Commit Graph

112 Commits

Author SHA1 Message Date
Marcus Efraimsson
d0a80c59f3
Rendering: Store render key in remote cache (#22031)
By storing render key in remote cache it will enable
image renderer to use public facing url or load
balancer url to render images and thereby remove
the requirement of image renderer having to use the
url of the originating Grafana instance when running
HA setup (multiple Grafana instances).

Fixes #17704
Ref grafana/grafana-image-renderer#91
2020-02-19 19:47:39 +01:00
Marcus Efraimsson
fd52570b7f
API: Improve recovery middleware when response already been written (#22256)
Suppresses stacktrace in recovery middleware if error is
http.ErrAbortHandler.
Skips writing response error in recovery middleware if
resoonse have already been written.
Skips try rotate of auth token if response have already
been written.
Skips adding default response headers if response have
already been written.

Fixes #15728
Ref #18082

Co-Authored-By: Arve Knudsen <arve.knudsen@gmail.com>
2020-02-18 22:53:40 +01:00
Carl Bergquist
fe16028e02
Auth: Don't rotate auth token when requests are cancelled by client (#22106)
if the client closes the connection we should not
rotate token since the client will never receive the
new token.

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-02-17 17:31:44 +01:00
Anthony Woods
f56f54b1a3 Auth: Rotate auth tokens at the end of requests (#21347)
By rotating the auth tokens at the end of the request we ensure
that there is minimum delay between a new token being generated
and the client receiving it.
Adds auth token slow load test which uses random latency for all 
tsdb queries..
Cleans up datasource proxy response handling.
DefaultHandler in middleware tests should write a response, the 
responseWriter BeforeFuncs wont get executed unless a response
is written.

Fixes #18644 

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2020-01-15 13:03:12 +01:00
Jeffrey Descan
c5f906f472 Security: refactor 'redirect_to' cookie to use 'Secure' flag (#19787)
* Refactor redirect_to cookie with secure flag in middleware

* Refactor redirect_to cookie with secure flag in api/login

* Refactor redirect_to cookie with secure flag in api/login_oauth

* Removed the deletion of 'Set-Cookie' header to prevent logout

* Removed the deletion of 'Set-Cookie' at top of api/login.go

* Add HttpOnly flag on redirect_to cookies where missing

* Refactor duplicated code

* Add tests

* Refactor cookie options

* Replace local function for deleting cookie

* Delete redundant calls

Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
2020-01-10 15:55:30 +02:00
Arve Knudsen
35e0e078b7
pkg/util: Check errors (#19832)
* pkg/util: Check errors
* pkg/services: DRY up code
2019-10-23 10:40:12 +02:00
kay delaney
fb0cec5591
Backend: Adds support for HTTP/2 (#18358)
* Backend: Adds support for HTTP/2

* Adds mozilla recommended ciphers

* Updates sample.ini and config documentation
2019-08-16 16:06:54 +01:00
Sofia Papagiannaki
4e29357d15
Backend: Do not set SameSite cookie attribute if cookie_samesite is none (#18462)
* Do not set SameSite login_error cookie attribute if cookie_samesite is none

* Do not set SameSite grafana_session cookie attribute if cookie_samesite is none

* Update middleware tests
2019-08-09 09:10:08 +03:00
Oleg Gaidarenko
d88fdc86fc Auth: Do not search for the user twice (#18366)
* Auth: Do not search for the user twice

Previously `initContextWithBasicAuth` did not use `LoginUserQuery`, doing
`GetUserByLoginQuery` only i.e. looking user in DB only, things changed when
this function started to check LDAP provider via `LoginUserQuery` (#6940),
however, this request was placed after `GetUserByLoginQuery`, so we first
looking in DB then in the LDAP - if LDAP user hasn't logged in we will
not find it in DB, so `LoginUserQuery` will never be reached.

`LoginUserQuery` request already performs `GetUserByLoginQuery`
request in correct sequence. So we can just remove redundant request.

* Correct sequence execution during authentification &
  introduce tests for it

* Move basic auth tests to separate test file, since main test file already
  pretty large

* Introduce `testing.go` for the middleware module

* Remove redundant test helper function

* Make handler names more explicit

Ref 5777f65d05
Fixes #18329

* Auth: address review comment
2019-08-03 21:50:05 +02:00
Oleg Gaidarenko
82661b9f69 Auth: consistently return same basic auth errors (#18310)
* Auth: consistently return same basic auth errors

* Put repeated errors in consts and return only those consts as error strings

* Add tests for errors basic auth cases and moves tests to separate test-case.
  Also names test cases consistently

