grafana

Commit Graph

Author	SHA1	Message	Date
Misi	bd7850853e	Auth: Attach external session info to Grafana session (#93849 ) * initial from poc changes * wip * Remove public external session service * Update swagger * Fix merge * Cleanup * Add backgroud service for cleanup * Add auth_module to user_external_session * Add tests for token revocation functions * Add secret migration capabilities for user_external_session fields * Cleanup, refactor to address feedback * Fix test	8 months ago
linoman	eecd56659c	LDAP: SSO Configuration page (#91875 ) * Init screen for LDAP UI * add ldap drawer * update routes * update definitions * add definitions for ldap configurations * improve readibility * remove whitespace * clean up * Adjust LdapSettingsPage * adjust form autocomplete from backend call	9 months ago
Mihai Doarna	b4db8bb967	LDAP: Remove omitempty flag from json annotation (#91843 ) * remove omitempty flag from json annotation * fix unit test	9 months ago
Alexander Zobnin	87d86e81ce	Zanzana: Evaluate permissions alongside with RBAC engine (#90064 ) * Zanzana: Evaluate permissions if feature flag enabled * Fix tests * adjust logs * fix spelling * remove unused * only evaluate implemented resources * refactor	11 months ago
Mihai Doarna	48e6e9a36c	LDAP: Compute values when reloading LDAP settings (#90059 ) * compute values when reloading LDAP settings * remove grafana-cli/logger dependency * export defaultTimeout from ldap package * add server host to logs	11 months ago
Mihai Doarna	dfabc878f3	LDAP: Remove duplicate code (#90066 ) remove duplicate readConfig() function from LDAP	11 months ago
Mihai Doarna	e299621766	LDAP: Fix LDAP config cache (#89998 ) * initialize LDAP config cache * check err is nil * return the config from cache only if the config file has not been modified * rename var from test	11 months ago
Mihai Doarna	e7780c9c9c	SSO: Add more LDAP config validations for SSO settings (#90036 ) add more LDAP config validations for SSO settings	11 months ago
Jeff Levin	cfe8317d45	Add auth spans and remove deduplication code for scopes (#89804 ) Adds more spans for timing in accesscontrol and remove permission deduplicating code after benchmarking --------- Signed-off-by: Dave Henderson <dave.henderson@grafana.com> Co-authored-by: Dave Henderson <dave.henderson@grafana.com> Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>	11 months ago
Mihai Doarna	02b0b7af16	SSO: Add basic validation rules for LDAP settings (#89548 ) add basic validation rules for LDAP settings	11 months ago
Mihai Doarna	d074cc7892	Auth: Implement reload function for LDAP (#89267 ) * keep config in a separate struct in LDAP * implement reload function for LDAP * remove param from sso service constructor * update unit tests * add feature flag * remove nil params * address feedback * add unit test for disabled config	11 months ago
Mihai Doarna	32d21356b9	Auth: Keep config in a separate struct in LDAP (#89149 ) keep config in a separate struct in LDAP	11 months ago
Ryan McKinley	99d8025829	Chore: Move identity and errutil to apimachinery module (#89116 )	12 months ago
Mihai Doarna	3d40caf819	SSO: Add LDAP fallback strategy for SSO settings service (#88905 ) * add root and client certificate value fields for LDAP * update error messages for connection error * add LDAP fallback strategy for SSO settings service * fix params for sso service provider * fix params for sso service provider * sort imports * sort imports * replace json.Number with int64 in config map * remove type assertions	12 months ago
Mihai Doarna	0f936e2939	Auth: Add root and client certificate value fields in LDAP config (#88746 ) * add root and client certificate value fields for LDAP * update error messages for connection error	12 months ago
Ieva	167151b211	Chore: Remove use of deprecated method in AC code (#87541 ) * switch from using cfg to using featuremgmt for checking a feature toggle in AC code * merge test fixes	1 year ago
Karl Persson	0f06120b56	User: Clean up update functions (#86341 ) * User: remove unused function * User: Remove UpdatePermissions and support IsGrafanaAdmin flag in Update function instead * User: Remove Disable function and use Update instead	1 year ago
