grafana/pkg/services/auth/id.go

package auth

import (
	"context"

	"github.com/go-jose/go-jose/v3/jwt"

	"github.com/grafana/grafana/pkg/services/auth/identity"
)

type IDService interface {
	// SignIdentity signs a id token for provided identity that can be forwarded to plugins and external services
	SignIdentity(ctx context.Context, identity identity.Requester) (string, error)

	// RemoveIDToken removes any locally stored id tokens for key
	RemoveIDToken(ctx context.Context, identity identity.Requester) error
}

type IDSigner interface {
	SignIDToken(ctx context.Context, claims *IDClaims) (string, error)
}

type IDClaims struct {
	jwt.Claims
	Email           string `json:"email"`
	EmailVerified   bool   `json:"email_verified"`
	AuthenticatedBy string `json:"authenticatedBy,omitempty"`
}
IDForwarding: Add service and a local signer (#75423) * IDForwarding: Add service for handling id token and create a local signer --------- Co-authored-by: Ieva <ieva.vasiljeva@grafana.com> 2023-09-27 04:36:23 -05:00			`package auth`

			`import (`
			`"context"`

			`"github.com/go-jose/go-jose/v3/jwt"`
IDForwarding: Require that id forwarding is enabled for data source (#77131) * Require that id forwarding is enabled for data source * Address feedback 2023-10-27 01:30:33 -05:00
IDForwarding: Add service and a local signer (#75423) * IDForwarding: Add service for handling id token and create a local signer --------- Co-authored-by: Ieva <ieva.vasiljeva@grafana.com> 2023-09-27 04:36:23 -05:00			`"github.com/grafana/grafana/pkg/services/auth/identity"`
			`)`

			`type IDService interface {`
			`// SignIdentity signs a id token for provided identity that can be forwarded to plugins and external services`
			`SignIdentity(ctx context.Context, identity identity.Requester) (string, error)`
Email: trigger email verification flow (#85587) * Add email and email_verified to id token if identity is a user * Add endpoint to trigger email verification for user * Add function to clear stored id tokens and use it when email verification is completed 2024-04-05 05:05:46 -05:00
			`// RemoveIDToken removes any locally stored id tokens for key`
			`RemoveIDToken(ctx context.Context, identity identity.Requester) error`
IDForwarding: Add service and a local signer (#75423) * IDForwarding: Add service for handling id token and create a local signer --------- Co-authored-by: Ieva <ieva.vasiljeva@grafana.com> 2023-09-27 04:36:23 -05:00			`}`

			`type IDSigner interface {`
			`SignIDToken(ctx context.Context, claims *IDClaims) (string, error)`
			`}`

			`type IDClaims struct {`
			`jwt.Claims`
Email: trigger email verification flow (#85587) * Add email and email_verified to id token if identity is a user * Add endpoint to trigger email verification for user * Add function to clear stored id tokens and use it when email verification is completed 2024-04-05 05:05:46 -05:00			Email string `json:"email"`
			EmailVerified bool `json:"email_verified"`
IDForwarding: add "authenticatedBy" to id token (#80622) * IDForwading: Set authenticated by for users 2024-01-17 02:52:05 -06:00			AuthenticatedBy string `json:"authenticatedBy,omitempty"`
IDForwarding: Add service and a local signer (#75423) * IDForwarding: Add service for handling id token and create a local signer --------- Co-authored-by: Ieva <ieva.vasiljeva@grafana.com> 2023-09-27 04:36:23 -05:00			`}`