Skip to content

fix(providers/fab): restore OAuth callback route exposure#62151

Open
tschroeder-zendesk wants to merge 1 commit intoapache:mainfrom
tschroeder-zendesk:fix/fab-oauth-authorized-endpoint-3-3-0-v2
Open

fix(providers/fab): restore OAuth callback route exposure#62151
tschroeder-zendesk wants to merge 1 commit intoapache:mainfrom
tschroeder-zendesk:fix/fab-oauth-authorized-endpoint-3-3-0-v2

Conversation

@tschroeder-zendesk
Copy link

@tschroeder-zendesk tschroeder-zendesk commented Feb 19, 2026

Restore OAuth callback route registration on CustomAuthOAuthView.

CustomAuthOAuthView.oauth_authorized overrides FAB's AuthOAuthView.oauth_authorized, but without re-applying the @expose("/oauth-authorized/<provider>") decorator the callback endpoint is not registered on the custom view. This breaks URL generation for CustomAuthOAuthView.oauth_authorized during OAuth login.

This PR re-adds the route decorator and includes a regression unit test asserting the callback route remains exposed.

Fixes #62028

Testing

  • source .venv/bin/activate && ruff check providers/fab/src/airflow/providers/fab/auth_manager/views/auth_oauth.py providers/fab/tests/unit/fab/auth_manager/views/test_auth_oauth.py
  • breeze run --python 3.12 --platform linux/amd64 --tty disabled --skip-image-upgrade-check -- python -m pytest providers/fab/tests/unit/fab/auth_manager/views/test_auth_oauth.py -q
Was generative AI tooling used to co-author this PR?
  • Yes (please specify the tool below)

Generated-by: Cursor (GPT-5.3) following the guidelines

  • Read the Pull Request Guidelines for more information. Note: commit author/co-author name and email in commits become permanently public when merged.
  • For fundamental code changes, an Airflow Improvement Proposal (AIP) is needed.
  • When adding dependency, check compliance with the ASF 3rd Party License Policy.
  • For significant user-facing changes create newsfragment: {pr_number}.significant.rst or {issue_number}.significant.rst, in airflow-core/newsfragments.

Made with Cursor

@tschroeder-zendesk tschroeder-zendesk mentioned this pull request Feb 19, 2026
Closed
1 task
@tschroeder-zendesk @cursoragent
fix(providers/fab): restore OAuth callback route exposure
f10c823 
Re-add the CustomAuthOAuthView OAuth callback route decorator and keep a regression test that verifies the callback endpoint stays exposed with Flask-AppBuilder route metadata.

Co-authored-by: Cursor <cursoragent@cursor.com>
@tschroeder-zendesk tschroeder-zendesk force-pushed the fix/fab-oauth-authorized-endpoint-3-3-0-v2 branch from 3a071b9 to f10c823 Compare February 19, 2026 00:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vincbeck vincbeck Awaiting requested review from vincbeck vincbeck is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

area:providers provider:fab

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[FAB] Invalid OAuth login with airflow-providers-fab==3.3.0

1 participant

@tschroeder-zendesk

Comments