* Add more error logs and makes their messages consistent

* A bit of code style

* Add additional test helper

* Auth: do not expose even incorrect password

* Auth: address review comments

Use `Debug` for the cases when it's an user error
2019-08-02 11:16:31 +02:00
gotjosh
332920954e
SAML: Show SAML login button even if OAuth is disabled (#17993)
* Move the SAML button outside of the oauth div
* Don't attempt to search cookies with an empty name
2019-07-09 10:15:52 +01:00
Sofia Papagiannaki
dc9ec7dc91
Auth: Allow expiration of API keys (#17678)
* Modify backend to allow expiration of API Keys

* Add middleware test for expired api keys

* Modify frontend to enable expiration of API Keys

* Fix frontend tests

* Fix migration and add index for `expires` field

* Add api key tests for database access

* Substitude time.Now() by a mock for test usage

* Front-end modifications

* Change input label to `Time to live`
* Change input behavior to comply with the other similar
* Add tooltip

* Modify AddApiKey api call response

Expiration should be *time.Time instead of string

* Present expiration date in the selected timezone

* Use kbn for transforming intervals to seconds

* Use `assert` library for tests

* Frontend fixes

Add checks for empty/undefined/null values

* Change expires column from datetime to integer

* Restrict api key duration input

It should be interval not number

* AddApiKey must complain if SecondsToLive is negative

* Declare ErrInvalidApiKeyExpiration

* Move configuration to auth section

* Update docs

* Eliminate alias for models in modified files

* Omit expiration from api response if empty

* Eliminate Goconvey from test file

* Fix test

Do not sleep, use mocked timeNow() instead

* Remove index for expires from api_key table

The index should be anyway on both org_id and expires fields.
However this commit eliminates completely the index for now
since not many rows are expected to be in this table.

* Use getTimeZone function

* Minor change in api key listing

The frontend should display a message instead of empty string
if the key does not expire.
2019-06-26 09:47:03 +03:00
Kyle Brandt
bd08d8ce8e
middleware: fix Strict-Transport-Security header (#17644)
fixes #17641
2019-06-18 14:24:23 -04:00
Yann Verry
ed613194ac HTTPServer: Fix X-XSS-Protection header formatting (#17620)
Fixes #17619
2019-06-17 23:46:35 +02:00
Oleg Gaidarenko
1b1d951495 LDAP: refactoring (#17479)
* LDAP: use only one struct

* Use only models.ExternalUserInfo

* Add additional helper method :/

* Move all the helpers to one module

* LDAP: refactoring

* Rename some of the public methods and change their behaviour

* Remove outdated methods

* Simplify logic

* More tests
  There is no and never were tests for settings.go, added tests for helper
  methods (cover is now about 100% for them). Added tests for the main
  LDAP logic, but there is some stuff to add. Dial() is not tested and not
  decoupled. It might be a challenge to do it properly

* Restructure tests:
   * they wouldn't depend on external modules
   * more consistent naming
   * logical division

* More guards for erroneous paths

* Login: make login service an explicit dependency

* LDAP: remove no longer needed test helper fns

* LDAP: remove useless import

* LDAP: Use new interface in multildap module

* LDAP: corrections for the groups of multiple users

* In case there is several users their groups weren't detected correctly

* Simplify helpers module
2019-06-13 16:47:51 +02:00
Kyle Brandt
599514ad68
middleware: add security related HTTP(S) response headers (#17522)
* x_xss_protection
  * strict_transport_security (HSTS)
  * x_content_type_options

these are currently defaulted to false (off) until the next minor release.

fixes #17509
2019-06-12 13:15:50 +02:00
Oleg Gaidarenko
35f227de11
Feature: LDAP refactoring (#16950)
* incapsulates multipleldap logic under one module

* abstracts users upsert and get logic

* changes some of the text error messages and import sort sequence

* heavily refactors the LDAP module – LDAP module now only deals with LDAP related behaviour

* integrates affected auth_proxy module and their tests

* refactoring of the auth_proxy logic
2019-05-17 14:57:26 +03:00
zhulongcheng
2fff8f77dc move log package to /infra (#17023)
ref #14679

Signed-off-by: zhulongcheng <zhulongcheng.me@gmail.com>
2019-05-13 08:45:54 +02:00
Marcus Efraimsson
1c1427520d
Security: Add new setting allow_embedding (#16853)
When allow_embedding is false (default) the Grafana backend 
will set the http header `X-Frame-Options: deny` in all responses 
to non-static content which will instruct browser to not allow 
Grafana to be embedded in `<frame>`, `<iframe>`, 
`<embed>` or `<object>`.

Closes #14189
2019-05-06 09:56:23 +02:00
Marcus Efraimsson
f778c1d971
Security: Responses from backend should not be cached (#16848)
Currently all API requests set Cache-control: no-cache to avoid browsers 
caching sensitive data. This fixes so that all responses returned from 
backend not are cached using http headers. The exception is the data proxy 
where we don't add these http headers in case datasource backend needs 
to control whether data can be cached or not.

