grafana

Commit Graph

Author	SHA1	Message	Date
Jo	0c8ad80575	Authn: JWT client (#61157 ) * add jwt client * alias JWT verifier * debug implementation * add tests for jwt client * add constant for JWT module * Feedback Co-authored-by: Kalle Persson <kalle.persson@grafana.com> Co-authored-by: Mihály Gyöngyösi <mgyongyosi@users.noreply.github.com> Co-authored-by: Kalle Persson <kalle.persson@grafana.com> Co-authored-by: Mihály Gyöngyösi <mgyongyosi@users.noreply.github.com>	2 years ago
Jo	df4f0343e5	Auth: Session cache [main] (#59935 ) * Auth: Session cache [v9.2.x] (#59907) * add cache wrapper only cache token if not to rotate Co-authored-by: Kalle Persson <kalle.persson@grafana.com> anticipate next rotation Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> Co-authored-by: Kalle Persson <kalle.persson@grafana.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> (cherry picked from commit `07a4b2343d`) * FeatureToggle: for storing sessions in a Remote Cache Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> (cherry picked from commit `b8a8c15148`) * use feature flag for session cache * ensure ttl is minimum 1 second Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> Co-authored-by: Kalle Persson <kalle.persson@grafana.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> * ensure 2 ttl window to prevent caching of tokens near rotation Co-authored-by: Kalle Persson <kalle.persson@grafana.com> * fix description of toggle Co-authored-by: gamab <gabi.mabs@gmail.com> Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> Co-authored-by: Kalle Persson <kalle.persson@grafana.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> (cherry picked from commit `2919588a82`) * fix broken quota test	3 years ago
Jo	fee50be1bb	Sessions: Remove invalid session cookie if it's invalid/expired/missing (#59556 ) only remove invalid session cookie if it's invalid/expired/missing	3 years ago
Karl Persson	062c5b805c	Auth: Merge ActiveAuthTokenService into UserAuthTokenService (#59032 ) * Auth: Merge UserTokenService and ActiveAuthTokenService * Auth: Rename function	3 years ago
Karl Persson	fef1e1d5bc	Auth: Refactor auth package (#58920 ) * Auth: move interface to its own file * Auth: move to test package * Auth: move quota consts to auth file * Auth: move service to impl package * Auth: move interfaces and related models to auth package * Auth: Create sub package and type alias to avoid circular dependency	3 years ago
Sofia Papagiannaki	9855e74b92	Chore: Refactor quota service (#58643 ) Chore: Refactor quota service (#57586) * Chore: refactore quota service * Apply suggestions from code review	3 years ago
Sofia Papagiannaki	96cdf77995	Revert "Chore: Refactor quota service (#57586 )" (#58394 ) This reverts commit `326ea86a57`.	3 years ago
Sofia Papagiannaki	326ea86a57	Chore: Refactor quota service (#57586 ) * Chore: refactore quota service * Apply suggestions from code review	3 years ago
Kristin Laemmert	05709ce411	chore: remove sqlstore & mockstore dependencies from (most) packages (#57087 ) * chore: add alias for InitTestDB and Session Adds an alias for the sqlstore InitTestDB and Session, and updates tests using these to reduce dependencies on the sqlstore.Store. * next pass of removing sqlstore imports * last little bit * remove mockstore where possible	3 years ago
Misi	9c954d06ab	Auth: Refresh OAuth access_token automatically using the refresh_token (#56076 ) * Verify OAuth token expiration for oauth users in the ctx handler middleware * Use refresh token to get a new access token * Refactor oauth_token.go * Add tests for the middleware changes * Align other tests * Add tests, wip * Add more tests * Add InvalidateOAuthTokens method * Fix ExpiryDate update to default * Invalidate OAuth tokens during logout * Improve logout * Add more comments * Cleanup * Fix import order * Add error to HasOAuthEntry return values * add dev debug logs * Fix tests Co-authored-by: jguer <joao.guerreiro@grafana.com>	3 years ago
Sofia Papagiannaki	8b77ee2734	SQLStore: Ensure that sessions are always closed (#55864 ) * SQLStore: Ensure that sessions are always closed Delete `NewSession()` in favour of `WithDbSession()` * Add WithDbSessionForceNewSession to the interface * Apply suggestions from code review	3 years ago
