grafana

Commit Graph

Author	SHA1	Message	Date
Guillaume GILL	7c5de96503	Auth: Omit all base64 paddings in JWT tokens for the JWT auth (#35602 ) Omitting all base64 paddings (=) in JWT tokens. Fixes #34496	4 years ago
Serge Zaitsev	995afa2221	Chore: Refactor GoConvey in auth package (#40850 ) * refactor goconvey in auth package * make linter happy	4 years ago
idafurjes	f4f0d74838	Chore: Add context to user (#39649 ) * Add context to user * Add context for enterprise * Add context for UpdateUserLastSeenAtCommand * Remove xorm	4 years ago
Arve Knudsen	78596a6756	Migrate to Wire for dependency injection (#32289 ) Fixes #30144 Co-authored-by: dsotirakis <sotirakis.dim@gmail.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com> Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com> Co-authored-by: Will Browne <wbrowne@users.noreply.github.com> Co-authored-by: Leon Sorokin <leeoniya@gmail.com> Co-authored-by: Andrej Ocenas <mr.ocenas@gmail.com> Co-authored-by: spinillos <selenepinillos@gmail.com> Co-authored-by: Karl Persson <kalle.persson@grafana.com> Co-authored-by: Leonard Gram <leo@xlson.com>	4 years ago
Carl Bergquist	a10fa5cad3	Instrumentation: Start tracing database requests (#34572 ) Signed-off-by: bergquist <carl.bergquist@gmail.com>	5 years ago
Vladimir Kochnev	39a3b0d0b0	Auth: support JWT Authentication (#29995 )	5 years ago
Joan López de la Franca Beltran	610999cfa2	Auth: Allow soft token revocation (#31601 ) * Add revoked_at field to user auth token to allow soft revokes * Allow soft token revocations * Update token revocations and tests * Return error info on revokedTokenErr * Override session cookie only when no revokedErr nor API request * Display modal on revoked token error * Feedback: Refactor TokenRevokedModal to FC * Add GetUserRevokedTokens into UserTokenService * Backendsrv: adds tests and refactors soft token path * Apply feedback * Write redirect cookie on token revoked error * Update TokenRevokedModal style * Return meaningful error info * Some UI changes * Update backend_srv tests * Minor style fix on backend_srv tests * Replace deprecated method usage to publish events * Fix backend_srv tests * Apply suggestions from code review Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com> * Apply suggestions from code review * Apply suggestions from code review Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com> * Minor style fix after PR suggestion commit * Apply suggestions from code review Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com> * Prettier fixes Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com> Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>	5 years ago
Carl Bergquist	5114fa39ce	we should never log unhashed tokens (#31432 ) Signed-off-by: bergquist <carl.bergquist@gmail.com>	5 years ago
Agnès Toulet	2a70c73025	Auth: add expired token error and update CreateToken function (#30203 ) * Auth: add error for expired token * Auth: save token error into context data * Auth: send full user and req context to CreateToken * Auth: add token ID in context * add TokenExpiredError struct * update auth tests * remove most of the changes to CreateToken func * clean up * Login: add requestURI in CreateToken ctx * update RequestURIKey comment	5 years ago
Arve Knudsen	25048ebdf8	Chore: Add CloudWatch HTTP API tests (#29691 ) * CloudWatch: Add HTTP API tests Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>	5 years ago
Arve Knudsen	12661e8a9d	Move middleware context handler logic to service (#29605 ) * middleware: Move context handler to own service Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Emil Tullsted <sakjur@users.noreply.github.com> Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>	5 years ago
taciomcosta	10ff4eecef	Backend: fix IPv6 address parsing erroneous (#28585 ) * Backend: Fix parsing of client IP address Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>	5 years ago
Arve Knudsen	b5379c5335	Chore: Fix SQL related Go variable naming (#28887 ) * Chore: Fix variable naming Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>	5 years ago
Arve Knudsen	676d393ec9	Chore: Fix issues reported by staticcheck; enable stylecheck linter (#28866 ) * Chore: Fix issues reported by staticcheck Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Apply suggestions from code review Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>	5 years ago
Arve Knudsen	a078e40238	Settings: Rename constants/variables to follow Go naming standards (#28002 ) * settings: Rename constants/variables to follow Go naming standards Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>	5 years ago