Fixes #16845
2019-05-06 09:22:59 +02:00
Carl Bergquist
9660356638
Auth: Enable retries and transaction for some db calls for auth tokens (#16785)
the WithSession wrapper handles retries and connection
management so the caller dont have to worry about it.
2019-04-30 14:42:01 +02:00
Oleg Gaidarenko
67cbc7d4cf
Chore: use remote cache instead of session storage (#16114)
Replaces session storage in auth_proxy middleware with remote cache

Fixes #15161
2019-04-08 14:31:46 +03:00
Marcus Efraimsson
8678620730
move UserToken and UserTokenService to models package 2019-02-06 16:55:12 +01:00
Marcus Efraimsson
a60124a88c
change UserToken from interface to struct 2019-02-06 16:30:50 +01:00
Marcus Efraimsson
44275d9660
middleware fix 2019-02-06 08:45:01 +01:00
Marcus Efraimsson
871c84d195
changes needed for api/middleware due to configuration settings 2019-02-05 21:14:23 +01:00
Marcus Efraimsson
d53e64a32c
move auth token middleware/hooks to middleware package
fix/adds auth token middleware tests
2019-02-05 00:21:05 +01:00
bergquist
f257101c41 removes unused/commented code 2019-01-24 11:26:45 +01:00
bergquist
5998646da5 restrict session usage to auth_proxy 2019-01-23 14:56:48 +01:00
Marcus Efraimsson
4096449aec
extract auth token interface and remove auth token from context 2019-01-22 12:00:33 +01:00
bergquist
55b3013eb3 moves initWithToken to auth package 2019-01-21 11:37:44 +01:00
Marcus Efraimsson
734a7d38b2
set cookie name from configuration 2019-01-21 11:21:43 +01:00
Marcus Efraimsson
0d1e3759eb
mixor fixes 2019-01-21 10:20:23 +01:00
Marcus Efraimsson
f3125b447b
dead code 2019-01-21 10:20:23 +01:00
bergquist
47a7d93fd9 moves rotation into auth since both happens before c.Next() 2019-01-21 08:59:01 +01:00
bergquist
fd937e3d95 remove maxage from session token 2019-01-17 21:03:27 +01:00
Marcus Efraimsson
97c7963f17
fix cannot set cookie when response is written 2019-01-17 20:27:53 +01:00
bergquist
c2accfa4c0 inital code for rotate 2019-01-17 17:11:52 +01:00
bergquist
aba6148c43 login users based on token cookie 2019-01-16 16:44:40 +01:00
Marcus Efraimsson
cfb061ddab
refactor datasource caching 2018-10-30 09:31:56 +01:00
Mario Trangoni
e673337cb9 pkg/middleware/middleware.go: Fix empty branch warning.
See,
$ gometalinter --vendor --deadline 10m --disable-all --enable=megacheck ./...
pkg/middleware/middleware.go:46:3⚠️ empty branch (SA9003) (megacheck)
2018-10-19 19:49:04 +02:00
Torkel Ödegaard
abef94b0da made it possible to have frontend code in symlinked folders that can add routes 2018-10-11 12:36:04 +02:00
Torkel Ödegaard
80d694d205
Backend image rendering as plugin (#11966)
* rendering: headless chrome progress

* renderer: minor change

* grpc: version hell

* updated grpc libs

* wip: minor progess

* rendering: new image rendering plugin is starting to work

* feat: now phantomjs works as well and updated alerting to use new rendering service

* refactor: renamed renderer package and service to rendering to make renderer name less confusing (rendering is internal service that handles the renderer plugin now)

* rendering: now render key is passed and render auth is working in plugin mode

* removed unneeded lines from gitignore

* rendering: now plugin mode supports waiting for all panels to complete rendering

* fix: LastSeenAt fix for render calls, was not set which causes a lot of updates to Last Seen at during rendering, this should fix sqlite db locked issues in seen in previous releases

* change: changed render tz url parameter to use proper timezone name as chrome does not handle UTC offset TZ values

* fix: another update to tz param generation

* renderer: added http mode to renderer service, new ini setting [rendering] server_url
2018-05-24 15:26:27 +02:00
Dan Cech
1c5afa731f
shared library for managing external user accounts 2018-04-17 14:06:25 -04:00
Dan Cech
c0ecdee375
rename Context to ReqContext 2018-03-07 11:54:50 -05:00
Dan Cech
338655dd37
move Context and session out of middleware 2018-03-06 18:16:49 -05:00
Torkel Ödegaard
0e61a670bb fix: error handling now displays page correctly, fixes #10777 2018-02-06 12:28:17 +01:00
Torkel Ödegaard
a8a5f8181b fix: viewers can edit now works correctly 2017-12-15 14:19:49 +01:00
bergquist
2de94d6548 convert old metrics to prom metrics 2017-09-14 14:26:32 +02:00
Torkel Ödegaard
668cb3c1ef Merge branch 'v4.4.x' 2017-08-09 10:37:06 +02:00