* check upn field if email address isn't present, support for adfs
* correctly set login to the user's email address if not specified by the oauth server
* break up GenericOAuth.UserInfo into helper functions
How it is solved:
* Take organizations_url field data from user basic data response
* Make another request to get all organization the user is a member of (public membership)
* Authenticate user if appropriate organization found in that list
TLS was not being verified in a number of places:
- connections to grafana.com
- connections to OAuth providers when TLS client authentication was
enabled
- connections to self-hosted Grafana installations when using the CLI
tool
TLS should always be verified unless the user explicitly enables an
option to skip verification.
Removes some instances where `InsecureSkipVerify` is explicitly set to
`false`, the default, to help avoid confusion and make it more difficult
to regress on this fix by accident.
Adds a `--insecure` flag to `grafana-cli` to skip TLS verification.
Adds a `tls_skip_verify_insecure` setting for OAuth.
Adds a `app_tls_skip_verify_insecure` setting under a new `[plugins]`
section.
I'm not super happy with the way the global setting is used by
`pkg/api/app_routes.go` but that seems to be the existing pattern used.
* refactor util encryption library so it doesn't have to import log
* add util.SplitString to handle space and/or comma-separated config lines
* go fmt
* added Login property to google_oauth model
* fixed spacing
* fixed google_oauth syntax error, missing comma before newline
* set noexpandtab for commit
* break out go and js build commands
* support oauth providers that return errors via redirect
* remove extra call to get grafana.net org membership
* removed GitHub specifics from generic OAuth
* readded ability to name generic source
* revert to a backward-compatible state, refactor and clean up
* streamline oauth user creation, make generic oauth support more generic
read github api from config file instead of using public github:
http://api.github.com/user
this would be useful when you are using github enterprise edition
