IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity
edf1775d49
grafana/pkg/services/authn/clients
History
Gabriel MABILLE edf1775d49
AuthN: Embed an OAuth2 server for external service authentication (#68086) 
* Moving POC files from #64283 to a new branch

Co-authored-by: Mihály Gyöngyösi <mgyongyosi@users.noreply.github.com>

* Adding missing permission definition

Co-authored-by: Mihály Gyöngyösi <mgyongyosi@users.noreply.github.com>

* Force the service instantiation while client isn't merged

Co-authored-by: Mihály Gyöngyösi <mgyongyosi@users.noreply.github.com>

* Merge conf with main

Co-authored-by: Mihály Gyöngyösi <mgyongyosi@users.noreply.github.com>

* Leave go-sqlite3 version unchanged

Co-authored-by: Mihály Gyöngyösi <mgyongyosi@users.noreply.github.com>

* tidy

Co-authored-by: Mihály Gyöngyösi <mgyongyosi@users.noreply.github.com>

* User SearchUserPermissions instead of SearchUsersPermissions

* Replace DummyKeyService with signingkeys.Service

* Use user🆔<id> as subject

* Fix introspection endpoint issue

* Add X-Grafana-Org-Id to get_resources.bash script

* Regenerate toggles_gen.go
* Fix basic.go

* Add GetExternalService tests

* Add GetPublicKeyScopes tests

* Add GetScopesOnUser tests

* Add GetScopes tests

* Add ParsePublicKeyPem tests

* Add database test for GetByName

* re-add comments

* client tests added

* Add GetExternalServicePublicKey tests

* Add other test case to GetExternalServicePublicKey

* client_credentials grant test

* Add test to jwtbearer grant

* Test Comments

* Add handleKeyOptions tests

* Add RSA key generation test

* Add ECDSA by default to EmbeddedSigningKeysService

* Clean up org id scope and audiences

* Add audiences to the DB

* Fix check on Audience

* Fix double import

* Add AC Store mock and align oauthserver tests

* Fix test after rebase

* Adding missing store function to mock

* Fix double import

* Add CODEOWNER

* Fix some linting errors

* errors don't need type assertion

* Typo codeowners

* use mockery for oauthserver store

* Add feature toggle check

* Fix db tests to handle the feature flag

* Adding call to DeleteExternalServiceRole

* Fix flaky test

* Re-organize routes comments and plan futur work

* Add client_id check to Extended JWT client

* Clean up

* Fix

* Remove background service registry instantiation of the OAuth server

* Comment cleanup

* Remove unused client function

* Update go.mod to use the latest ory/fosite commit

* Remove oauth2_server related configs from defaults.ini

* Add audiences to DTO

* Fix flaky test

* Remove registration endpoint and demo scripts. Document code

* Rename packages

* Remove the OAuthService vs OAuthServer confusion

* fix incorrect import ext_jwt_test

* Comments and order

* Comment basic auth

* Remove unecessary todo

* Clean api

* Moving ParsePublicKeyPem to utils

* re ordering functions in service.go

* Fix comment

* comment on the redirect uri

* Add RBAC actions, not only scopes

* Fix tests

* re-import featuremgmt in migrations

* Fix wire

* Fix scopes in test

* Fix flaky test

* Remove todo, the intersection should always return the minimal set

* Remove unecessary check from intersection code

* Allow env overrides on settings

* remove the term app name

* Remove app keyword for client instead and use Name instead of ExternalServiceName

* LogID remove ExternalService ref

* Use Name instead of ExternalServiceName

* Imports order

* Inline

* Using ExternalService and ExternalServiceDTO

* Remove xorm tags

* comment

* Rename client files

* client -> external service

* comments

* Move test to correct package

* slimmer test

* cachedUser -> cachedExternalService

* Fix aggregate store test

* PluginAuthSession -> AuthSession

* Revert the nil cehcks

* Remove unecessary extra

* Removing custom session

* fix typo in test

* Use constants for tests

* Simplify HandleToken tests

* Refactor the HandleTokenRequest test

* test message

* Review test

* Prevent flacky test on client as well

* go imports

* Revert changes from 526e48ad45

* AuthN: Change the External Service registration form (#68649)

* AuthN: change the External Service registration form

* Gen default permissions

* Change demo script registration form

* Remove unecessary comment

* Nit.

