* add root and client certificate value fields for LDAP
* update error messages for connection error
* add LDAP fallback strategy for SSO settings service
* fix params for sso service provider
* fix params for sso service provider
* sort imports
* sort imports
* replace json.Number with int64 in config map
* remove type assertions
* Social: link to OrgRoleMapper
* OIDC: support Generic Oauth org to role mappings
Fixes: #73448
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
* Handle when getAllOrgs fails in the org_role_mapper
* Add more tests
* OIDC: ensure orgs are evaluated from API when not from token
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
* OIDC: ensure AutoAssignOrg is applied with OrgMapping without RoleAttributeStrict
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
* Extend docs
* Fix test, lint
---------
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
* Feature Flags: use FeatureToggles interface where possible
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* Replace TestFeatureToggles with existing WithFeatures
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
---------
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* replace sqlstore with db interface in a few packages
* remove from stats
* remove sqlstore in admin test
* remove sqlstore from api plugin tests
* fix another createUser
* remove sqlstore in publicdashboards
* remove sqlstore from orgs
* clean up orguser test
* more clean up in sso
* clean up service accounts
* further cleanup
* more cleanup in accesscontrol
* last cleanup in accesscontrol
* clean up teams
* more removals
* split cfg from db in testenv
* few remaining fixes
* fix test with bus
* pass cfg for testing inside db as an option
* set query retries when no opts provided
* revert golden test data
* rebase and rollback
* add strategy and tests
* use settings provider service and remove multiple providers strategy
* Move SAML strategy to ssosettings service
* Update codeowners file
* reload from settings provider
* add saml as configurable provider
* Add new SAML strategy
* rename old saml settings interface
* update saml string references
* use OSS license
* validate saml provider depends on license for List
* add tests for list rendering including saml
* change the licensing validation to service init
* replace service struct for provider
* fix mergeSettings() in case the db contains empty strings
* use correct github urls in test
* overwrite only urls
* update comment for mergeSettings()
* add strategy and tests
* use settings provider service and remove multiple providers strategy
* update codeowners file
* reload from settings provider
* query OAuth info from a new instance
* add `hd` validation flag
* add `disable_hd_validation` to settings map
* update documentation
---------
Co-authored-by: Jo <joao.guerreiro@grafana.com>
* streamline initialization of test databases, support on-disk sqlite test db
* clean up test databases
* introduce testsuite helper
* use testsuite everywhere we use a test db
* update documentation
* improve error handling
* disable entity integration test until we can figure out locking error
* Chore: Fix data race within tests of SSO Setting implementation
* Chore: fix data race within tests to allow parallel testing
* Chore: rollback changes runtime code to test a different approach
* Chore: Fix data race in SSO Setting implementation Upsert method
* Chore: fix typo in comment
* Reload after deletion of the current settings
* Add grafana_ssosettings_setting_reload_failure_total counter
* Returns successfully if data reload failed
* Add AuthNSvc reload handling
* Working, need to add test
* Remove commented out code
* Add Reload implementation to connectors
* Align and add tests, refactor
* Add more tests, linting
* Add extra checks + tests to oauth client
* Clean up based on reviews
* Move config instantiation into newSocialBase
* Use specific error
* first touches
* Merge missing SSO settings to support Advanced Auth pages
* fix
* Update secrets correctly
* Add test for upsert with redactedsecret
* Verify decryption in the List tests
* reload SSO settings for HA setups
* remove check for grafana HA
* add unit tests
* fetch all sso settings with one sql query
* register background service
* Return data in camelCase from the OAuth fb strategy
* changes
* wip
* Add defaults for oauth fb strategy
* revert other changes
* basic includeDefaults query param implementation
* basic secret removal and etag implementation
* correct imports
* rebase
* move default settings filter to models
* only replace ClientSecret value if set
* first GetForProvider test & use FNV for ETag to avoid Blocklisted import error
* add tests
* add annotation for the openapi spec & generate spec
* remove TODO
* use IsSecret, improve tests, remove DefaultOAuthSettings
* add comment explaining generateFNVETag
* add error handling for generateFNVETag
* run go generate
* Update pkg/services/ssosettings/api/api.go
Co-authored-by: Mihai Doarna <mihai.doarna@grafana.com>
* move isSecret to service, create GetForProviderWithRedactedSecrets func
* add unit test for GetForProviderWithRedactedSecrets & remove duplicated code
* regen openapi/swagger
* revert dependency bumps
---------
Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
Co-authored-by: Mihai Doarna <mihai.doarna@grafana.com>
* merge with system settings before storing them in the db
* add base for validating sso settings
* add unit tests for sso settings validation
* call Reload() from sso service upsert()
* remove actual validation because it was moved in a separate pr
* use constant to fix lint error
* check if provider is configurable in service Upsert() method
* add unit tests for update provider settings api method
* fix lint error
