diff --git a/pkg/server/test_env.go b/pkg/server/test_env.go index 51a54dde56c..f60f9c6703e 100644 --- a/pkg/server/test_env.go +++ b/pkg/server/test_env.go @@ -4,6 +4,7 @@ import ( "github.com/grafana/grafana/pkg/infra/db" "github.com/grafana/grafana/pkg/infra/httpclient" "github.com/grafana/grafana/pkg/plugins/manager/registry" + "github.com/grafana/grafana/pkg/services/auth" "github.com/grafana/grafana/pkg/services/featuremgmt" "github.com/grafana/grafana/pkg/services/grpcserver" "github.com/grafana/grafana/pkg/services/notifications" @@ -24,6 +25,7 @@ func ProvideTestEnv( oAuthTokenService *oauthtokentest.Service, featureMgmt featuremgmt.FeatureToggles, resourceClient resource.ResourceClient, + idService auth.IDService, ) (*TestEnv, error) { return &TestEnv{ Server: server, @@ -36,6 +38,7 @@ func ProvideTestEnv( OAuthTokenService: oAuthTokenService, FeatureToggles: featureMgmt, ResourceClient: resourceClient, + IDService: idService, }, nil } @@ -51,4 +54,5 @@ type TestEnv struct { RequestMiddleware web.Middleware FeatureToggles featuremgmt.FeatureToggles ResourceClient resource.ResourceClient + IDService auth.IDService } diff --git a/pkg/tests/apis/helper.go b/pkg/tests/apis/helper.go index 12f1aa512ed..38d4ee9c602 100644 --- a/pkg/tests/apis/helper.go +++ b/pkg/tests/apis/helper.go @@ -33,7 +33,6 @@ import ( "github.com/grafana/grafana/pkg/services/accesscontrol/ossaccesscontrol" "github.com/grafana/grafana/pkg/services/accesscontrol/resourcepermissions" "github.com/grafana/grafana/pkg/services/apiserver/endpoints/request" - "github.com/grafana/grafana/pkg/services/auth/idtest" "github.com/grafana/grafana/pkg/services/datasources" "github.com/grafana/grafana/pkg/services/featuremgmt" "github.com/grafana/grafana/pkg/services/org" @@ -498,7 +497,7 @@ func (c *K8sTestHelper) CreateUser(name string, orgName string, basicRole org.Ro require.Equal(c.t, orgId, s.OrgID) require.Equal(c.t, basicRole, s.OrgRole) // make sure the role was set properly - idToken, idClaims, err := idtest.CreateInternalToken(s, []byte("secret")) + idToken, idClaims, err := c.env.IDService.SignIdentity(context.Background(), s) require.NoError(c.t, err) s.IDToken = idToken s.IDTokenClaims = idClaims diff --git a/pkg/tests/testinfra/testinfra.go b/pkg/tests/testinfra/testinfra.go index 8468cb154e2..10dbaf10d91 100644 --- a/pkg/tests/testinfra/testinfra.go +++ b/pkg/tests/testinfra/testinfra.go @@ -52,6 +52,11 @@ func StartGrafanaEnv(t *testing.T, grafDir, cfgPath string) (string, *server.Tes serverOpts := server.Options{Listener: listener, HomePath: grafDir} apiServerOpts := api.ServerOptions{Listener: listener} + // Replace the placeholder in the `signing_keys_url` with the actual address + grpcServerAuthSection := cfg.SectionWithEnvOverrides("grpc_server_authentication") + signingKeysUrl := grpcServerAuthSection.Key("signing_keys_url") + signingKeysUrl.SetValue(strings.Replace(signingKeysUrl.String(), "", listener.Addr().String(), 1)) + // Potentially allocate a real gRPC port for unified storage runstore := false unistore, _ := cfg.Raw.GetSection("grafana-apiserver") @@ -289,6 +294,13 @@ func CreateGrafDir(t *testing.T, opts ...GrafanaOpts) (string, string) { _, err = analyticsSect.NewKey("intercom_secret", "intercom_secret_at_config") require.NoError(t, err) + grpcServerAuth, err := cfg.NewSection("grpc_server_authentication") + require.NoError(t, err) + _, err = grpcServerAuth.NewKey("signing_keys_url", "http:///api/signing-keys/keys") + require.NoError(t, err) + _, err = grpcServerAuth.NewKey("allowed_audiences", "org:1") + require.NoError(t, err) + getOrCreateSection := func(name string) (*ini.Section, error) { section, err := cfg.GetSection(name) if err != nil {