Uses new httpclient package from grafana-plugin-sdk-go introduced
via grafana/grafana-plugin-sdk-go#328.
Replaces the GetHTTPClient, GetTransport, GetTLSConfig methods defined
on DataSource model.
Longer-term the goal is to migrate core HTTP backend data sources to use the
SDK contracts and using httpclient.Provider for creating HTTP clients and such.
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* AuthType in route configuration
* Pass interpolated auth parameters to token provider
* Unit tests
* Update after review
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Fixes#33669Closed#33732
Fix encoded characters in URL path should be proxied as encoded in the data proxy.
Fixes#26870Fixes#31438
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Run post-friendly request with set method first
* Improve messaging, retry only when post and specific status code
* Add comments
* Fix backend
* Update public/app/plugins/datasource/prometheus/datasource.ts
* remove unused function to interpolate URLs
* share function to add headers between ds/plugin proxies
* stop performing unnecessary plugin setting lookup
* fix bug causing runtime errors when using complex templated URLs
* lower case util functions not used outside of pluginproxy package
* change test URL to a (valid) dummy URL to make intent clearer
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Chore: Convert tests to standard Go lib
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
Adds support for the Forward OAuth Identity feature in backend data source plugins.
Earlier this feature has only been supported for non-backend data source plugins.
Fixes#26023
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
This adds a check to see if plugin route URL is empty, and in such case
does not modify request schema and host of the request to be proxied.
This behavior is now the same as in the plugin proxy.
OAuth token refresh fails when custom SSL settings are configured for
oauth provider. These changes makes sure that custom SSL settings
are applied for HTTP client before refreshing token.
Fixes#27514
This ensures that the X-Grafana-User header can be trusted.
If the configuration enabled the setting of this header, the
server can now trust that X-Grafana-User is set/unset by Grafana.
Before this, an anonymous user could simply set the X-Grafana-User
header themselves (using the developer tool for example)
Moves common request proxy utilities to proxyutil package with
support for removing X-Forwarded-Host, X-Forwarded-Port,
X-Forwarded-Proto headers, setting X-Forwarded-For header
and cleaning Cookie header.
Using the proxyutil package to prepare and clean request
headers before resource calls.
Closes#21512
Now any errors logged by http.ReverseProxy are forwarded to
Grafana's logger and includes more contextual information like
level (error), user id, org id, username, proxy path, referer and
IP address.
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
By rotating the auth tokens at the end of the request we ensure
that there is minimum delay between a new token being generated
and the client receiving it.
Adds auth token slow load test which uses random latency for all
tsdb queries..
Cleans up datasource proxy response handling.
DefaultHandler in middleware tests should write a response, the
responseWriter BeforeFuncs wont get executed unless a response
is written.
Fixes#18644
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
