support for decoding JWT id tokens

2025-02-25 18:55:37 -06:00 · 2018-01-18 17:17:51 -05:00
parent 4720b86f5c
commit 04e17c145f
6 changed files with 97 additions and 39 deletions
--- a/pkg/social/social.go
+++ b/pkg/social/social.go
@@ -8,6 +8,7 @@ import (

 	"golang.org/x/oauth2"

+	"github.com/grafana/grafana/pkg/log"
 	"github.com/grafana/grafana/pkg/setting"
 	"github.com/grafana/grafana/pkg/util"
 )
@@ -22,7 +23,7 @@ type BasicUserInfo struct {

 type SocialConnector interface {
 	Type() int
-	UserInfo(client *http.Client) (*BasicUserInfo, error)
+	UserInfo(client *http.Client, token *oauth2.Token) (*BasicUserInfo, error)
 	IsEmailAllowed(email string) bool
 	IsSignupAllowed() bool

@@ -31,6 +32,11 @@ type SocialConnector interface {
 	Client(ctx context.Context, t *oauth2.Token) *http.Client
 }

+type SocialBase struct {
+	*oauth2.Config
+	log log.Logger
+}
+
 type Error struct {
 	s string
 }
@@ -91,10 +97,15 @@ func NewOAuthService() {
 			Scopes:      info.Scopes,
 		}

+		logger := log.New("oauth.login." + name)
+
 		// GitHub.
 		if name == "github" {
 			SocialMap["github"] = &SocialGithub{
-				Config:               &config,
+				SocialBase:           &SocialBase{
+					Config:               &config,
+					log:                  logger,
+				},
 				allowedDomains:       info.AllowedDomains,
 				apiUrl:               info.ApiUrl,
 				allowSignup:          info.AllowSignup,
@@ -106,7 +117,10 @@ func NewOAuthService() {
 		// Google.
 		if name == "google" {
 			SocialMap["google"] = &SocialGoogle{
-				Config:         &config,
+				SocialBase:           &SocialBase{
+					Config:               &config,
+					log:                  logger,
+				},
 				allowedDomains: info.AllowedDomains,
 				hostedDomain:   info.HostedDomain,
 				apiUrl:         info.ApiUrl,
@@ -116,8 +130,11 @@ func NewOAuthService() {

 		// Generic - Uses the same scheme as Github.
 		if name == "generic_oauth" {
-			SocialMap["generic_oauth"] = &GenericOAuth{
-				Config:               &config,
+			SocialMap["generic_oauth"] = &SocialGenericOAuth{
+				SocialBase:           &SocialBase{
+					Config:               &config,
+					log:                  logger,
+				},
 				allowedDomains:       info.AllowedDomains,
 				apiUrl:               info.ApiUrl,
 				allowSignup:          info.AllowSignup,
@@ -139,7 +156,10 @@ func NewOAuthService() {
 			}

 			SocialMap["grafana_com"] = &SocialGrafanaCom{
-				Config:               &config,
+				SocialBase:           &SocialBase{
+					Config:               &config,
+					log:                  logger,
+				},
 				url:                  setting.GrafanaComUrl,
 				allowSignup:          info.AllowSignup,
 				allowedOrganizations: util.SplitString(sec.Key("allowed_organizations").String()),