Karl Persson	8520892923	User: Fix GetByID (#86282 ) * Auth: Remove unused lookup param * Remove case sensitive lookup for GetByID	1 year ago
Misi	4c12d77b98	Util: Support parsing and splitting strings enclosed in quotes in util.SplitString (#85735 ) * Support parsing string enclosed in quotation marks in util.SplitString * Support mixed formats of string list	1 year ago
김은빈	96dfb385ca	Grafana: Replace magic number with a constant variable in response status (#80132 ) * Chore: Replace response status with const var * Apply suggestions from code review Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com> * Add net/http import --------- Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>	1 year ago
Karl Persson	1eb19befaa	Login: refactor auth info package (#78459 ) * Remove unused stats and metrics * No longer collect metrics * Remove unused dependency * Move database from sub package	2 years ago
Kyle Brandt	e4d1fdc3d0	Errors: Make errors the same in dev as prod (#77366 ) When running in dev mode, error messages would contain an additional "error" property alongside "message". Since this causes confusion, that has been removed and now error messages are the same both modes (using "message").	2 years ago
Gabriel MABILLE	0ed649b108	AuthN: Change EnableDisabledUserHook to EnableUserHook (#75248 ) * Replace the enable disable user hook by a hook that systematically enable users * Fix tests * Remove the skip test	2 years ago
Serge Zaitsev	8187d8cb66	Chore: capitalise log message for auth packages (#74332 )	2 years ago
Ryan McKinley	025b2f3011	Chore: use any rather than interface{} (#74066 )	2 years ago
Gabriel MABILLE	9e52414a91	LDAP: Fix active sync with large quantities of users (#73834 )	2 years ago
Karl Persson	1976ac0695	LDAP: use authn.IdentitySynchronizer to perform user sync (#73471 ) * LDAP: use authn.IdentitySynchronizer to perform sync instaed of login.Service * use user id as lookup param	2 years ago
Jo	932c24986d	Auth: Resolve isGrafanaAdmin for debug logging (#71145 ) resolve isGrafanaAdmin for debug logging	2 years ago
Ieva	4980b64274	RBAC: Remove legacy ac from authorization middleware (#68898 ) remove legacy AC fallback from RBAC middleware, and some unused auth logic	2 years ago
venkatbvc	b9e53f628f	HTTP: Add TLS version configurability for Grafana server (#67482 ) Co-authored-by: Rao B V Chalapathi <b_v_chalapathi.rao@nokia.com> Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>	2 years ago
Ieva	94cc93cc83	LDAP: Always synchronize Server Admin role through role sync if role sync is enabled (#58820 ) fix a bug with role sync	2 years ago
Serge Zaitsev	a38f230d37	Chore: Remove result fields from login (#65136 ) * remove result fields from login * fix tests * fix tests * another shadowing	2 years ago
Eric Leijonmarck	3cd952b8ba	Auth: Fix orgrole picker disabled if isSynced user (#64033 ) * fix: disable orgrolepicker if externaluser is synced * add disable to role picker * just took me 2 hours to center the icon * wip * fix: check externallySyncedUser for API call * remove check from store * add: tests * refactor authproxy and made tests run * add: feature toggle * set feature toggle for tests * add: IsProviderEnabled * refactor: featuretoggle name * IsProviderEnabled tests * add specific tests for isProviderEnabled * fix: org_user tests * add: owner to featuretoggle * add missing authlabels * remove fmt * feature toggle * change config * add test for a different authmodule * test refactor * gen feature toggle again * fix basic auth user able to change the org role * test for basic auth role * make err.base to error * lowered lvl of log and input mesg	2 years ago
Jo	7e97dbde65	LDAP: Allow setting minimum TLS version and accepted ciphers (#63646 ) * update ldap library and use go module path * add TLS min version and accepted min TLS version * set default min ver to library default * set default min ver to library default * add cipher list to toml * Update pkg/services/ldap/settings.go Co-authored-by: Karl Persson <kalle.persson@grafana.com> * Apply suggestions from code review Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> * lint --------- Co-authored-by: Karl Persson <kalle.persson@grafana.com> Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>	2 years ago
