IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

LDAP Refactoring to support syncronizing more than one user at a time. (#16705)

Browse Source 
* Feature: add cron setting for the ldap settings

* Move ldap configuration read to special function

* Introduce cron setting (no docs for it yet, pending approval)

* Chore: duplicate ldap module as a service

* Feature: implement active sync

This is very early preliminary implementation of active sync.
There is only one thing that's going right for this code - it works.

Aside from that, there is no tests, error handling, docs, transactions,
it's very much duplicative and etc.

But this is the overall direction with architecture I'm going for

* Chore: introduce login service

* Chore: gradually switch to ldap service

* Chore: use new approach for auth_proxy

* Chore: use new approach along with refactoring

* Chore: use new ldap interface for auth_proxy

* Chore: improve auth_proxy and subsequently ldap

* Chore: more of the refactoring bits

* Chore: address comments from code review

* Chore: more refactoring stuff

* Chore: make linter happy

* Chore: add cron dep for grafana enterprise

* Chore: initialize config package var

* Chore: disable gosec for now

* Chore: update dependencies

* Chore: remove unused module

* Chore: address review comments

* Chore: make linter happy
This commit is contained in:
Oleg Gaidarenko
2019-04-26 15:47:16 +03:00
committed by GitHub
parent a8326e3e93
commit 62b85a886e
33 changed files with 2210 additions and 878 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
pkg/login/auth.go
View File

@@ -5,10 +5,12 @@ import (
"github.com/grafana/grafana/pkg/bus"
m "github.com/grafana/grafana/pkg/models"
LDAP "github.com/grafana/grafana/pkg/services/ldap"
)
var (
ErrEmailNotAllowed = errors.New("Required email domain not fulfilled")
ErrNoLDAPServers = errors.New("No LDAP servers are configured")
ErrInvalidCredentials = errors.New("Invalid Username or Password")
ErrNoEmail = errors.New("Login provider didn't return an email address")
ErrProviderDeniedRequest = errors.New("Login provider denied login request")
@@ -21,7 +23,6 @@ var (
func Init() {
bus.AddHandler("auth", AuthenticateUser)
loadLdapConfig()
}
func AuthenticateUser(query *m.LoginUserQuery) error {
@@ -40,14 +41,14 @@ func AuthenticateUser(query *m.LoginUserQuery) error {
ldapEnabled, ldapErr := loginUsingLdap(query)
if ldapEnabled {
if ldapErr == nil || ldapErr != ErrInvalidCredentials {
if ldapErr == nil || ldapErr != LDAP.ErrInvalidCredentials {
return ldapErr
}
err = ldapErr
}
if err == ErrInvalidCredentials {
if err == ErrInvalidCredentials || err == LDAP.ErrInvalidCredentials {
saveInvalidLoginAttempt(query)
}