root
/
grafana
mirror of https://github.com/grafana/grafana.git
1
0
Fork 0
Code Issues Actions 25 Packages Projects Releases Wiki Activity
55,510 Commits 1,400 Branches 636 Tags 2.5 GiB
Commit Graph

32 Commits

Author SHA1 Message Date
Karl Persson 76f052e8de
Requester: Remove duplicated function (#97038) 
* Remove duplicated function

* Remove GetDisplayName from interface

* Use GetName
 2024-11-26 15:29:31 +01:00
Karl Persson 3bcbf231ee
IDToken: fix namespace format (#95341) 
* Bump authlib version

* Remove temporary formatter and start signing tokens with `stacks-` prefix

* update workspace
 2024-11-04 09:33:03 +01:00
Ryan McKinley 82417c916f
K8s: Use stacks plural not singular in grafana namespaces (#92550) 2024-08-29 14:15:00 +03:00
Charandas 4f024d94d8
Authn: resolve issues with setting up a nil identity (#92620) 2024-08-29 00:49:41 +03:00
Ryan McKinley 2e60f28044
Auth: remove id token flag (#92209) 2024-08-21 16:30:17 +03:00
Karl Persson 8d36111420
IDForwarding: Set identity type and uid (#91830) 
* Set identity type and uid

* Set uid without prefix

* Update authlib version

* Update to new claim name
 2024-08-14 10:51:44 +02:00
Karl Persson 8bcd9c2594
Identity: Remove typed id (#91801) 
* Refactor identity struct to store type in separate field

* Update ResolveIdentity to take string representation of typedID

* Add IsIdentityType to requester interface

* Use IsIdentityType from interface

* Remove usage of TypedID

* Remote typedID struct

* fix GetInternalID
 2024-08-13 10:18:28 +02:00
Ryan McKinley 21d4a4f49e
Auth: use IdentityType from authlib (#91763) 2024-08-12 09:26:53 +03:00
Karl Persson bcfb66b416
Identity: remove GetTypedID (#91745) 2024-08-09 18:20:24 +03:00
Claudiu Dragalina-Paraipan e2435f92f1
[authn]: add GetIDClaims() to Requester (#91387) 
* authn: add GetIDClaims() to Requester

Co-Authored-By: Gabriel MABILLE <gamab@users.noreply.github.com>

* authn: update StaticRequester

Co-Authored-By: Gabriel MABILLE <gamab@users.noreply.github.com>

* update auth/idtest/mock

Co-Authored-By: Gabriel MABILLE <gamab@users.noreply.github.com>

* Fix test

Co-authored-by: Claudiu Dragalina-Paraipan <claudiu.dragalina@grafana.com>

---------

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: gamab <gabriel.mabille@grafana.com>
 2024-08-02 12:36:02 +03:00
colin-stuart 057c04ed9d
IDToken: Add current user's DisplayName to the ID token (#90992) 
Set claims.Rest.DisplayName from the IDService
 2024-07-31 09:11:37 -04:00
Ryan McKinley 728150bdbd
Identity: extend k8s user.Info (#90937) 2024-07-30 08:27:23 +03:00
Ryan McKinley 9db3bc926e
Identity: Rename "namespace" to "type" in the requester interface (#90567) 2024-07-25 12:52:14 +03:00
Misi 69c5fa8361
IDToken: Add current user's Username and UID to the ID token (#90240) 
* Set claims.Rest.Login from the IDService

* Add UID to the ID token
 2024-07-11 14:25:30 +02:00
Ryan McKinley 99d8025829
Chore: Move identity and errutil to apimachinery module (#89116) 2024-06-13 07:11:35 +03:00
Karl Persson 2d8570e85e
IDToken: Reuse claims from authlib (#87437) 
* bump authlib version

* Reuse claims from authlib
 2024-05-07 16:46:43 +02:00
Karl Persson 37af1ae58e
IDToken: Set typ header (#87430) 
TokenSigning: Set typ header
 2024-05-07 13:59:23 +02:00
Dan Cech 41bee274fd
Chore: Fix error handling in postDashboard, remove UserDisplayDTO, fix live redis client initialization (#87206) 
* clean up error handling in postDashboard and remove UserDisplayDTO

