grafana/pkg/api/pluginproxy/token_provider_jwt.go

package pluginproxy

import (
	"context"

	googletokenprovider "github.com/grafana/grafana-google-sdk-go/pkg/tokenprovider"
	"github.com/grafana/grafana/pkg/plugins"
)

type jwtAccessTokenProvider struct {
	source googletokenprovider.TokenProvider
	ctx    context.Context
}

func newJwtAccessTokenProvider(ctx context.Context, ds DSInfo, pluginRoute *plugins.Route,
	authParams *plugins.JWTTokenAuth) *jwtAccessTokenProvider {
	jwtConf := &googletokenprovider.JwtTokenConfig{}
	if val, ok := authParams.Params["client_email"]; ok {
		jwtConf.Email = val
	}

	if val, ok := authParams.Params["private_key"]; ok {
		jwtConf.PrivateKey = []byte(val)
	}

	if val, ok := authParams.Params["token_uri"]; ok {
		jwtConf.URI = val
	}

	cfg := googletokenprovider.Config{
		RoutePath:         pluginRoute.Path,
		RouteMethod:       pluginRoute.Method,
		DataSourceID:      ds.ID,
		DataSourceUpdated: ds.Updated,
		Scopes:            authParams.Scopes,
		JwtTokenConfig:    jwtConf,
	}

	return &jwtAccessTokenProvider{
		source: googletokenprovider.NewJwtAccessTokenProvider(cfg),
		ctx:    ctx,
	}
}

func (provider *jwtAccessTokenProvider) GetAccessToken() (string, error) {
	return provider.source.GetAccessToken(provider.ctx)
}
PluginProxy: Split implementations of token providers (#32820) * Split implementations of token providers * Fix imports * Fix code racing in unit tests 2021-05-03 07:46:32 -05:00			`package pluginproxy`

			`import (`
			`"context"`

GoogleCloudMonitoring: use grafana-google-sdk-go for auth (#40490) 2021-10-21 15:29:56 -05:00			`googletokenprovider "github.com/grafana/grafana-google-sdk-go/pkg/tokenprovider"`
PluginProxy: Split implementations of token providers (#32820) * Split implementations of token providers * Fix imports * Fix code racing in unit tests 2021-05-03 07:46:32 -05:00			`"github.com/grafana/grafana/pkg/plugins"`
			`)`

			`type jwtAccessTokenProvider struct {`
GoogleCloudMonitoring: use grafana-google-sdk-go for auth (#40490) 2021-10-21 15:29:56 -05:00			`source googletokenprovider.TokenProvider`
			`ctx context.Context`
PluginProxy: Split implementations of token providers (#32820) * Split implementations of token providers * Fix imports * Fix code racing in unit tests 2021-05-03 07:46:32 -05:00			`}`

