root
/
grafana
mirror of https://github.com/grafana/grafana.git
1
0
Fork 0
Code Issues Actions 93 Packages Projects Releases Wiki Activity
44,516 Commits 1,395 Branches 636 Tags 2.4 GiB
Commit Graph

14 Commits

Author SHA1 Message Date
Karl Persson 144e4887ee
Auth: Use authn.Service for all tests (#72921) 
* Dashboards: Fix tests when authn broker is enabled.
StarService was not configured for tests, the call was guarded by !c.IsSignedIn

* Change default to be anon user to match expectations from tests

* OAuth: rewrite tests to work with authn.Service

* Setup template renderer by default

* Extract cookie options from cfg instead of relying on global variables

* Fix test to work with authn service

* Middleware: rewrite auth tests

* Remvoe session cookie if we cannot refresh access token
 2023-08-09 08:54:52 +02:00
Jo 4821175d40
Auth: Add auth.azure_ad security improvements (#912) 
* security improvements id_token

* add audience validation

* add allowOrganizations

* add allowOrganizations tests and documentation

* add log warn on no configuration

* anonymize tenant id

* Apply suggestions from code review

Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-security/configure-authentication/azuread/index.md

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* Update pkg/login/social/azuread_oauth_test.go

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* Update pkg/login/social/azuread_oauth_test.go

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* optimize key validation and add mising fields

* fix missing key_id

* lint

* Update docs/sources/setup-grafana/configure-security/configure-authentication/azuread/index.md

Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>

* lint docs

---------

Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
 2023-06-23 09:13:38 +02:00
Jo ccbf200c4a
SupportBundles: Add OAuth bundle collectors (#64810) 
* wip

* add oauth support bundles

* add specific configs for generic oauth and azureAD

* add doc entry

* optimize struct packing

* Update pkg/login/social/azuread_oauth.go

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* nit update

---------

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
 2023-03-16 09:46:25 +02:00
Emil Tullstedt 0caacb3333
Cookies: Provide a mechanism for per user control over cookies (#61566) 2023-02-21 11:19:07 +01:00
Jo 14a78b58e9
Authn: Stat registration (#62934) 
* reorganize auth usage stats

* usage stat privilege elevators

* stat count of modified role

* cfg related info

* add authn anon client

* kv store

* ensure anon enabled is collected even if client is not registered

* fix usage stats test
 2023-02-06 17:23:53 +01:00
Karl Persson efeb0daec6
AuthN: Add oauth clients and perform oauth authentication with authn.Service (#62072) 
* AuthN: Update signature of redirect client and RedirectURL function

* OAuth: use authn.Service to perform oauth authentication and login if feature toggle is enabled

* AuthN: register oauth clients

* AuthN: set auth module metadata

* AuthN: add logs for failed login attempts

* AuthN: Don't use enable disabled setting

* OAuth: only run hooks when authnService feature toggle is disabled

* OAuth: Add function to handle oauth errors from authn.Service
 2023-01-30 12:45:04 +01:00
Eric Leijonmarck 91322bebb5
Auth: Add skip_org_role_sync setting for GrafanaCom (#60553) 
* add frontend settings and setting for grafanacom

* removed println

* add skip-org-role-sync on login

* add deprecation notice for this field

* remove println

* remove newline

* change and renamed variables

* fix for reconfiguring the settings for grafanacom

* add documentationf or grafanacom setup

* WIP tests

* added tests

* Update docs/sources/setup-grafana/configure-security/configure-authentication/grafana-com/index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-security/configure-authentication/grafana-com/index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-security/configure-authentication/grafana-com/index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-security/configure-authentication/grafana-com/index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-security/configure-authentication/grafana-com/index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-security/configure-authentication/grafana-com/index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-security/configure-authentication/grafana-com/index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-security/configure-authentication/grafana-com/index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* updated steps

* Update docs/sources/setup-grafana/configure-security/configure-authentication/grafana-com/index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-security/configure-authentication/grafana-com/index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* doc: updated the docs to reflect what happens to grafana.com users

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Jo <joao.guerreiro@grafana.com>

* Update docs/sources/setup-grafana/configure-security/configure-authentication/grafana-com/index.md

Co-authored-by: Jo <joao.guerreiro@grafana.com>

* Update docs/sources/setup-grafana/configure-security/configure-authentication/grafana-com/index.md

Co-authored-by: Jo <joao.guerreiro@grafana.com>

* add blankline

* rephrase of doc improvements for explaing of the settings

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Jo <joao.guerreiro@grafana.com>

* add frontend setting for grafanacom.

* WIP tests

* refactor docs

* frontend to adhere to skipping org role sync for GrafanaCom users

* update docs to reflect desired behavior

* tests: added test for skip and nonskip

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Jo <joao.guerreiro@grafana.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
 2023-01-12 16:44:08 +01:00
Misi 9c98314e9f
OAuth: Refactor OAuth parameters handling to support obtaining refresh tokens for Google OAuth (#58782) 
* Add ApprovalForce to AuthCodeOptions

* Extract access token validity check to a function

* Refactor

* Oauth: set options internally instead of exposing new function

* Align tests

* Remove unused function

Co-authored-by: Karl Persson <kalle.persson@grafana.com>
 2022-11-18 10:12:17 +01:00
Kristin Laemmert 05709ce411
chore: remove sqlstore & mockstore dependencies from (most) packages (#57087) 
* chore: add alias for InitTestDB and Session

Adds an alias for the sqlstore InitTestDB and Session, and updates tests using these to reduce dependencies on the sqlstore.Store.

* next pass of removing sqlstore imports
* last little bit
* remove mockstore where possible
 2022-10-19 09:02:15 -04:00
Karl Persson 95a4c4a4d6
OAuth: Redirect to login if no oauth module is found or if module is not configured (#50661) 
* OAuth: Redirect to login if no oauth module is found or if module is not
configured

* OAuth: Update test to check for location header
 2022-06-13 16:59:15 +02:00
Alexander Zobnin 9b61d9eb1c
Fix wrap_handler() panic during OAuth login (#49671) 2022-05-26 12:18:18 +02:00
Serge Zaitsev e86b6662a1
Chore: Remove bus.Bus field (#47695) 
* Chore: Remove bus.Bus field

* fix integration test
 2022-04-13 15:24:13 +02:00
Serge Zaitsev f5802878f1
Chore: Move remaining web framework code to pkg/web, remove macaron binding module (#43018) 
* remove macaron binding dependency

* completely purge macaron binding

* move everything to pkg/web

* remove non-go files from pkg/web

* clean up leftovers of macaron imports

* make linter happy
 2021-12-13 15:56:14 +01:00
Emil Tullstedt e73cd2fdeb
OAuth: Support PKCE (#39948) 2021-10-13 16:45:15 +02:00