Commit Graph

77 Commits

Author SHA1 Message Date
Diana Payton
e08b39d4f0
Docs: minor fixes (#22223)
* Update enhanced_ldap.md

* Update ldap.md

* Minor fixes
2020-02-18 12:28:59 -08:00
Diana Payton
0d3d8edb92
Docs: Refactored Enterprise side menu (#22189)
* Refactored Enterprise side menu

* Update menu.yaml

* Fixed links

* Update menu.yaml
2020-02-14 09:34:39 -08:00
Jeet Parekh
f1989f1bfc
docs: change URL occurences to uppercase (#22151)
* change URL occurences to uppercase

* Update docs/sources/tutorials/iis.md

Co-Authored-By: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2020-02-14 08:11:08 -08:00
Alexander Zobnin
f2fc7aa3aa
Azure OAuth: enable teamsync (#22160)
* Azure OAuth: extract groups from token for teamsync

* Docs: changed some headers

* Azure OAuth: fix tests

* Azure OAuth: fix linter error (simplify)

* Azure OAuth: add allowed_groups option

* Azure OAuth: docs for team sync and allowed_groups

* Azure OAuth: tests for allowed_groups

* Update docs/sources/auth/azuread.md

Co-Authored-By: Leonard Gram <leo@xlson.com>

Co-authored-by: Leonard Gram <leo@xlson.com>
2020-02-14 14:03:00 +03:00
Mohit Nain
63d999a739
Docs: Correcting Typo in Line131 (#22155) 2020-02-13 10:34:01 -08:00
twendt
ff6a082e23
Auth: Azure AD OAuth (#20030)
* Implement Azure AD oauth

* Use go-jose and cleanup

* Update go-jose in go.mod

* cleanup

* Add unit tests

* Fix scopes

* Add documentation page

* Improve documentation

* Convert extract_role into function.

* Do not use upn and replace unique_name with preferred_username

* Configure login button

* Use official microsoft icon and color from branding guideline.

* Add Azure AD config section in sample.ini.
2020-02-13 12:12:25 +03:00
Agnès Toulet
534295a9ae
Docs: add LDAP active sync limitation for single bind configuration (#22098)
* Docs: add LDAP active sync limitation for single bind

* Docs: update header for LDAP active sync limitation

Co-Authored-By: Leonard Gram <leo@xlson.com>
2020-02-11 17:58:39 +01:00
Leonard Gram
90f552b6b6
Docs: Enterprise 6.6 (#21666)
* Docs: gitlab team-sync documented correctly

* docs: initial docs for whitelabeling

* Docs: enterprise repositories

* Docs: rpm enterprise install

* Docs: re-structured the rpm install page to be more similar to the deb page

* Docs: responded to review feedback

* Docs: recommends the enterprise edition

* Update docs/sources/installation/debian.md
2020-01-24 16:33:59 +01:00
Marcus Efraimsson
4835539248
Docs: Fix aliases/redirects (#21241)
Makes all aliases rooted to /docs/grafana/latest.

Fixes #21240
2019-12-30 08:17:03 +01:00
Sriramajeyam
88aab3e6c1 Docs: Fix Azure ad generic OAuth code markdown formatting (#21189) 2019-12-19 15:27:05 +01:00
Alexander Morozov
06bf7e8ef1 OAuth: Removes send_client_credentials_via_post setting (#20044)
Removes send_client_credentials_via_post oauth setting and 
use auto-detect mechanism instead.
By these changes also fixes statichcheck errors

Ref #8968
2019-12-12 20:00:56 +01:00
Sebastian Markgraf
7d6bd78e0b Docs: Change checkout to check out where necessary (#20926)
Fixes #20775
2019-12-10 10:23:07 -08:00
Robby Milo
cbd81ffeb8 Docs: update content to work with website repo (#20693)
Updates the docs to work with the website repo - mainly 
relative link updates.
Adds a menu.yaml file to build the sidebar menu (no longer 
using front matter weight).
2019-12-05 13:09:57 +01:00
Marcus Efraimsson
073e9ef9e7
Docs: What's new in Grafana v6.5 Draft (#20368)
Fixes incorrect auth proxy link.
Update index page to link to v6.4 (currently latest).
Adds What's new in v6.5 draft article.
2019-11-14 13:50:03 +01:00
Jon Gyllenswärd
3111c3620b AuthProxy: additions to ttl config change (#20249)
* fixes according to feedback

* additions to config and docs
2019-11-08 10:51:15 +01:00
Torkel Ödegaard
be2bf1a297
AuthProxy: Can now login with auth proxy and get a login token (#20175)
* AuthProxy: Can now login with auth proxy and get a login token

* added unit tests

* renamed setting and updated docs

* AuthProxy: minor tweak

* Fixed tests and namings

* spellfix

* fix

* remove unused setting, probably from merge conflict

* fix
2019-11-07 17:48:56 +01:00
Martin Reinhardt
7a3d1c0e4b OAuth: Generic OAuth role mapping support (#17149)
Adds support for Generic OAuth role mapping. A new 
configuration setting for generic oauth is added named 
role_attribute_path which accepts a JMESPath expression.
Only Grafana roles named Viewer, Editor or Admin are
accepted.

