IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity
14,163 Commits 5,416 Branches 554 Tags
a1b1d2fe80d17927b5157908838a53f8bdbb65c1
Commit Graph

51 Commits

Author SHA1 Message Date
Dan Cech
a1b1d2fe80 switch to Result 2018-04-17 14:06:25 -04:00
Dan Cech
1c5afa731f shared library for managing external user accounts 2018-04-17 14:06:25 -04:00
Dan Cech
bbd6adabbf move quota to dedicated service 2018-03-07 17:19:35 -05:00
Dan Cech
c0ecdee375 rename Context to ReqContext 2018-03-07 11:54:50 -05:00
Dan Cech
338655dd37 move Context and session out of middleware 2018-03-06 18:16:49 -05:00
Torkel Ödegaard
0e61a670bb fix: error handling now displays page correctly, fixes #10777 2018-02-06 12:28:17 +01:00
Torkel Ödegaard
dbfaf5dac8 refactor: minor refactoring of PR #10560 2018-01-23 13:03:44 +01:00
Dan Cech
04e17c145f support for decoding JWT id tokens 2018-01-18 18:25:58 -05:00
bergquist
5eb36e65f2 use context over golang.org/x/net/context 2018-01-16 12:32:58 +01:00
m-pavel
dff66559e4 Use URLEncoding instead of StdEncoding to be sure state value will be corectly decoded (#10512) 2018-01-15 08:49:30 +01:00
bergquist
88f55b01d8 oauth: raise error if session state is missing 
ref #9476
 2017-10-12 15:25:27 +02:00
bergquist
0848ba2e9c oauth: provide more logging for failed oauth requests 2017-10-12 15:25:27 +02:00
Matt Bostock
83f1ae4e3e OAuth: Rename sslcli 
Rename `sslcli` to the more descriptive `oauthClient`.
 2017-10-06 17:10:03 +01:00
Matt Bostock
ccf093da81 OAuth: Separate TLS client auth and CA config 
It should be specify to either use TLS client authentication or use a
user-supplied CA; previously you had to enable client authentication to
use a custom CA.
 2017-10-06 17:10:03 +01:00
Matt Bostock
f2f8ca52d9 OAuth: Check both TLS client cert and key 
If either is set, try to use them.

This should help avoid a situation where someone has half-configured TLS
client authentication and it doesn't work without raising an obvious
error.
 2017-10-06 17:10:03 +01:00
Matt Bostock
16c5d0e4b7 Always verify TLS unless explicitly told otherwise 
TLS was not being verified in a number of places:

- connections to grafana.com

- connections to OAuth providers when TLS client authentication was
  enabled

- connections to self-hosted Grafana installations when using the CLI
  tool

TLS should always be verified unless the user explicitly enables an
option to skip verification.

Removes some instances where `InsecureSkipVerify` is explicitly set to
`false`, the default, to help avoid confusion and make it more difficult
to regress on this fix by accident.

Adds a `--insecure` flag to `grafana-cli` to skip TLS verification.

Adds a `tls_skip_verify_insecure` setting for OAuth.

Adds a `app_tls_skip_verify_insecure` setting under a new `[plugins]`
section.

I'm not super happy with the way the global setting is used by
`pkg/api/app_routes.go` but that seems to be the existing pattern used.
 2017-10-06 17:09:27 +01:00
bergquist
2de94d6548 convert old metrics to prom metrics 2017-09-14 14:26:32 +02:00
Eirik Nygaard
1efdd92ae8 Update oauth2 lib (#8524) 
* Update to latest oauth2 library using govendor

* Follow API changes
 2017-06-05 10:09:27 +02:00
Dan Cech
8422697199 centralize oauth http calls, validate response status (#8470) 2017-05-26 14:35:32 +02:00
Daniel Lee
79cef75fed Merge pull request #7426 from Altoros/altoros/authorization-errors 
Add common type for oauth authorization errors
 2017-03-23 15:25:35 +01:00
bergquist
70b36a02af Revert "tech: use context package over xperimental version" 
This reverts commit 99f1c30071.
 2017-02-20 22:04:51 +01:00
bergquist
99f1c30071 tech: use context package over xperimental version 2017-02-20 21:44:15 +01:00
Dan Cech
b22881c717 redirect user to requested url after login via oauth 2017-02-09 14:01:53 -05:00
Alexander Menzhinsky
30c334a2b8 Add common type for oauth authorization errors 2017-02-01 16:42:59 +03:00
huydx
adb441e5c8 (format) run go fmt in pkg 2016-12-14 12:17:38 +09:00
Tom Kozlowski
a353c8d1bb added explicitly setting token as Bearer Type 2016-11-16 09:55:14 -05:00
Eric Uldall
658fc1a67a added hosted domain suppport to google oauth login (#6372) 2016-10-28 12:00:47 +02:00
Eric Uldall
eda442dbf9 added support to login user oauth user by email only (#6330) 
* added support to login user oauth user by email only