Jo	d4cfbd9fd3	LDAP: Move LDAP globals to Config (#63255 ) * structure dtos and private methods * add basic LDAP service * use LDAP service in ldap debug API * lower non fatal error * remove unused globals * wip * remove final globals * fix tests to use cfg enabled * restructure errors * remove logger from globals * use ldap service in authn * use ldap service in context handler * fix failed tests * fix ldap middleware provides * fix provides in auth_test.go	2 years ago
Jo	7862ae8abf	SupportBundles: Add LDAP bundle collector (#63128 ) * fix non-cfg fields used in ldap * fix non-cfg fields * add ldap support bundle * add note on match * add censoring and docs	2 years ago
Jo	6322fce725	LDAP: Move to single package cluster (#63035 ) * move multildap to ldap package * move LDAP api and tests to ldap package * register background service * lint	2 years ago
Serge Zaitsev	7dbd2cd139	Chore: Fix goimports grouping (#62426 ) fix goimports ordering	2 years ago
Kristin Laemmert	9256a520a4	chore: move user_auth models to (mostly) login service (#62269 ) * chore: move user_auth models to (mostly) login service	2 years ago
Marcos de Oliveira	91582ba03d	LDAP: Make LDAP attribute mapping case-insensitive (#58992 ) * Make LDAP attribute mapping case-insensitive * Add test case with attribute name different from schema's * Add fix to getArrayAttribute also and add test with mismatched letter case. * Update pkg/services/ldap/helpers.go Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>	3 years ago
Jo	77437f2c89	Add multi-auth devenv (#57609 ) * add authentik devenv * remove direct dependency on spew * use cn * add authentik instructions * add backup instructions	3 years ago
Gabriel MABILLE	5fcec05695	LDAP: log that organization mapping is skipped (#56796 )	3 years ago
Gabriel MABILLE	10c080dad1	LDAP: Add `skip_org_role_sync` configuration option (#56679 ) * LDAP: Add skip_org_role_sync option * Document the new config option * Nit on docs * Update docs/sources/setup-grafana/configure-security/configure-authentication/ldap.md Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> * Docs suggestions Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> Co-authored-by: Jguer <joao.guerreiro@grafana.com> * Add test, Fix disabled user when no role Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> Co-authored-by: Jguer <joao.guerreiro@grafana.com>	3 years ago
Jo	062d255124	Handle ioutil deprecations (#53526 ) * replace ioutil.ReadFile -> os.ReadFile * replace ioutil.ReadAll -> io.ReadAll * replace ioutil.TempFile -> os.CreateTemp * replace ioutil.NopCloser -> io.NopCloser * replace ioutil.WriteFile -> os.WriteFile * replace ioutil.TempDir -> os.MkdirTemp * replace ioutil.Discard -> io.Discard	3 years ago
idafurjes	6afad51761	Move SignedInUser to user service and RoleType and Roles to org (#53445 ) * Move SignedInUser to user service and RoleType and Roles to org * Use go naming convention for roles * Fix some imports and leftovers * Fix ldap debug test * Fix lint * Fix lint 2 * Fix lint 3 * Fix type and not needed conversion * Clean up messages in api tests * Clean up api tests 2	3 years ago
Jo	1f8b1eef75	SAML: Do not SAML SLO if user is not SAML authenticated (#53418 ) * Only SLO user if the user is using SAML * only one source of truth for auth module info * ensure SAML is also enabled and not only SLO * move auth module naming to auth module login package * use constants in other previously unused spots	3 years ago
Jo	09c95bc31f	TeamSync: Fix team syncing out of orgs mapped by auth method (#53257 )	3 years ago
Jo	c9c4fc604e	LDAP: Improve errors and documentation (#52111 )	3 years ago
hannes-256	62b0a8bae6	LDAP: Allow specifying LDAP timeout (#48870 ) * Allow specifying LDAP timeout * Update docs/sources/auth/ldap.md Co-authored-by: brendamuir <100768211+brendamuir@users.noreply.github.com> * LDAP timeout: Add annotations; Make functions "private" * Setting the default timeout if unspecified * fix goimports lint issue Co-authored-by: brendamuir <100768211+brendamuir@users.noreply.github.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: jguer <joao.guerreiro@grafana.com>	3 years ago
Kat Yang	3c3039f5b3	Chore: Remove Wrap (#50048 ) * Chore: Remove Wrap and Wrapf * Fix: Add error check	3 years ago

1 2

100 Commits (1dbbbd9ca7d2dc9f442f17a53e71b519e83b2106)