* Reduce cyclomatic complexity

* Remove demo_scripts

* Handle case with no service account

* Comments

* Group key gen

* Nit.

* Check the SaveExternalService test

* Rename cachedUser to cachedClient in test

* One more test case to database test

* Comments

* Remove last org scope

Co-authored-by: Mihály Gyöngyösi <mgyongyosi@users.noreply.github.com>

* Update pkg/services/oauthserver/utils/utils_test.go

* Update pkg/services/sqlstore/migrations/oauthserver/migrations.go

Remove comment

* Update pkg/setting/setting.go

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>

---------

Co-authored-by: Mihály Gyöngyösi <mgyongyosi@users.noreply.github.com>
2023-05-25 15:38:30 +02:00
..
anonymous_test.go Authn: Anon session service (#63052) 2023-02-21 16:21:18 +01:00
anonymous.go AnonymousAuth: Fix concurrent read-write crash (#68637) 2023-05-22 13:27:28 +02:00
api_key_test.go ApiKeyGenPrefix: rename package (#65623) 2023-03-30 17:04:10 +02:00
api_key.go ApiKeyGenPrefix: rename package (#65623) 2023-03-30 17:04:10 +02:00
basic_test.go Chore: Fix goimports grouping (#62426) 2023-01-30 09:34:18 +01:00
basic.go AuthN: Embed an OAuth2 server for external service authentication (#68086) 2023-05-25 15:38:30 +02:00
constants.go AuthN: Perform login with authn.Service (#61466) 2023-01-17 09:11:45 +01:00
ext_jwt_test.go AuthN: Embed an OAuth2 server for external service authentication (#68086) 2023-05-25 15:38:30 +02:00
ext_jwt.go AuthN: Embed an OAuth2 server for external service authentication (#68086) 2023-05-25 15:38:30 +02:00
form_test.go AuthN: Perform login with authn.Service (#61466) 2023-01-17 09:11:45 +01:00
form.go AuthN: Rebuild Authenticate so we only have to call it once in context handler (#61705) 2023-01-26 10:50:44 +01:00
grafana_test.go Auth: Add SyncPermissions post auth hook (#64205) 2023-03-08 13:35:54 +01:00
grafana.go Auth: Add SyncPermissions post auth hook (#64205) 2023-03-08 13:35:54 +01:00
jwt_test.go AuthJWT: Fix JWT query param leak (CVE-2023-1387) (#825) 2023-04-27 14:40:44 +03:00
jwt.go AuthJWT: Fix JWT query param leak (CVE-2023-1387) (#825) 2023-04-27 14:40:44 +03:00
ldap_test.go Auth: Add SyncPermissions post auth hook (#64205) 2023-03-08 13:35:54 +01:00
ldap.go Auth: Add SyncPermissions post auth hook (#64205) 2023-03-08 13:35:54 +01:00
oauth_test.go AuthN: add flag for org roles sync (#63507) 2023-02-22 10:27:48 +01:00
oauth.go Auth: Add SyncPermissions post auth hook (#64205) 2023-03-08 13:35:54 +01:00
password_test.go Chore: Fix goimports grouping (#62426) 2023-01-30 09:34:18 +01:00
password.go AuthN: cleanup logs (#63652) 2023-02-24 11:26:55 +01:00
proxy_test.go Remotecache: rename setbytearray/getbytearray to set/get and remove codec (#64470) 2023-03-10 13:57:29 +01:00
proxy.go Remotecache: rename setbytearray/getbytearray to set/get and remove codec (#64470) 2023-03-10 13:57:29 +01:00
render_test.go Auth: Add SyncPermissions post auth hook (#64205) 2023-03-08 13:35:54 +01:00
render.go Auth: Add SyncPermissions post auth hook (#64205) 2023-03-08 13:35:54 +01:00
session_test.go Auth: Add feature flag to move token rotation to client (#65060) 2023-03-23 14:39:04 +01:00
session.go AuthN: Tune logs in client (#65714) 2023-03-31 16:43:24 +02:00
utils.go AuthN: add flag for org roles sync (#63507) 2023-02-22 10:27:48 +01:00