mirror of
https://github.com/grafana/grafana.git
synced 2024-11-30 20:54:22 -06:00
610999cfa2
* Add revoked_at field to user auth token to allow soft revokes * Allow soft token revocations * Update token revocations and tests * Return error info on revokedTokenErr * Override session cookie only when no revokedErr nor API request * Display modal on revoked token error * Feedback: Refactor TokenRevokedModal to FC * Add GetUserRevokedTokens into UserTokenService * Backendsrv: adds tests and refactors soft token path * Apply feedback * Write redirect cookie on token revoked error * Update TokenRevokedModal style * Return meaningful error info * Some UI changes * Update backend_srv tests * Minor style fix on backend_srv tests * Replace deprecated method usage to publish events * Fix backend_srv tests * Apply suggestions from code review Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com> * Apply suggestions from code review * Apply suggestions from code review Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com> * Minor style fix after PR suggestion commit * Apply suggestions from code review Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com> * Prettier fixes Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com> Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>
107 lines
4.4 KiB
Go
107 lines
4.4 KiB
Go
package auth
|
|
|
|
import (
|
|
"context"
|
|
"net"
|
|
|
|
"github.com/grafana/grafana/pkg/models"
|
|
)
|
|
|
|
type FakeUserAuthTokenService struct {
|
|
CreateTokenProvider func(ctx context.Context, user *models.User, clientIP net.IP, userAgent string) (*models.UserToken, error)
|
|
TryRotateTokenProvider func(ctx context.Context, token *models.UserToken, clientIP net.IP, userAgent string) (bool, error)
|
|
LookupTokenProvider func(ctx context.Context, unhashedToken string) (*models.UserToken, error)
|
|
RevokeTokenProvider func(ctx context.Context, token *models.UserToken, soft bool) error
|
|
RevokeAllUserTokensProvider func(ctx context.Context, userId int64) error
|
|
ActiveAuthTokenCount func(ctx context.Context) (int64, error)
|
|
GetUserTokenProvider func(ctx context.Context, userId, userTokenId int64) (*models.UserToken, error)
|
|
GetUserTokensProvider func(ctx context.Context, userId int64) ([]*models.UserToken, error)
|
|
GetUserRevokedTokensProvider func(ctx context.Context, userId int64) ([]*models.UserToken, error)
|
|
BatchRevokedTokenProvider func(ctx context.Context, userIds []int64) error
|
|
}
|
|
|
|
func NewFakeUserAuthTokenService() *FakeUserAuthTokenService {
|
|
return &FakeUserAuthTokenService{
|
|
CreateTokenProvider: func(ctx context.Context, user *models.User, clientIP net.IP, userAgent string) (*models.UserToken, error) {
|
|
return &models.UserToken{
|
|
UserId: 0,
|
|
UnhashedToken: "",
|
|
}, nil
|
|
},
|
|
TryRotateTokenProvider: func(ctx context.Context, token *models.UserToken, clientIP net.IP, userAgent string) (bool, error) {
|
|
return false, nil
|
|
},
|
|
LookupTokenProvider: func(ctx context.Context, unhashedToken string) (*models.UserToken, error) {
|
|
return &models.UserToken{
|
|
UserId: 0,
|
|
UnhashedToken: "",
|
|
}, nil
|
|
},
|
|
RevokeTokenProvider: func(ctx context.Context, token *models.UserToken, soft bool) error {
|
|
return nil
|
|
},
|
|
RevokeAllUserTokensProvider: func(ctx context.Context, userId int64) error {
|
|
return nil
|
|
},
|
|
BatchRevokedTokenProvider: func(ctx context.Context, userIds []int64) error {
|
|
return nil
|
|
},
|
|
ActiveAuthTokenCount: func(ctx context.Context) (int64, error) {
|
|
return 10, nil
|
|
},
|
|
GetUserTokenProvider: func(ctx context.Context, userId, userTokenId int64) (*models.UserToken, error) {
|
|
return nil, nil
|
|
},
|
|
GetUserTokensProvider: func(ctx context.Context, userId int64) ([]*models.UserToken, error) {
|
|
return nil, nil
|
|
},
|
|
}
|
|
}
|
|
|
|
// Init initializes the service.
|
|
// Required for dependency injection.
|
|
func (s *FakeUserAuthTokenService) Init() error {
|
|
return nil
|
|
}
|
|
|
|
func (s *FakeUserAuthTokenService) CreateToken(ctx context.Context, user *models.User, clientIP net.IP, userAgent string) (*models.UserToken, error) {
|
|
return s.CreateTokenProvider(context.Background(), user, clientIP, userAgent)
|
|
}
|
|
|
|
func (s *FakeUserAuthTokenService) LookupToken(ctx context.Context, unhashedToken string) (*models.UserToken, error) {
|
|
return s.LookupTokenProvider(context.Background(), unhashedToken)
|
|
}
|
|
|
|
func (s *FakeUserAuthTokenService) TryRotateToken(ctx context.Context, token *models.UserToken, clientIP net.IP,
|
|
userAgent string) (bool, error) {
|
|
return s.TryRotateTokenProvider(context.Background(), token, clientIP, userAgent)
|
|
}
|
|
|
|
func (s *FakeUserAuthTokenService) RevokeToken(ctx context.Context, token *models.UserToken, soft bool) error {
|
|
return s.RevokeTokenProvider(context.Background(), token, soft)
|
|
}
|
|
|
|
func (s *FakeUserAuthTokenService) RevokeAllUserTokens(ctx context.Context, userId int64) error {
|
|
return s.RevokeAllUserTokensProvider(context.Background(), userId)
|
|
}
|
|
|
|
func (s *FakeUserAuthTokenService) ActiveTokenCount(ctx context.Context) (int64, error) {
|
|
return s.ActiveAuthTokenCount(context.Background())
|
|
}
|
|
|
|
func (s *FakeUserAuthTokenService) GetUserToken(ctx context.Context, userId, userTokenId int64) (*models.UserToken, error) {
|
|
return s.GetUserTokenProvider(context.Background(), userId, userTokenId)
|
|
}
|
|
|
|
func (s *FakeUserAuthTokenService) GetUserTokens(ctx context.Context, userId int64) ([]*models.UserToken, error) {
|
|
return s.GetUserTokensProvider(context.Background(), userId)
|
|
}
|
|
|
|
func (s *FakeUserAuthTokenService) GetUserRevokedTokens(ctx context.Context, userId int64) ([]*models.UserToken, error) {
|
|
return s.GetUserRevokedTokensProvider(context.Background(), userId)
|
|
}
|
|
|
|
func (s *FakeUserAuthTokenService) BatchRevokeAllUserTokens(ctx context.Context, userIds []int64) error {
|
|
return s.BatchRevokedTokenProvider(ctx, userIds)
|
|
}
|