JWT Authentication: Add support for specifying groups in auth.jwt for teamsync (#82175)

* merge JSON search logic

* document public methods

* improve test coverage

* use separate JWT setting struct

* correct use of cfg.JWTAuth

* add group tests

* fix DynMap typing

* add settings to default ini

* add groups option to devenv path

* fix test

* lint

* revert jwt-proxy change

* remove redundant check

* fix parallel test

pkg/services/contexthandler/contexthandler.go

@@ -213,8 +213,8 @@ func WithAuthHTTPHeaders(ctx context.Context, cfg *setting.Cfg) context.Context
 	list.Items = append(list.Items, "X-Grafana-Device-Id")
 
 	// if jwt is enabled we add it to the list. We can ignore in case it is set to Authorization
-	if cfg.JWTAuthEnabled && cfg.JWTAuthHeaderName != "" && cfg.JWTAuthHeaderName != "Authorization" {
-		list.Items = append(list.Items, cfg.JWTAuthHeaderName)
+	if cfg.JWTAuth.Enabled && cfg.JWTAuth.HeaderName != "" && cfg.JWTAuth.HeaderName != "Authorization" {
+		list.Items = append(list.Items, cfg.JWTAuth.HeaderName)
 	}
 
 	// if auth proxy is enabled add the main proxy header and all configured headers

pkg/services/contexthandler/contexthandler_test.go

@@ -153,8 +153,8 @@ func TestContextHandler(t *testing.T) {
 
 	t.Run("should store auth header in context", func(t *testing.T) {
 		cfg := setting.NewCfg()
-		cfg.JWTAuthEnabled = true
-		cfg.JWTAuthHeaderName = "jwt-header"
+		cfg.JWTAuth.Enabled = true
+		cfg.JWTAuth.HeaderName = "jwt-header"
 		cfg.AuthProxyEnabled = true
 		cfg.AuthProxyHeaderName = "proxy-header"
 		cfg.AuthProxyHeaders = map[string]string{