Closes #9766
2019-11-05 21:56:42 +01:00
Alexandre de Verteuil
782eda3e9a Update Azure AD instructions in generic-oauth.md (#20091)
Update Azure AD instructions to follow heading changes in Azure Portal.

> In the legacy experience, an app had Keys page. In the new experience, it has been renamed to Certificates & secrets. In addition, Public keys are referred to as Certificates and Passwords are referred to as Client secrets.

Source: https://docs.microsoft.com/en-us/azure/active-directory/develop/app-registrations-training-guide#keyscertificates--secrets

I verified by logging in Azure AD and walking through the steps.
2019-10-31 15:07:09 +02:00
Sofia Papagiannaki
0196eca5ac Update Apache configuration to work with MPMs as shared modules (#19900) 2019-10-22 11:22:24 +02:00
HG00
f58ec04c12 Docs: General improvements to docs, and a fix in oauth (#19587)
* Docs: Update Centrify Section In Generic Oauth Ref #18207

* Docs: Alphabetise Features / Data Sources (#19289)

* Docs: guides/getting started cleanup (#19449)
2019-10-03 20:28:30 +02:00
brew-install-buzzwords
618652d16e Docs: Replace ampersands with and (#19609) 2019-10-03 18:20:52 +02:00
gotjosh
f2ef49f950
Docs: LDAP Debug View documentation (#19513)
* Docs: Add information regarding the LDAP Debug View

* Add instructions to compress image when adding them to the documentation

* Add a troubleshooting section to the docs documentation
2019-10-01 09:18:59 +01:00
Jérémy Lugand
0516315620 Docs: Uppercase HTTP acronyms (#19317) 2019-09-23 16:07:11 +02:00
Bob Shannon
056dbc7012 OAuth: Support JMES path lookup when retrieving user email (#14683)
Add support for fetching e-mail with JMES path

Signed-off-by: Bob Shannon <bobs@dropbox.com>
2019-08-26 18:11:40 +02:00
gotjosh
6c699c0e50
Docs: Update Auth Proxy documentation (#18444)
Turns out, that behaviour was a bug we introduced as part of the LDAP
sync. It was squashed as part of #18298.
2019-08-08 07:55:20 +01:00
Alexander Zobnin
b47f0ff07f
OAuth: return GitLab groups as a part of user info (enable team sync) (#18388)
* GitLab OAuth: GetGroups refactor

* GitLab OAuth: fetch groups into UserInfo

* GitLab OAuth: minor refactor

* GitLab OAuth: team sync docs
2019-08-07 17:05:35 +03:00
Leonard Gram
14fb23f5a2
docs: team sync (#18239)
* docs: team sync

* docs: update team sync with regards to auth proxy

* Add a footnote on server-side session cache

* Docs: minor edits.
2019-07-26 11:22:27 +02:00
Oleg Gaidarenko
1e5fc76601
LDAP: improve POSIX support (#18235)
* LDAP: improve POSIX support

* Correctly abtain DN attributes result

* Allow more flexibility with comparison mapping between POSIX group & user

* Add devenv for POSIX LDAP server

* Correct the docs

Fixes #18140
2019-07-24 12:49:18 +03:00
gotjosh
87a794fe0a
Docs: Update documentation with new SAML features (#18163)
* Update defaults.ini and sample.ini with the SAML assertion mapping
fields

* Document Grafana's ability to map ACS attributes while a Grafana user is created
2019-07-23 09:20:07 +01:00
Alexander Zobnin
e47546d529
Docs: SAML idp_metadata_url option (#18181) 2019-07-18 18:45:59 +03:00
gotjosh
d006f7c916
Docs: SAML (#18069)
* docs: Link to SAML docs and document configuration options

- Document configuration options `defaults.ini` and `sample.ini`
- Add the SAML documentation
- Link to the SAML documentation from "what's new in 6.3"
2019-07-17 13:46:51 +01:00
Mikhail f. Shiryaev
5190949950 Docs: clarify the ttl units (#18039) 2019-07-11 12:48:24 +03:00
Torkel Ödegaard
6649c5d75b Docs: First draft of whats new in 6.3 (#17962)
* Docs: First draft of whats new in 6.3

* Docs: Updated whats new article

* Docs: typos

* docs: fix broken link, add links and update docs index

* Docs: whats new in enterprise
2019-07-10 13:40:32 +02:00
Oleg Gaidarenko
e2cf7c9698
LDAP: finishing touches (#17945)
* LDAP:Docs: `active_sync_enabled` setting

Mention `active_sync_enabled` setting and enable it by default

* LDAP: move "disableExternalUser" method

Idea behind new design of the LDAP module is to minimise conflation
between other parts of the system, so it would decoupled as much as
possible from stuff like database, HTTP transport and etc.

