grafana

IntenseWebs/grafana

Fork 0

mirror of https://github.com/grafana/grafana.git synced 2024-12-30 10:47:30 -06:00

Commit Graph

Author	SHA1	Message	Date
Jo	c2d3c90bc8	Auth: Implement Token URL JWT Auth (#52662 ) * Auth: check of auth_token in url and resolve user if present * check if auth_token is passed in url * Auth: Pass auth_token for request if present in path * no need to decode token in index * temp * use loadURLToken and set authorization header * cache token in memory and strip it from url * Use loadURLToken * Keep token in url * strip sensitive query strings from url used by context logger * adapt login by url to jwt token * add jwt iframe devenv * add jwt iframe devenv instructions * add access note * add test for cleaning request * ensure jwt token is not carried into handlers * do not reshuffle queries, might be important * add correct db dump location * prefer set token instead of cached token Co-authored-by: Ieva <ieva.vasiljeva@grafana.com> Co-authored-by: Karl Persson <kalle.persson@grafana.com> Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>	2022-07-27 16:10:47 +02:00
Ezequiel Victorero	dfab100dc7	Chore: sanitize values before being logged from request headers (#49245 ) * Chore: sanitize values being logged directly from request headers	2022-05-23 14:18:33 -03:00

Author

SHA1

Message

Date

c2d3c90bc8

Auth: Implement Token URL JWT Auth (#52662 )

* Auth: check of auth_token in url and resolve user if present

* check if auth_token is passed in url

* Auth: Pass auth_token for request if present in path

* no need to decode token in index

* temp

* use loadURLToken and set authorization header

* cache token in memory and strip it from url

* Use loadURLToken

* Keep token in url

* strip sensitive query strings from url used by context logger

* adapt login by url to jwt token

* add jwt iframe devenv

* add jwt iframe devenv instructions

* add access note

* add test for cleaning request

* ensure jwt token is not carried into handlers

* do not reshuffle queries, might be important

* add correct db dump location

* prefer set token instead of cached token

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

2022-07-27 16:10:47 +02:00

Ezequiel Victorero

dfab100dc7

Chore: sanitize values before being logged from request headers (#49245 )

* Chore: sanitize values being logged directly from request headers

2022-05-23 14:18:33 -03:00

2 Commits