draft July 22, 2025 05:31
@kyungjunleeme kyungjunleeme force-pushed the feature/temp-fix-422 branch from 592c206 to 3ff212c Compare July 22, 2025 06:40
@kyungjunleeme kyungjunleeme marked this pull request as ready for review July 22, 2025 06:40
@kyungjunleeme kyungjunleeme mentioned this pull request Jul 22, 2025
Merged
@kyungjunleeme kyungjunleeme force-pushed the feature/temp-fix-422 branch from 203c429 to c332acd Compare July 22, 2025 12:23
@kyungjunleeme kyungjunleeme mentioned this pull request Jul 22, 2025
Merged
@kyungjunleeme kyungjunleeme force-pushed the feature/temp-fix-422 branch from e83720b to 28c888f Compare July 22, 2025 14:20
ashb
ashb previously requested changes Jul 22, 2025
View reviewed changes
Copy link
Member

@ashb ashb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please check out the settings we have in the Execution API sub-application.

@kyungjunleeme kyungjunleeme marked this pull request as draft July 22, 2025 15:38
@kyungjunleeme
Copy link
Contributor Author

kyungjunleeme commented Jul 22, 2025

Reflections on the Feedback and Purpose of the PR

After receiving the feedback yesterday, I spent some time reflecting on Airflow's philosophy and current internal structure.
It helped me understand the intention behind the feedback more clearly.

From my perspective, there seems to be a distinction between the authentication mechanisms used for user-facing APIs and those used internally between components within Airflow.

The reason I created this PR was to improve the developer experience for users interacting with the Airflow API through Swagger UI, making it easier to test and trigger endpoints directly.

During this process, I noticed that a 422 Unprocessable Entity error was occurring when using application/x-www-form-urlencoded content type.
To address this, I made a small change to support form-based input without modifying Airflow’s core structure or authentication logic.
The goal was to make the authentication endpoint more user-friendly, especially for those exploring the API via tools like Swagger.

While working on this, I also observed that JWT token handling in Airflow is not yet fully unified across different parts of the system.
I believe this presents an opportunity to submit a follow-up PR that would refactor and unify the token handling logic,
ensuring consistency and paving the way for smoother integration of OAuth2.0 and SSO in the future.

(Note: I drafted my thoughts and structure in Korean first, based on my understanding of the feedback and the current state of the codebase.
ChatGPT helped only with polishing the English writing and markdown formatting — all technical reasoning and intent came from my own review.)

If there's anything I may have misunderstood, I’d really appreciate your clarification.

@ashb

@kyungjunleeme kyungjunleeme force-pushed the feature/temp-fix-422 branch from 619e146 to 49e42c2 Compare July 23, 2025 00:11
@kyungjunleeme kyungjunleeme marked this pull request as ready for review July 23, 2025 02:30
@kyungjunleeme kyungjunleeme force-pushed the feature/temp-fix-422 branch from d98afb8 to 2ce8683 Compare July 23, 2025 04:29
@kyungjunleeme kyungjunleeme marked this pull request as draft July 23, 2025 05:48
@kyungjunleeme
Copy link
Contributor Author

kyungjunleeme commented Jul 23, 2025
edited
Loading

I'll take some time to read through the AIPs more thoroughly and will reach out again when I'm ready to request a review.
In the meantime, if you have a chance, I’d greatly appreciate it if you could leave your thoughts on the points I mentioned above — your feedback would really help broaden my thinking.

cf)

https://cwiki.apache.org/confluence/display/AIRFLOW/AIP-38+Modern+Web+Application
https://cwiki.apache.org/confluence/display/AIRFLOW/AIP-44+Airflow+Internal+API
https://cwiki.apache.org/confluence/display/AIRFLOW/AIP-56+Extensible+user+management
https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=301795932 # AIP 69
https://cwiki.apache.org/confluence/display/AIRFLOW/AIP-72+Task+Execution+Interface+aka+Task+SDK
https://cwiki.apache.org/confluence/display/AIRFLOW/AIP-79%3A+Remove+Flask+AppBuilder+as+Core+dependency
https://cwiki.apache.org/confluence/display/AIRFLOW/AIP-81+Enhanced+Security+in+CLI+via+Integration+of+API
https://cwiki.apache.org/confluence/display/AIRFLOW/AIP-84+UI+REST+API

