IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2024-11-26 02:40:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

Auth: Use PKCE by default (If OAuth provider supports PKCE) (#68095)

Browse Source 
OAuth: change use_pkce = true to defaults.ini/sample.ini #68073

Signed-off-by: junya koyama <arukiidou@yahoo.co.jp>
This commit is contained in:
arukiidou 2023-05-12 16:37:29 +09:00 committed by GitHub
parent debf04eb2c
commit f79654feb3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 14 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
conf/defaults.ini
View File

@ -611,6 +611,7 @@ role_attribute_strict = false
allow_assign_grafana_admin = false allow_assign_grafana_admin = false
skip_org_role_sync = false skip_org_role_sync = false
tls_skip_verify_insecure = false tls_skip_verify_insecure = false
use_pkce = true
#################################### Google Auth ######################### #################################### Google Auth #########################
[auth.google] [auth.google]
@ -629,6 +630,7 @@ allowed_domains =
hosted_domain = hosted_domain =
skip_org_role_sync = false skip_org_role_sync = false
tls_skip_verify_insecure = false tls_skip_verify_insecure = false
use_pkce = true
#################################### Grafana.com Auth #################### #################################### Grafana.com Auth ####################
# legacy key names (so they work in env variables) # legacy key names (so they work in env variables)
@ -670,6 +672,7 @@ role_attribute_strict = false
allow_assign_grafana_admin = false allow_assign_grafana_admin = false
force_use_graph_api = false force_use_graph_api = false
tls_skip_verify_insecure = false tls_skip_verify_insecure = false
use_pkce = true
#################################### Okta OAuth ####################### #################################### Okta OAuth #######################
[auth.okta] [auth.okta]
@ -691,6 +694,7 @@ role_attribute_strict = false
allow_assign_grafana_admin = false allow_assign_grafana_admin = false
skip_org_role_sync = false skip_org_role_sync = false
tls_skip_verify_insecure = false tls_skip_verify_insecure = false
use_pkce = true
#################################### Generic OAuth ####################### #################################### Generic OAuth #######################
[auth.generic_oauth] [auth.generic_oauth]

4
conf/sample.ini
View File

@ -599,6 +599,7 @@
;allow_assign_grafana_admin = false ;allow_assign_grafana_admin = false
;skip_org_role_sync = false ;skip_org_role_sync = false
;tls_skip_verify_insecure = false ;tls_skip_verify_insecure = false
;use_pkce = true
#################################### Google Auth ########################## #################################### Google Auth ##########################
[auth.google] [auth.google]
@ -616,6 +617,7 @@
;allowed_domains = ;allowed_domains =
;hosted_domain = ;hosted_domain =
;skip_org_role_sync = false ;skip_org_role_sync = false
;use_pkce = true
#################################### Grafana.com Auth #################### #################################### Grafana.com Auth ####################
[auth.grafana_com] [auth.grafana_com]
@ -646,6 +648,7 @@
;allowed_groups = ;allowed_groups =
;role_attribute_strict = false ;role_attribute_strict = false
;allow_assign_grafana_admin = false ;allow_assign_grafana_admin = false
;use_pkce = true
# prevent synchronizing users organization roles # prevent synchronizing users organization roles
;skip_org_role_sync = false ;skip_org_role_sync = false
@ -667,6 +670,7 @@
;role_attribute_strict = false ;role_attribute_strict = false
;allow_assign_grafana_admin = false ;allow_assign_grafana_admin = false
;skip_org_role_sync = false ;skip_org_role_sync = false
;use_pkce = true
#################################### Generic OAuth ########################## #################################### Generic OAuth ##########################
[auth.generic_oauth] [auth.generic_oauth]