grafana

Commit Graph

Author	SHA1	Message	Date
J Guerreiro	5cb03d6e62	Separate API key store from SA token store (#45862 ) * ServiceAccounts: Fix token-apikey cross deletion * ServiceAccounts: separate API key store and service account token store * ServiceAccounts: hide service account tokens from API Keys page * ServiceAccounts: uppercase statement * ServiceAccounts: fix and add new tests for SAT store * ServiceAccounts: remove service account ID from add API key * ServiceAccounts: clear up errors	3 years ago
J Guerreiro	94820e1f29	Add/Delete API keys to Service accounts (#44871 ) * ServiceAccounts: move token handlers to specific file * ServiceAccounts: move Add API key to Service account * APIKeys: api keys can still be used even when service accounts are enabled * APIKeys: legacy endpoint can't be used to add SA tokens * ServiceAccount: add tests for creation with nil and non-nil service account ids * ServiceAccounts: fix unnasigned cfg and AC typo * Test: test service account token adding * fix linting error * ServiceAccounts: Handle Token deletion * rename token funcs * rename token funcs and api wrapping * add token deletion tests * review Co-authored-by: eleijonmarck <eric.leijonmarck@gmail.com> * remove bus * Update pkg/api/apikey.go Co-authored-by: eleijonmarck <eric.leijonmarck@gmail.com>	3 years ago
Jeremy Price	e894837b7e	Accesscontrol: Remove service account creation code from addapikey (#43900 ) * Remove service account creation code from addapikey Co-authored-by: J Guerreiro <joao.guerreiro@grafana.com>	4 years ago
Jeremy Price	6dbb6408d4	Access Control: Add service accounts (#38994 ) * Add extra fields to OSS types to support enterprise * Create a service account at the same time as the API key * Use service account credentials when accessing API with APIkey * Add GetRole to service, merge RoleDTO and Role structs This patch merges the identical OSS and Enterprise data structures, which improves the code for two reasons: 1. Makes switching between OSS and Enterprise easier 2. Reduces the chance of incompatibilities developing between the same functions in OSS and Enterprise * If API key is not linked to a service account, continue login as usual * Fallback to old auth if no service account linked to key * Add CloneUserToServiceAccount * Adding LinkAPIKeyToServiceAccount * Handle api key link error * Better error messages for OSS accesscontrol * Set an invalid user id as default * Re-arrange field names * ServiceAccountId is integer * Better error messages Co-authored-by: Hugo Häggmark <hugo.haggmark@grafana.com> Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com> Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> Co-authored-by: Ieva <ieva.vasiljeva@grafana.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>	4 years ago
Christian Haudum	076e2ce06a	Return 404 when deleting non-existing API key (#33346 ) The server needs to return a HTTP 404 (Not Found) when an API key that does not exist is deleted.	4 years ago
Arve Knudsen	4dd7b7a82d	Chore: Remove unused Go code (#28852 ) * Chore: Remove more unused Go code Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>	5 years ago
Arve Knudsen	3d3a7cbba8	Chore: Fix staticcheck issues (#28860 ) * Chore: Fix issues reported by staticcheck Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Undo changes Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Chore: Fix issues reported by staticcheck Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Fix test Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Fix test Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>	5 years ago
Sofia Papagiannaki	d1c523838b	API: Optionally list expired keys (#20468 ) * API: Optionally list expired keys * Update docs	6 years ago
Anthony Templeton	3680b95b44	Auth: Duplicate API Key Name Handle With Useful HTTP Code (#17905 ) * API: Duplicate API Key Name Handle With Useful HTTP Code * 17447: make changes requested during review - use dialect.IsUniqueContraintViolation - change if statement to match others - return error properly * Revert "17447: make changes requested during review" This reverts commit `a4a674ea83`. * API: useful http code on duplicate api key error w/ tests * API: API Key Duplicate Handling fixed small typo associated with error	6 years ago
Sofia Papagiannaki	dc9ec7dc91	Auth: Allow expiration of API keys (#17678 ) * Modify backend to allow expiration of API Keys * Add middleware test for expired api keys * Modify frontend to enable expiration of API Keys * Fix frontend tests * Fix migration and add index for `expires` field * Add api key tests for database access * Substitude time.Now() by a mock for test usage * Front-end modifications * Change input label to `Time to live` * Change input behavior to comply with the other similar * Add tooltip * Modify AddApiKey api call response Expiration should be time.Time instead of string Present expiration date in the selected timezone * Use kbn for transforming intervals to seconds * Use `assert` library for tests * Frontend fixes Add checks for empty/undefined/null values * Change expires column from datetime to integer * Restrict api key duration input It should be interval not number * AddApiKey must complain if SecondsToLive is negative * Declare ErrInvalidApiKeyExpiration * Move configuration to auth section * Update docs * Eliminate alias for models in modified files * Omit expiration from api response if empty * Eliminate Goconvey from test file * Fix test Do not sleep, use mocked timeNow() instead * Remove index for expires from api_key table The index should be anyway on both org_id and expires fields. However this commit eliminates completely the index for now since not many rows are expected to be in this table. * Use getTimeZone function * Minor change in api key listing The frontend should display a message instead of empty string if the key does not expire.	6 years ago
Torkel Ödegaard	059db533d5	HTTP API: grafana /render calls nows with api keys, Fixes #1649	10 years ago
Torkel Ödegaard	c75aa23092	New implementation for API Keys that only stores hashed api keys, and the client key is base64 decoded json web token with the unhashed key, Closes #1440	10 years ago
Torkel Ödegaard	26e4809e2e	Big Backend Refatoring: Renamed Account -> Org	10 years ago
Torkel Ödegaard	5269422f7c	Began work on hashing api keys	11 years ago
Torkel Ödegaard	23bbc5160e	Fixed validation for adding api keys, added unique index for api key name + account_id	11 years ago
Torkel Ödegaard	951ce0a102	API token -> API key rename	11 years ago

17 Commits (#45948-entity-events-trigger)