* replace GetUserUID with GetUID and GetNamespacedUID, enforce namespace constant type

* lint fix

* lint fix

* more lint fixes
 2024-05-06 14:17:34 -04:00
Karl Persson a22350f8f4
IDToken: add namespace (#87242) 2024-05-02 18:55:28 -07:00
Karl Persson 895222725c
Session: set authID and authenticatedBy (#85806) 
* Authn: Resolve authenticate by and auth id when fethcing signed in user

* Change logout client interface to only take Requester interface

* Session: Fetch external auth info when authenticating sessions

* Use authenticated by from identity

* Move call to get auth-info into session client and use GetAuthenticatedBy in various places
 2024-04-11 10:25:29 +02:00
Karl Persson ba41954854
Email: trigger email verification flow (#85587) 
* Add email and email_verified to id token if identity is a user

* Add endpoint to trigger email verification for user

* Add function to clear stored id tokens and use it when email verification is completed
 2024-04-05 12:05:46 +02:00
Karl Persson 2f5e3023c2
IDFowrarding: ignore logging context canceled errors (#85141) 2024-03-26 11:36:44 +01:00
Karl Persson 28bb6979f5
IDForwading: cache based on expires in (#81136) 
* IDFowarding: Cache based on expires in

* IDFowarding: Change default expires in

---------

Co-authored-by: Victor Cinaglia <victor@grafana.com>
 2024-01-24 13:56:44 +01:00
Karl Persson 43b6b6b2a4
IDForwarding: add "authenticatedBy" to id token (#80622) 
* IDForwading: Set authenticated by for users
 2024-01-17 09:52:05 +01:00
Vardan Torosyan 63cd5a5625
Chore: Cleanup namespace and ID resolution (#79360) 
* Chore: Cleanup namespace ID resolution

* Check for negative userID when relevant

* Reuse existing function for parsing ID as int

* Fix imports
 2023-12-21 20:42:05 +01:00
Ryan McKinley f69fd3726b
FeatureToggles: Add context and and an explicit global check (#78081) 2023-11-14 12:50:27 -08:00
Karl Persson e2ba399e30
IDForwarding: Use single flight for SignIdentity (#76530) 
* IDForwarding: Use single flight for SignIdentity

* Update cache inside single flight call
 2023-10-13 14:32:53 +02:00
Karl Persson ea741dda6b
Signingkeys: Add local cache (#76234) 
* IDForwarding: change audience to be prefixed by org and remove JTI

* IDForwarding: Construct new signer each time we want to sign a token.

* SigningKeys: Simplify storage layer and move logic to service

* SigningKeys: Add private key to local cache
 2023-10-10 14:17:16 +02:00
Karl Persson a2d4ce18ad
IDForwarding: Add basic metrics (#75798) 
* IDService: Add basic metrics

* IDService: Add more metrics
---------

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
 2023-10-05 09:17:40 +02:00
Karl Persson fd2235b5ad
AuthN: Implement requester interface for identity (#75618) 
* AuthN: Implement identity.Requester interface for authn.Identity

* AuthN: Replace OrgRole with GetOrgRole

* IDForwarding: skip converting to SignedInUser

* Pass identity directly in permission sync hook
 2023-09-28 16:37:32 +02:00
Karl Persson b9b4246432
IDForwarding: Add auth hook to generate id token (#75555) 
* AuthN: Move identity struct to its own file

* IDForwarding: Add IDToken property to usr and identity structs and add GetIDToken to requester interface

* Inject IDService into background services

* IDForwarding: Register post auth hook when feature toggle is enabled
 2023-09-28 09:22:05 +02:00
Karl Persson b50f1e15a8
IDForwarding: Add service and a local signer (#75423) 
* IDForwarding: Add service for handling id token and create a local signer
---------

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
 2023-09-27 11:36:23 +02:00