Conversation
- Data source plugin framework for BI system integration - Unified SSO + plugin architecture (AuthProvider, DataSourcePlugin, CredentialVault)
…enhance IC card authentication solutions - Refine protocol selection guidelines to include B class protocols and non-password authentication methods (IC cards, smart cards, PKI certificates). - Introduce a detailed problem-solution matrix for scenarios involving IC card authentication, outlining four potential solutions based on IdP and downstream system capabilities. - Enhance the Login Gateway section to support OAuth2 Token Exchange for improved user experience with IC card logins.
…osoft/data-formulator into feature/plugin-architecture
…vider model, transitioning from a multi-provider chain to a single provider with anonymous fallback. Updated sections on protocol support and plugin design patterns for improved clarity and structure.
- 移除1-sso-plugin-architecture.md中重复的插件接口定义,改为引用1-data-source-plugin-architecture.md - 新增2-external-dataloader-enhancements.md详细说明外部数据加载器的三项改进方案: 1. 数据库元数据拉取(P0) 2. SSO Token透传(P1) 3. 凭证持久化(P2) - 明确各数据库实现细节和优先级规划
添加详细的开发路线图文档,包含SSO认证、数据源插件框架、凭证保险箱等功能的实施计划与测试策略
补充 Superset 集成代码迁移说明,调整步骤编号,并添加文档交付要求
补充数据溯源描述的设计决策和实现方式,使用模板拼接而非AI生成来保证准确性和可刷新性。描述内容包括来源、筛选条件、时间范围等,并自动存储到loader_metadata中供前端和AI使用。
更新设计文档,将所有数据源插件的环境变量前缀从裸前缀(如SUPERSET_)统一修改为PLG_前缀(如PLG_SUPERSET_),以避免与LLM模型配置的环境变量冲突
更新数据源插件架构文档,简化外部元数据设计方案为不透明 blob 格式 添加新的设计文档分析多语言提示词注入问题及解决方案
完善语言注入架构说明,明确需要修复的工作区命名问题 移除不相关的解决方案,聚焦现有架构的合理使用
new workspace model
- 将原始设计中的个人本地工具假设更新为统一工作区存储模型 - 详细说明 WORKSPACE_BACKEND 配置支持的多种部署形态 - 移除过时的 storeOnServer 和 DISABLE_DATABASE 概念 - 明确插件系统设计决策,包括服务端配置和认证管理
…e EasyAuth support Add pluggable authentication system framework with environment variable-based provider configuration Add Azure App Service EasyAuth authentication provider implementation Refactor existing authentication logic to support multiple authentication sources Add relevant test cases and documentation markers
…extend data upload dialog - Export buildDictTableFromWorkspace function in tableThunks.ts and add new loadPluginTable async thunk - Extend UnifiedDataUploadDialog to support plugin data source tabs - Add plugin host component for handling plugin data loading - Modify UploadTabType type to support plugin-specific tabs
Add Superset data source plugin with support for browsing and loading datasets via password or SSO login. Integrate OIDC authentication system with frontend login button and callback handling. Extend authentication regex to support OIDC's sub claim format. Add GitHub OAuth as an alternative authentication option. Introduce plugin system framework supporting automatic discovery and registration of frontend and backend plugins. Optimize internationalization files with Superset-related translations. Add test cases covering authentication and plugin functionality. New files include: - Superset plugin frontend components and API modules - OIDC authentication configuration and callback pages - GitHub OAuth gateway and authentication provider - Plugin system base classes and registration logic - Related test cases and internationalization resources Modified files involve: - Enhanced authentication logic - Extended application configuration interfaces - Dependency updates (pyproject.toml, package.json) - Security-related regex adjustments
…plugin interface Refactor Superset plugin interface with dashboard search and filtering capabilities Migrate translation files from public directory to plugin local directory Add plugin translation registration mechanism with support for dynamically loading plugin localization resources Optimize table name generation logic with automatic suffix functionality Improve filter dialog interactions with support for more operators and type checking
…plugin interface Refactor Superset plugin interface with dashboard search and filtering capabilities Migrate translation files from public directory to plugin local directory Add plugin translation registration mechanism with support for dynamically loading plugin localization resources Optimize table name generation logic with automatic suffix functionality Improve filter dialog interactions with support for more operators and type checking
在数据源插件架构文档中新增第12节,详细说明插件如何自带翻译文件并通过框架自动合并的方案。该方案解决插件翻译与宿主项目混杂的问题,保持插件自包含性,同时支持多语言自动切换。
…structions Add detailed documentation about plugin self-contained translations, including directory structure, JSON format, export mechanism, and merge rules Update section numbering to reflect new content and provide a quick reference for plugin translations
Add oauth2 as an alias for oidc to avoid confusion, and update authentication configuration documentation in .env.template with options for OIDC, GitHub, and Azure authentication
添加对接OIDC/OAuth2身份提供者的详细文档说明,包括环境变量配置、IdP必须满足的条件、Discovery端点最小JSON格式以及JWT Access Token的claim要求。同时更新配置说明,明确oidc和oauth2是等价别名。
… Superset plugin - Add password show/hide toggle button in login form - Add Chinese and English description text for Superset plugin - Update data upload dialog to use plugin description text
… UserInfo validation fallback Support two OIDC/OAuth2 configuration modes: 1. Auto-discovery mode (standard OIDC IdP) 2. Manual endpoint mode (OAuth2 servers without Discovery) New token validation strategies:
前端检测到匿名用户首次登录时,自动触发迁移流程并提供数据导入选项。后端实现安全的数据复制机制,确保迁移过程幂等且不删除源数据。同时添加必要的安全约束,防止非法迁移请求。
Implement workspace data migration from anonymous browser identity to authenticated user - Add migration dialog component and internationalization text - Extend workspace manager to support copying workspaces - Add /sessions/migrate API endpoint - Detect identity change after login and prompt for migration
…ndpoint Add local logout handling logic to perform local cleanup and redirect when IdP does not provide end_session_endpoint
… authenticated user migration Add local storage flag to track migration status, ensuring migration is only performed once per user
…ge management - Change anonymous workspace migration from copy to move operation, with merge functionality added - Add cleanup anonymous workspace API endpoint - Persist identity type and browser ID in local storage - Modify identity migration dialog logic to use the new cleanup API - Fix local storage state inconsistency after migration
…and cleanup fix(superset): Enhance SSO login popup handling and add documentation refactor(workspace): Change migration operation to copy-then-delete pattern docs: Add Superset SSO bridge configuration guide documentation test: Add test cases for workspace locking scenarios
Add new internationalization text and logic handling to support IdP-initiated SSO login flow. When users directly redirect from the SSO system, automatically re-initiate the standard SP flow and display corresponding waiting prompt messages.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.