grafana

mirror of https://github.com/grafana/grafana.git synced 2024-11-23 09:26:43 -06:00

History

Karl Persson 382b24742a Auth: Add feature flag to move token rotation to client (#65060 ) * FeatureToggle: Add toggle to use a new way of rotating tokens * API: Add endpoints to perform token rotation, one endpoint for api request and one endpoint for redirectsd * Auth: Aling not authorized handling between auth middleware and access control middleware * API: add utility function to get redirect for login * API: Handle token rotation redirect for login page * Frontend: Add job scheduling for token rotation and make call to token rotation as fallback in retry request * ContextHandler: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * AuthN: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * Cookies: Add option NotHttpOnly * AuthToken: Add helper function to get next rotation time and another function to check if token need to be rotated * AuthN: Add function to delete session cookie and set expiry cookie Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>	2023-03-23 14:39:04 +01:00
..
user_token_test.go	Auth: Add feature flag to move token rotation to client (#65060 )	2023-03-23 14:39:04 +01:00
user_token.go	Auth: Add feature flag to move token rotation to client (#65060 )	2023-03-23 14:39:04 +01:00

Auth: Add feature flag to move token rotation to client (#65060 )

* FeatureToggle: Add toggle to use a new way of rotating tokens

* API: Add endpoints to perform token rotation, one endpoint for api request and one endpoint for redirectsd

* Auth: Aling not authorized handling between auth middleware and access
control middleware

* API: add utility function to get redirect for login

* API: Handle token rotation redirect for login page

* Frontend: Add job scheduling for token rotation and make call to token rotation as fallback in retry request

* ContextHandler: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated

* AuthN: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated

* Cookies: Add option NotHttpOnly

* AuthToken: Add helper function to get next rotation time and another function to check if token need to be rotated

* AuthN: Add function to delete session cookie and set expiry cookie

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

2023-03-23 14:39:04 +01:00

user_token_test.go

Auth: Add feature flag to move token rotation to client (#65060 )

2023-03-23 14:39:04 +01:00

user_token.go

Auth: Add feature flag to move token rotation to client (#65060 )

2023-03-23 14:39:04 +01:00