IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

ServiceAccounts: Add identifiable token prefix to service account tokens (#49011)

Browse Source 
* Add prefixed API key gen.

* Retrieve API Key by hash

* Handle prefixed API keys for login

* Add placeholder key generator

* fix spelling

* add get by hash sqlstore test

* reformat query

* quote usage of reserved keyword key

* use constant

* improve error handling and pre-select key type

Co-authored-by: Victor Cinaglia <victor@grafana.com>

* nits

Co-authored-by: Victor Cinaglia <victor@grafana.com>
This commit is contained in:
Jguer
2022-05-23 11:14:38 +00:00
committed by GitHub
parent 2ba1a75d50
commit 6891bbf03c
11 changed files with 282 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
pkg/services/serviceaccounts/api/token.go
View File

@@ -8,13 +8,16 @@ import (
"github.com/grafana/grafana/pkg/api/dtos"
"github.com/grafana/grafana/pkg/api/response"
"github.com/grafana/grafana/pkg/components/apikeygen"
apikeygenprefix "github.com/grafana/grafana/pkg/components/apikeygenprefixed"
"github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/services/serviceaccounts"
"github.com/grafana/grafana/pkg/web"
)
const failedToDeleteMsg = "Failed to delete API key"
const (
failedToDeleteMsg = "Failed to delete API key"
ServiceID = "sa"
)
type TokenDTO struct {
Id int64 `json:"id"`
@@ -106,7 +109,7 @@ func (api *ServiceAccountsAPI) CreateToken(c *models.ReqContext) response.Respon
}
}
newKeyInfo, err := apikeygen.New(cmd.OrgId, cmd.Name)
newKeyInfo, err := apikeygenprefix.New(ServiceID)
if err != nil {
return response.Error(http.StatusInternalServerError, "Generating API key failed", err)
}

9
pkg/services/serviceaccounts/api/token_test.go
View File

@@ -13,6 +13,7 @@ import (
"github.com/grafana/grafana/pkg/api/routing"
"github.com/grafana/grafana/pkg/components/apikeygen"
apikeygenprefix "github.com/grafana/grafana/pkg/components/apikeygenprefixed"
"github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/services/accesscontrol"
accesscontrolmock "github.com/grafana/grafana/pkg/services/accesscontrol/mock"
@@ -148,6 +149,14 @@ func TestServiceAccountsAPI_CreateToken(t *testing.T) {
assert.Equal(t, sa.Id, *query.Result.ServiceAccountId)
assert.Equal(t, sa.OrgId, query.Result.OrgId)
assert.True(t, strings.HasPrefix(actualBody["key"].(string), "glsa"))
keyInfo, err := apikeygenprefix.Decode(actualBody["key"].(string))
assert.NoError(t, err)
hash, err := keyInfo.Hash()
require.NoError(t, err)
require.Equal(t, query.Result.Key, hash)
}
})
}