Hansuuuuuuuuuu	8d971ab2f2	Auth: Replace maximum inactive/lifetime settings of days to duration (#27150 ) Allows login_maximum_inactive_lifetime_duration and login_maximum_lifetime_duration to be configured using time.Duration-compatible values while retaining backward compatibility. Fixes #17554 Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>	5 years ago
Arve Knudsen	41d432b5ae	Chore: Enable whitespace linter (#25903 ) Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>	6 years ago
Arve Knudsen	2a78d2a61c	pkg/services: Check errors (#19712 ) * pkg/services: Check errors * pkg/services: Don't treat context.Canceled\|context.DeadlineExceeded as error	6 years ago
Arve Knudsen	b858a5f496	Don't truncate IPv6 addresses (#19573 ) * Bugfix: Fix parsing of IPv6 addresses Make sure that IPv6 addresses aren't truncated when parsing. Fixes #18924 * util: Change network address parsing funcs to return error * pkg/api: Return NetworkAddress instead of host/port	6 years ago
Leonard Gram	d71043609e	Testing: Include BatchRevoke for all tokens in the fake. (#17728 )	7 years ago
Alexander Zobnin	60ddad8fdb	Batch disable users (#17254 ) * batch disable users * batch revoke users tokens * split batch disable user and revoke token * fix tests for batch disable users * Chore: add BatchDisableUsers() to the bus	7 years ago
zhulongcheng	2fff8f77dc	move log package to /infra (#17023 ) ref #14679 Signed-off-by: zhulongcheng <zhulongcheng.me@gmail.com>	7 years ago
Carl Bergquist	9660356638	Auth: Enable retries and transaction for some db calls for auth tokens (#16785 ) the WithSession wrapper handles retries and connection management so the caller dont have to worry about it.	7 years ago
Carl Bergquist	490515aec6	build: partially replace gometalinter with golangci-lint (#16610 ) we still use gometalinter for goconst since it doesn't report errors for duplicated in test files	7 years ago
Marcus Efraimsson	8029e48588	support get user tokens/revoke all user tokens in UserTokenService	7 years ago
bergquist	7754c37a1f	reduce loglevel to debug	7 years ago
bergquist	e163aadfe4	use authtoken for session quota restrictions closes #15360	7 years ago
bergquist	170783c292	make hourly cleanup the default behavior	7 years ago
Marcus Efraimsson	1a140ee199	run token cleanup job when grafana starts, then each hour	7 years ago
Marcus Efraimsson	8ae066ab5d	move authtoken package into auth package	7 years ago
Marcus Efraimsson	8678620730	move UserToken and UserTokenService to models package	7 years ago
Marcus Efraimsson	a60124a88c	change UserToken from interface to struct	7 years ago
Marcus Efraimsson	d8658a765c	enhanced expiration logic for lookup token tokens are not expired if created_at > now - LoginMaxLifetimeDays and rotated_at > now - LoginMaxInactiveLifetimeDays	7 years ago
Marcus Efraimsson	9483506590	auth token clean up job now runs on schedule and deletes all expired tokens delete tokens having created_at <= LoginMaxLifetimeDays or rotated_at <= LoginMaxInactiveLifetimeDays	7 years ago
Marcus Efraimsson	0915f931ae	change configuration settings in auth package	7 years ago
Marcus Efraimsson	7cd3cd6cd4	auth package refactoring moving middleware/hooks away from package exposing public struct UserToken accessible from other packages fix debug log lines so the same order and naming are used	7 years ago
bergquist	a6bd2c73a0	introduce samesite setting for login cookie ref #15067	7 years ago
bergquist	a1b3986532	always delete session cookie even if db delete fails	7 years ago
bergquist	91bd908e03	adds more tests signing out session	7 years ago
bergquist	11c4967bdc	changes some info logging to debug	7 years ago
bergquist	88ca54eba9	renames signout function	7 years ago
bergquist	43ac79685a	delete auth token on signout	7 years ago
bergquist	75760aa892	dont specify domain for auth cookies	7 years ago
bergquist	d6edaa1328	moves cookie https setting to [security]	7 years ago
bergquist	516037fbdd	makes sure rotation is always higher than urgent rotation	7 years ago
bergquist	fd0f9f2dd2	fixes broken test	7 years ago
bergquist	ff483f3782	removes old cookie auth configuration	7 years ago
bergquist	56a521b264	makes auth token rotation time configurable	7 years ago
bergquist	c3ff3d644c	fixes nil ref in tests	7 years ago
bergquist	64124b5042	add setting for how to long we should keep expired tokens	7 years ago

1 2

73 Commits (306f0785e122a94de00895ada7866ebedb30277f)