Following "Do One Thing and Do It Well" Unix philosophy principal, other things
could be better fitted on the consumer side of things.

Which what this commit trying to archive

* LDAP: correct user/admin binding

The second binding was not happening, so if the admin login/password
in LDAP configuration was correct, anyone could had login as anyone using
incorrect password
2019-07-05 17:49:00 +03:00
Torkel Ödegaard
d1588ec455
Docs: Added very basic docs about revoking user sessions (#17931)
* Docs: Added very basic docs that mention you can log yourself and other out

* Docs: fixed spelling issue
2019-07-05 08:20:21 +02:00
Torkel Ödegaard
57c220c93d
Docs: added version notice to new ldap feature docs (#17929) 2019-07-04 14:39:11 +02:00
Alexander Zobnin
c2affdee1e
OAuth: return github teams as a part of user info (enable team sync) (#17797)
* OAuth: github team sync POC

* OAuth: minor refactor of github module

* OAuth: able to use team shorthands for github team sync

* support passing a list of groups via auth-proxy header
2019-07-01 12:30:17 +03:00
Sofia Papagiannaki
dc9ec7dc91
Auth: Allow expiration of API keys (#17678)
* Modify backend to allow expiration of API Keys

* Add middleware test for expired api keys

* Modify frontend to enable expiration of API Keys

* Fix frontend tests

* Fix migration and add index for `expires` field

* Add api key tests for database access

* Substitude time.Now() by a mock for test usage

* Front-end modifications

* Change input label to `Time to live`
* Change input behavior to comply with the other similar
* Add tooltip

* Modify AddApiKey api call response

Expiration should be *time.Time instead of string

* Present expiration date in the selected timezone

* Use kbn for transforming intervals to seconds

* Use `assert` library for tests

* Frontend fixes

Add checks for empty/undefined/null values

* Change expires column from datetime to integer

* Restrict api key duration input

It should be interval not number

* AddApiKey must complain if SecondsToLive is negative

* Declare ErrInvalidApiKeyExpiration

* Move configuration to auth section

* Update docs

* Eliminate alias for models in modified files

* Omit expiration from api response if empty

* Eliminate Goconvey from test file

* Fix test

Do not sleep, use mocked timeNow() instead

* Remove index for expires from api_key table

The index should be anyway on both org_id and expires fields.
However this commit eliminates completely the index for now
since not many rows are expected to be in this table.

* Use getTimeZone function

* Minor change in api key listing

The frontend should display a message instead of empty string
if the key does not expire.
2019-06-26 09:47:03 +03:00
Oleg Gaidarenko
31d2905490 LDAP:Docs: add information on LDAP sync feature and update LDAP sync default (#17689)
* Docs: for LDAP active sync feature
2019-06-25 12:54:13 +02:00
Johannes Schill
3da8cff6e9
Chore: Hugo upgrade (#17494)
* Fix: Upgrade hugo wip

* Chore: Rename index to _index for latest hugo

* Chore: Use relative refs, no starting slash

* Feat: Add possibility to mount layouts from grafana.org project
2019-06-12 08:01:44 +02:00
Oleg Gaidarenko
23a941e880 Docs: Example for multiple LDAP servers (#17216)
Fixes #16898
2019-05-22 13:53:33 +02:00
Navaneesh Kumar
ccdc82b921
docs: Fix indentation level for OAuth2 config 2019-03-08 22:38:50 +05:30
Alexandre de Verteuil
1bbf7cc294
Fix heading levels in generic-oauth.md 2019-02-20 11:00:29 -05:00
Marcus Efraimsson
bc1aec9ea6
Merge pull request #15427 from grafana/15308_docs
Improved documentation of new short-lived token solution
2019-02-15 13:00:28 +01:00
Marcus Efraimsson
3fab4d6f8c
docs: fix typo 2019-02-13 19:52:27 +01:00
Marcus Efraimsson
3b0159bf84
docs: add availability note regarding non-compliant providers
ref #15408
2019-02-13 15:36:16 +01:00
bergquist
487e7b5ea6 removes cleanup setting from docs 2019-02-07 11:07:55 +01:00
Marcus Efraimsson
1a140ee199
run token cleanup job when grafana starts, then each hour 2019-02-06 22:27:08 +01:00
Marcus Efraimsson
85ef2ca738
fix spelling 2019-02-06 09:43:45 +01:00
Marcus Efraimsson
80d0943d9d
document login, short-lived tokens and secure cookie configurations 2019-02-05 21:10:56 +01:00