jason810496
jason810496 reviewed Jul 25, 2025
View reviewed changes
@kyungjunleeme kyungjunleeme force-pushed the feature/temp-fix-422 branch from 50e0419 to 280de53 Compare July 26, 2025 07:51
@kyungjunleeme kyungjunleeme force-pushed the feature/temp-fix-422 branch from 280de53 to 9f78fc3 Compare July 26, 2025 08:03
@kyungjunleeme kyungjunleeme force-pushed the feature/temp-fix-422 branch from 9f78fc3 to d662892 Compare July 26, 2025 09:58
jason810496
jason810496 approved these changes Jul 28, 2025
View reviewed changes
Copy link
Member

@jason810496 jason810496 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cool! LGTM.

bugraoz93
bugraoz93 approved these changes Jul 30, 2025
View reviewed changes
Copy link
Contributor

@bugraoz93 bugraoz93 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! Thanks @kyungjunleeme ! Small suggestion to speed up the procedures, please resolve any thread you think you addressed. This can make merging a lot easier since not everyone checking the PR has the full context of all of the threads :)

@kyungjunleeme
Copy link
Contributor Author

kyungjunleeme commented Jul 30, 2025

@bugraoz93 Thank you, I followed your instructions

@jason810496
Copy link
Member

jason810496 commented Aug 1, 2025
edited
Loading

It seems that this PR still needs @ashb's approval before it can be merged.
(Due to GitHub restrictions, if any reviewer has requested changes, the PR requires that specific person's approval to unblock and proceed with the merge.)

Update: I can dismissed review from ash

@kyungjunleeme
Copy link
Contributor Author

kyungjunleeme commented Aug 1, 2025

Ah ha thank you for telling me! :)

@jason810496 jason810496 merged commit ff36fb5 into apache:main Aug 1, 2025
103 checks passed
ferruzzi pushed a commit to aws-mwaa/upstream-to-airflow that referenced this pull request Aug 7, 2025
@kyungjunleeme @ferruzzi
Change logic in auth with swagger ui (apache#53597)
ec2575a 
* ADD: test code for application/x-www-form-urlencoded

* ADD: FORM

* ADD: header_content_type_json_or_form_depends

* NEW: parse_login_body

* CHG: create_token

* DEL: parametrize
fweilun pushed a commit to fweilun/airflow that referenced this pull request Aug 11, 2025
@kyungjunleeme @fweilun
Change logic in auth with swagger ui (apache#53597)
1e1fb8a 
* ADD: test code for application/x-www-form-urlencoded

* ADD: FORM

* ADD: header_content_type_json_or_form_depends

* NEW: parse_login_body

* CHG: create_token

* DEL: parametrize
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kaxil kaxil Awaiting requested review from kaxil

@potiuk potiuk Awaiting requested review from potiuk

@gopidesupavan gopidesupavan Awaiting requested review from gopidesupavan

@ashb ashb Awaiting requested review from ashb

@ephraimbuddy ephraimbuddy Awaiting requested review from ephraimbuddy ephraimbuddy is a code owner

@pierrejeambrun pierrejeambrun Awaiting requested review from pierrejeambrun pierrejeambrun is a code owner

@rawwar rawwar Awaiting requested review from rawwar rawwar is a code owner

@shubhamraj-git shubhamraj-git Awaiting requested review from shubhamraj-git shubhamraj-git is a code owner

@vincbeck vincbeck Awaiting requested review from vincbeck vincbeck is a code owner

@jason810496 jason810496 Awaiting requested review from jason810496 jason810496 is a code owner

@bugraoz93 bugraoz93 Awaiting requested review from bugraoz93 bugraoz93 is a code owner

Assignees

No one assigned

Labels

area:API Airflow's REST/HTTP API

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@kyungjunleeme @jason810496 @ashb @bugraoz93 @vincbeck