From 2a17d1ec4a15ff36e3cace13fb93f8568ad2a208 Mon Sep 17 00:00:00 2001
From: Andreas Motl <andreas.motl@crate.io>
Date: Fri, 22 Nov 2024 21:53:13 +0100
Subject: [PATCH] Apache Superset: Fix JWT problem by updating to
 flask-jwt-extended 4.7.1

Also, configure `JWT_VERIFY_SUB = False`.
---
 application/apache-superset/requirements.txt   | 2 +-
 application/apache-superset/superset_config.py | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/application/apache-superset/requirements.txt b/application/apache-superset/requirements.txt
index 96f7ed0a..f148c87d 100644
--- a/application/apache-superset/requirements.txt
+++ b/application/apache-superset/requirements.txt
@@ -1,3 +1,3 @@
 apache-superset
-pyjwt<2.10
+flask-jwt-extended>=4.7.1
 sqlalchemy-cratedb>=0.40.1
diff --git a/application/apache-superset/superset_config.py b/application/apache-superset/superset_config.py
index 9925d782..82284597 100644
--- a/application/apache-superset/superset_config.py
+++ b/application/apache-superset/superset_config.py
@@ -15,6 +15,12 @@
 # to start and you will see an error in the logs accordingly.
 SECRET_KEY = 'VcKzHS4g2h+dP33tCbqOghtKaU37wvFECMhVqrfccaoI/17qh/j3+VDV'
 
+# Configure JWT subsystem to not enforce that the sub claim is a string.
+# https://github.com/crate/cratedb-examples/issues/741
+# https://github.com/apache/superset/issues/30995
+# https://github.com/dpgaspar/Flask-AppBuilder/issues/2287
+JWT_VERIFY_SUB = False
+
 # The SQLAlchemy connection string to your database backend
 # This connection defines the path to the database that stores your
 # superset metadata (slices, connections, tables, dashboards, ...).