Plugins: Refactor Plugin Management (#40477) * add core plugin flow * add instrumentation * move func * remove cruft * support external backend plugins * refactor + clean up * remove comments * refactor loader * simplify core plugin path arg * cleanup loggers * move signature validator to plugins package * fix sig packaging * cleanup plugin model * remove unnecessary plugin field * add start+stop for pm * fix failures * add decommissioned state * export fields just to get things flowing * fix comments * set static routes * make image loading idempotent * merge with backend plugin manager * re-use funcs * reorder imports + remove unnecessary interface * add some TODOs + remove unused func * remove unused instrumentation func * simplify client usage * remove import alias * re-use backendplugin.Plugin interface * re order funcs * improve var name * fix log statements * refactor data model * add logic for dupe check during loading * cleanup state setting * refactor loader * cleanup manager interface * add rendering flow * refactor loading + init * add renderer support * fix renderer plugin * reformat imports * track errors * fix plugin signature inheritance * name param in interface * update func comment * fix func arg name * introduce class concept * remove func * fix external plugin check * apply changes from pm-experiment * fix core plugins * fix imports * rename interface * comment API interface * add support for testdata plugin * enable alerting + use correct core plugin contracts * slim manager API * fix param name * fix filter * support static routes * fix rendering * tidy rendering * get tests compiling * fix install+uninstall * start finder test * add finder test coverage * start loader tests * add test for core plugins * load core + bundled test * add test for nested plugin loading * add test files * clean interface + fix registering some core plugins * refactoring * reformat and create sub packages * simplify core plugin init * fix ctx cancel scenario * migrate initializer * remove Init() funcs * add test starter * new logger * flesh out initializer tests * refactoring * remove unused svc * refactor rendering flow * fixup loader tests * add enabled helper func * fix logger name * fix data fetchers * fix case where plugin dir doesn't exist * improve coverage + move dupe checking to loader * remove noisy debug logs * register core plugins automagically * add support for renderer in catalog * make private func + fix req validation * use interface * re-add check for renderer in catalog * tidy up from moving to auto reg core plugins * core plugin registrar * guards * copy over core plugins for test infra * all tests green * renames * propagate new interfaces * kill old manager * get compiling * tidy up * update naming * refactor manager test + cleanup * add more cases to finder test * migrate validator to field * more coverage * refactor dupe checking * add test for plugin class * add coverage for initializer * split out rendering * move * fixup tests * fix uss test * fix frontend settings * fix grafanads test * add check when checking sig errors * fix enabled map * fixup * allow manual setup of CM * rename to cloud-monitoring * remove TODO * add installer interface for testing * loader interface returns * tests passing * refactor + add more coverage * support 'stackdriver' * fix frontend settings loading * improve naming based on package name * small tidy * refactor test * fix renderer start * make cloud-monitoring plugin ID clearer * add plugin update test * add integration tests * don't break all if sig can't be calculated * add root URL check test * add more signature verification tests * update DTO name * update enabled plugins comment * update comments * fix linter * revert fe naming change * fix errors endpoint * reset error code field name * re-order test to help verify * assert -> require * pm check * add missing entry + re-order * re-check * dump icon log * verify manager contents first * reformat * apply PR feedback * apply style changes * fix one vs all loading err * improve log output * only start when no signature error * move log * rework plugin update check * fix test * fix multi loading from cfg.PluginSettings * improve log output #2 * add error abstraction to capture errors without registering a plugin * add debug log * add unsigned warning * e2e test attempt * fix logger * set home path * prevent panic * alternate * ugh.. fix home path * return renderer even if not started * make renderer plugin managed * add fallback renderer icon, update renderer badge + prevent changes when renderer is installed * fix icon loading * rollback renderer changes * use correct field * remove unneccessary block * remove newline * remove unused func * fix bundled plugins base + module fields * remove unused field since refactor * add authorizer abstraction * loader only returns plugins expected to run * fix multi log output 2021-11-01 04:53:33 -05:00			`func newJwtAccessTokenProvider(ctx context.Context, ds DSInfo, pluginRoute *plugins.Route,`
			`authParams plugins.JWTTokenAuth) jwtAccessTokenProvider {`
GoogleCloudMonitoring: use grafana-google-sdk-go for auth (#40490) 2021-10-21 15:29:56 -05:00			`jwtConf := &googletokenprovider.JwtTokenConfig{}`
			`if val, ok := authParams.Params["client_email"]; ok {`
			`jwtConf.Email = val`
PluginProxy: Split implementations of token providers (#32820) * Split implementations of token providers * Fix imports * Fix code racing in unit tests 2021-05-03 07:46:32 -05:00			`}`

GoogleCloudMonitoring: use grafana-google-sdk-go for auth (#40490) 2021-10-21 15:29:56 -05:00			`if val, ok := authParams.Params["private_key"]; ok {`
			`jwtConf.PrivateKey = []byte(val)`
PluginProxy: Split implementations of token providers (#32820) * Split implementations of token providers * Fix imports * Fix code racing in unit tests 2021-05-03 07:46:32 -05:00			`}`

GoogleCloudMonitoring: use grafana-google-sdk-go for auth (#40490) 2021-10-21 15:29:56 -05:00			`if val, ok := authParams.Params["token_uri"]; ok {`
			`jwtConf.URI = val`
PluginProxy: Split implementations of token providers (#32820) * Split implementations of token providers * Fix imports * Fix code racing in unit tests 2021-05-03 07:46:32 -05:00			`}`

GoogleCloudMonitoring: use grafana-google-sdk-go for auth (#40490) 2021-10-21 15:29:56 -05:00			`cfg := googletokenprovider.Config{`
			`RoutePath: pluginRoute.Path,`
			`RouteMethod: pluginRoute.Method,`
			`DataSourceID: ds.ID,`
			`DataSourceUpdated: ds.Updated,`
			`Scopes: authParams.Scopes,`
			`JwtTokenConfig: jwtConf,`
PluginProxy: Split implementations of token providers (#32820) * Split implementations of token providers * Fix imports * Fix code racing in unit tests 2021-05-03 07:46:32 -05:00			`}`

GoogleCloudMonitoring: use grafana-google-sdk-go for auth (#40490) 2021-10-21 15:29:56 -05:00			`return &jwtAccessTokenProvider{`
			`source: googletokenprovider.NewJwtAccessTokenProvider(cfg),`
			`ctx: ctx,`
PluginProxy: Split implementations of token providers (#32820) * Split implementations of token providers * Fix imports * Fix code racing in unit tests 2021-05-03 07:46:32 -05:00			`}`
			`}`

GoogleCloudMonitoring: use grafana-google-sdk-go for auth (#40490) 2021-10-21 15:29:56 -05:00			`func (provider *jwtAccessTokenProvider) GetAccessToken() (string, error) {`
			`return provider.source.GetAccessToken(provider.ctx)`
PluginProxy: Split implementations of token providers (#32820) * Split implementations of token providers * Fix imports * Fix code racing in unit tests 2021-05-03 07:46:32 -05:00			`}`