get_user_data doesn't return the users' roles but it could if we added info from the kc access token in addition to the id token #48
Description
Description:
The get_user_data method returns less information on DE5 compared to DE4, part of the information that is missing is the users' roles is_admin, which developers use to define what to show to each user.
DE5:
DE4:
Solution:
Return the user roles( is_admin)
Workaround code:
from dash_enterprise_libraries import EnterpriseDash, ddk
from dash import dcc, Input, Output
import jwt
from flask import request
import base64
import os
from jwt import PyJWKClient
app = EnterpriseDash(__name__)
server = app.server
jwks_url = os.getenv('DASH_JWKS_URL','')
jwks_client = PyJWKClient(jwks_url)
public_key = jwks_client.get_signing_keys()[0].key
def get_user_data(request):
jwt_token = base64.b64decode(request.cookies['kcToken']).decode('utf-8')
decoded_token = jwt.decode(jwt_token, public_key, algorithms=["RS256"], audience="account") #, audience='Dash'
return decoded_token
app.layout = ddk.App(
[
ddk.Card(
[
dcc.Dropdown(
id="continent-dropdown-schedule-example",
options=["Asia", "Europe", "Africa", "Americas", "Oceania"],
value="Europe",
),
dcc.Markdown(id="refresh-time")
]
)
]
)
@app.callback(
Output("refresh-time", "children"),
Input("continent-dropdown-schedule-example", "value"),
)
def update_output(selected_continent):
decoded_token = get_user_data(request)
role = decoded_token["resource_access"]["dash"]["roles"]
markdown_text = f"""User role: {role}
\n Token info:{decoded_token}"""
return markdown_text
if __name__ == "__main__":
app.run(debug=True)