mirror of
https://github.com/grafana/grafana.git
synced 2025-01-09 23:53:25 -06:00
6f62d970e3
* merge JSON search logic * document public methods * improve test coverage * use separate JWT setting struct * correct use of cfg.JWTAuth * add group tests * fix DynMap typing * add settings to default ini * add groups option to devenv path * fix test * lint * revert jwt-proxy change * remove redundant check * fix parallel test
49 lines
2.0 KiB
Go
49 lines
2.0 KiB
Go
package setting
|
|
|
|
import "time"
|
|
|
|
type AuthJWTSettings struct {
|
|
// JWT Auth
|
|
Enabled bool
|
|
HeaderName string
|
|
URLLogin bool
|
|
EmailClaim string
|
|
UsernameClaim string
|
|
ExpectClaims string
|
|
JWKSetURL string
|
|
CacheTTL time.Duration
|
|
KeyFile string
|
|
KeyID string
|
|
JWKSetFile string
|
|
AutoSignUp bool
|
|
RoleAttributePath string
|
|
RoleAttributeStrict bool
|
|
AllowAssignGrafanaAdmin bool
|
|
SkipOrgRoleSync bool
|
|
GroupsAttributePath string
|
|
}
|
|
|
|
func (cfg *Cfg) readAuthJWTSettings() {
|
|
jwtSettings := AuthJWTSettings{}
|
|
authJWT := cfg.Raw.Section("auth.jwt")
|
|
jwtSettings.Enabled = authJWT.Key("enabled").MustBool(false)
|
|
jwtSettings.HeaderName = valueAsString(authJWT, "header_name", "")
|
|
jwtSettings.URLLogin = authJWT.Key("url_login").MustBool(false)
|
|
jwtSettings.EmailClaim = valueAsString(authJWT, "email_claim", "")
|
|
jwtSettings.UsernameClaim = valueAsString(authJWT, "username_claim", "")
|
|
jwtSettings.ExpectClaims = valueAsString(authJWT, "expect_claims", "{}")
|
|
jwtSettings.JWKSetURL = valueAsString(authJWT, "jwk_set_url", "")
|
|
jwtSettings.CacheTTL = authJWT.Key("cache_ttl").MustDuration(time.Minute * 60)
|
|
jwtSettings.KeyFile = valueAsString(authJWT, "key_file", "")
|
|
jwtSettings.KeyID = authJWT.Key("key_id").MustString("")
|
|
jwtSettings.JWKSetFile = valueAsString(authJWT, "jwk_set_file", "")
|
|
jwtSettings.AutoSignUp = authJWT.Key("auto_sign_up").MustBool(false)
|
|
jwtSettings.RoleAttributePath = valueAsString(authJWT, "role_attribute_path", "")
|
|
jwtSettings.RoleAttributeStrict = authJWT.Key("role_attribute_strict").MustBool(false)
|
|
jwtSettings.AllowAssignGrafanaAdmin = authJWT.Key("allow_assign_grafana_admin").MustBool(false)
|
|
jwtSettings.SkipOrgRoleSync = authJWT.Key("skip_org_role_sync").MustBool(false)
|
|
jwtSettings.GroupsAttributePath = valueAsString(authJWT, "groups_attribute_path", "")
|
|
|
|
cfg.JWTAuth = jwtSettings
|
|
}
|