IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-01-27 16:57:14 -06:00
Code Issues Packages Projects Releases Wiki Activity

AuthN: User sync info clean up (#64217)

Browse Source 
* AuthN: handle case where auth_info exists but not the user
This commit is contained in:
Karl Persson 2023-03-06 14:17:48 +01:00 committed by GitHub
parent f82c57f281
commit 4ede9fc7a4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 30 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
pkg/services/authn/authnimpl/sync/user_sync.go
View File

@ -276,7 +276,12 @@ func (s *UserSync) getUser(ctx context.Context, identity *authn.Identity) (*user
if identity.AuthID != "" && identity.AuthModule != "" {
query := &login.GetAuthInfoQuery{AuthId: identity.AuthID, AuthModule: identity.AuthModule}
errGetAuthInfo := s.authInfoService.GetAuthInfo(ctx, query)
if errGetAuthInfo == nil {
if errGetAuthInfo != nil && !errors.Is(errGetAuthInfo, user.ErrUserNotFound) {
return nil, nil, errGetAuthInfo
}
if !errors.Is(errGetAuthInfo, user.ErrUserNotFound) {
usr, errGetByID := s.userService.GetByID(ctx, &user.GetUserByIDQuery{ID: query.Result.UserId})
if errGetByID == nil {
return usr, query.Result, nil
@ -285,10 +290,13 @@ func (s *UserSync) getUser(ctx context.Context, identity *authn.Identity) (*user
if !errors.Is(errGetByID, user.ErrUserNotFound) {
return nil, nil, errGetByID
}
}
if !errors.Is(errGetAuthInfo, user.ErrUserNotFound) {
return nil, nil, errGetAuthInfo
// if the user connected to user auth does not exist try to clean it up
if errors.Is(errGetByID, user.ErrUserNotFound) {
if err := s.authInfoService.DeleteUserAuthInfo(ctx, query.Result.UserId); err != nil {
s.log.FromContext(ctx).Error("Failed to clean up user auth", "error", err, "auth_module", identity.AuthModule, "auth_id", identity.AuthID)
}
}
}
}

17
pkg/services/login/authinfo.go
View File

@ -17,6 +17,23 @@ type AuthInfoService interface {
DeleteUserAuthInfo(ctx context.Context, userID int64) error
}
type Store interface {
GetExternalUserInfoByLogin(ctx context.Context, query *GetExternalUserInfoByLoginQuery) error
GetAuthInfo(ctx context.Context, query *GetAuthInfoQuery) error
GetUserLabels(ctx context.Context, query GetUserLabelsQuery) (map[int64]string, error)
SetAuthInfo(ctx context.Context, cmd *SetAuthInfoCommand) error
UpdateAuthInfo(ctx context.Context, cmd *UpdateAuthInfoCommand) error
UpdateAuthInfoDate(ctx context.Context, authInfo *UserAuth) error
DeleteAuthInfo(ctx context.Context, cmd *DeleteAuthInfoCommand) error
DeleteUserAuthInfo(ctx context.Context, userID int64) error
GetUserById(ctx context.Context, id int64) (*user.User, error)
GetUserByLogin(ctx context.Context, login string) (*user.User, error)
GetUserByEmail(ctx context.Context, email string) (*user.User, error)
CollectLoginStats(ctx context.Context) (map[string]interface{}, error)
RunMetricsCollection(ctx context.Context) error
GetLoginStats(ctx context.Context) (LoginStats, error)
}
const (
// modules
SAMLAuthModule = "auth.saml"

2
pkg/services/login/authinfoservice/service.go
View File

@ -206,7 +206,7 @@ func (s *Implementation) GetExternalUserInfoByLogin(ctx context.Context, query *
}
func (s *Implementation) DeleteUserAuthInfo(ctx context.Context, userID int64) error {
return nil
return s.authInfoStore.DeleteUserAuthInfo(ctx, userID)
}
func (s *Implementation) Run(ctx context.Context) error {

18
pkg/services/login/userprotection.go
View File

@ -1,27 +1,9 @@
package login
import (
"context"
"github.com/grafana/grafana/pkg/services/user"
)
type UserProtectionService interface {
AllowUserMapping(user *user.User, authModule string) error
}
type Store interface {
GetExternalUserInfoByLogin(ctx context.Context, query *GetExternalUserInfoByLoginQuery) error
GetAuthInfo(ctx context.Context, query *GetAuthInfoQuery) error
GetUserLabels(ctx context.Context, query GetUserLabelsQuery) (map[int64]string, error)
SetAuthInfo(ctx context.Context, cmd *SetAuthInfoCommand) error
UpdateAuthInfo(ctx context.Context, cmd *UpdateAuthInfoCommand) error
UpdateAuthInfoDate(ctx context.Context, authInfo *UserAuth) error
DeleteAuthInfo(ctx context.Context, cmd *DeleteAuthInfoCommand) error
GetUserById(ctx context.Context, id int64) (*user.User, error)
GetUserByLogin(ctx context.Context, login string) (*user.User, error)
GetUserByEmail(ctx context.Context, email string) (*user.User, error)
CollectLoginStats(ctx context.Context) (map[string]interface{}, error)
RunMetricsCollection(ctx context.Context) error
GetLoginStats(ctx context.Context) (LoginStats, error)
}