Fix double redirection while authenticating with Fab auth manager

providers/fab/src/airflow/providers/fab/www/extensions/init_appbuilder.py

@@ -42,7 +42,7 @@
 from airflow.api_fastapi.app import create_auth_manager, get_auth_manager
 from airflow.configuration import conf
 from airflow.providers.fab.www.security_manager import AirflowSecurityManagerV2
-from airflow.providers.fab.www.views import FabIndexView
+from airflow.providers.fab.www.views import FabIndexView, redirect
 
 if TYPE_CHECKING:
     from flask import Flask
@@ -216,6 +216,7 @@ def _swap_url_filter(self):
         from airflow.providers.fab.www.views import get_safe_url
 
         fab_sec_views.get_safe_redirect = get_safe_url
+        fab_sec_views.redirect = redirect
 
     def _init_extension(self, app):
         app.appbuilder = self

providers/fab/src/airflow/providers/fab/www/views.py

@@ -22,7 +22,7 @@
 from flask import (
     g,
     make_response,
-    redirect,
+    redirect as flask_redirect,
     render_template,
     request,
     url_for,
@@ -67,19 +67,6 @@
 
     @expose("/")
     def index(self):
-        if g.user is not None and g.user.is_authenticated:
-            token = get_auth_manager().generate_jwt(g.user)
-            response = make_response(redirect(f"{conf.get('api', 'base_url', fallback='/')}", code=302))
-
-            secure = request.scheme == "https" or bool(conf.get("api", "ssl_cert", fallback=""))
-            # In Airflow 3.1.1 authentication changes, front-end no longer handle the token
-            # See https://github.com/apache/airflow/pull/55506
-            if AIRFLOW_V_3_1_1_PLUS:
-                response.set_cookie(COOKIE_NAME_JWT_TOKEN, token, secure=secure, httponly=True)
-            else:
-                response.set_cookie(COOKIE_NAME_JWT_TOKEN, token, secure=secure)
-
-            return response
         return redirect(conf.get("api", "base_url", fallback="/"), code=302)
 
 
@@ -122,6 +109,23 @@
     return redirect_url.geturl()
 
 
+def redirect(*args, **kwargs):
+    if g.user is not None and g.user.is_authenticated:
+        token = get_auth_manager().generate_jwt(g.user)
+        response = make_response(flask_redirect(*args, **kwargs))
+
+        secure = request.scheme == "https" or bool(conf.get("api", "ssl_cert", fallback=""))
+        # In Airflow 3.1.1 authentication changes, front-end no longer handle the token
+        # See https://github.com/apache/airflow/pull/55506
+        if AIRFLOW_V_3_1_1_PLUS:
+            response.set_cookie(COOKIE_NAME_JWT_TOKEN, token, secure=secure, httponly=True)
+        else:
+            response.set_cookie(COOKIE_NAME_JWT_TOKEN, token, secure=secure)
+
+        return response
+    return flask_redirect(*args, **kwargs)
+
+
 def method_not_allowed(error):
     """Show Method Not Allowed on screen for any error in the Webserver."""
     return (

providers/fab/www-hash.txt

@@ -1 +1 @@
-a5e7be19ee6766a961ef8cba57ebfad5bd550e448c7cbef54307dec7c301446e
+c45890ac6b17386adfb076a4baec17589a26aab189d6257a92138aaa720fbc7f