* added sql handler

* fixed model method name from GetUserByEmail to GetUserByEmailQuery

* fixed variable declaration typo
 2016-10-20 06:45:10 +02:00
Dan Cech
6b16fcea52 Oauth2 Updates (#6226) 
* break out go and js build commands

* support oauth providers that return errors via redirect

* remove extra call to get grafana.net org membership

* removed GitHub specifics from generic OAuth

* readded ability to name generic source

* revert to a backward-compatible state, refactor and clean up

* streamline oauth user creation, make generic oauth support more generic
 2016-10-11 08:51:44 +02:00
Eric Perrino
81443bf8b4 Added a state parameter for all OAuth requests 2016-10-08 01:22:32 -05:00
Dan Cech
b387c1291d Merge branch 'master' into gnet-oauth 
Conflicts:
	pkg/api/login_oauth.go
 2016-09-21 09:39:35 -04:00
Torkel Ödegaard
b4111d78e1 fix(security): fixed login issue that was a potential for social engineering, fixes #6014 2016-09-21 15:03:14 +02:00
Dan Cech
630a8ed8aa support setting default org role when adding user via grafana.net auth 2016-09-20 12:36:36 -04:00
Dan Cech
da95a23080 remove 'Github' from oauth login error messages 2016-09-20 11:36:13 -04:00
Torkel Ödegaard
3b69c8f687 feat(alerting): new design for alert tab with sidemenu 2016-07-31 09:31:32 +02:00
woodsaj
6488324cf1 enhance quota support. 
now includes:
- perOrg (users, dashboards, datasources, api_keys)
- perUser (orgs)
- global (users, orgs, dashboards, datasources, api_keys, sessions)
 2015-09-11 23:17:10 +08:00
Indrek Juhkam
b55d9350e7 Add github organizations support 2015-05-23 17:06:51 +03:00
Torkel Ödegaard
0d3fbb8659 Added message alerts when login failed due to github team membership or email domain requirement, #1731, #1660 2015-04-29 10:08:01 +02:00
Garrett Bjerkhoel
1d7f945268 Handle special error case if connect.UserInfo returns an error 2015-04-28 20:22:45 -07:00
Jason Harvey
ddaac50a25 Add allow_sign_up override for auth.google/github. 2015-04-16 13:43:18 -08:00
Torkel Ödegaard
eb575685aa OAuth: Specify allowed email address domains for google or and github oauth logins, Closes #1660 2015-04-06 14:16:22 +02:00
Torkel Ödegaard
d987532262 Added server metrics 2015-03-22 15:14:00 -04:00
Torkel Ödegaard
f3d4d2782f Simplified single org settings, now auto_assign_org, and auto_assign_org_role, new [users] config section, Closes #1585 2015-03-11 16:19:29 +01:00
Torkel Ödegaard
10820f31c2 Changed go package path 2015-02-05 10:37:13 +01:00
Torkel Ödegaard
04d03f73b3 Added disable user sign up feature 2015-01-29 15:46:54 +01:00
Torkel Ödegaard
90925273a0 User / Account model split, User and account now seperate entities, collaborators are now AccountUsers 2015-01-19 18:01:04 +01:00
Torkel Ödegaard
f858f6b621 Add collaborator now handles role, added macaron-contrib/binding for binding and validation 2015-01-16 11:54:19 +01:00
Torkel Ödegaard
19c70a126f fixed oauth login redirect when using app sub url 2015-01-05 08:21:52 +01:00
Torkel Ödegaard
ee443d91dd Fixed account creation on first github login 2015-01-01 22:27:19 +01:00
Torkel Ödegaard
e9fcca16bd updated to new golang/x/oauth2 2014-12-30 10:10:13 +01:00