Marcus Efraimsson	862a6a2fa6	Logging: Introduce API for contextual logging (#55198 ) Introduces a FromContext method on the log.Logger interface that allows contextual key/value pairs to be attached, e.g. per request, so that any logger using this API will automatically get the per request context attached. The proposal makes the traceID available for contextual logger , if available, and would allow logs originating from a certain HTTP request to be correlated with traceID. In addition, when tracing not enabled, skip adding traceID=00000000000000000000000000000000 to logs.	3 years ago
Emil Tullstedt	b287047052	Chore: Upgrade Go to 1.19.1 (#54902 ) * WIP * Set public_suffix to a pre Ruby 2.6 version * we don't need to install python * Stretch->Buster * Bump versions in lib.star * Manually update linter Sort of messy, but the .mod-file need to contain all dependencies that use 1.16+ features, otherwise they're assumed to be compiled with -lang=go1.16 and cannot access generics et al. Bingo doesn't seem to understand that, but it's possible to manually update things to get Bingo happy. * undo reformatting * Various lint improvements * More from the linter * goimports -w ./pkg/ * Disable gocritic * Add/modify linter exceptions * lint + flatten nested list Go 1.19 doesn't support nested lists, and there wasn't an obvious workaround. https://go.dev/doc/comment#lists	3 years ago
Ieva	de6584b976	Auth: Extend auth token errors with user ID (#54633 ) * add user ID to user token errors * remove colon * move user ID to debug log, so it wouldn't accidentally be added in response	3 years ago
Jo	062d255124	Handle ioutil deprecations (#53526 ) * replace ioutil.ReadFile -> os.ReadFile * replace ioutil.ReadAll -> io.ReadAll * replace ioutil.TempFile -> os.CreateTemp * replace ioutil.NopCloser -> io.NopCloser * replace ioutil.WriteFile -> os.WriteFile * replace ioutil.TempDir -> os.MkdirTemp * replace ioutil.Discard -> io.Discard	3 years ago
Selene	085ae014cd	Sync: Move ActiveTokenCount to a new service (#52991 ) * Move ActiveTokenCount to a new service * Fixing tests * fix `RootSystem` Co-authored-by: Artur Wierzbicki <artur.wierzbicki@grafana.com>	3 years ago
idafurjes	6c43eb0b4d	Split Create User (#50502 ) * Split Create User * Use new create user and User from package user * Add service to wire * Making create user work * Replace user from user pkg * One more * Move Insert to orguser Service/Store * Remove unnecessary conversion * Cleaunp * Fix Get User and add fakes * Fixing get org id for user logic, adding fakes and other adjustments * Add some tests for ourguser service and store * Fix insert org logic * Add comment about deprecation * Fix after merge with main * Move orguser service/store to org service/store * Remove orguser from wire * Unimplement new Create user and use User from pkg user * Fix wire generation * Fix lint * Fix lint - use only User and CrateUserCommand from user pkg * Remove User and CreateUserCommand from models * Fix lint 2	3 years ago
idafurjes	b8852ef6a3	Chore: Remove context.TODO() (#43409 ) * Remove context.TODO() from services * Fix live test * Remove context.TODO	3 years ago
Emil Tullstedt	12e0a94316	JWT: Split race-y test into two stable tests (#41950 )	4 years ago
Emil Tullstedt	dbb8246b6b	JWT: Increase distance from now in tests (#41794 )	4 years ago
Guillaume GILL	7c5de96503	Auth: Omit all base64 paddings in JWT tokens for the JWT auth (#35602 ) Omitting all base64 paddings (=) in JWT tokens. Fixes #34496	4 years ago
Serge Zaitsev	995afa2221	Chore: Refactor GoConvey in auth package (#40850 ) * refactor goconvey in auth package * make linter happy	4 years ago
idafurjes	f4f0d74838	Chore: Add context to user (#39649 ) * Add context to user * Add context for enterprise * Add context for UpdateUserLastSeenAtCommand * Remove xorm	4 years ago
Arve Knudsen	78596a6756	Migrate to Wire for dependency injection (#32289 ) Fixes #30144 Co-authored-by: dsotirakis <sotirakis.dim@gmail.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com> Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com> Co-authored-by: Will Browne <wbrowne@users.noreply.github.com> Co-authored-by: Leon Sorokin <leeoniya@gmail.com> Co-authored-by: Andrej Ocenas <mr.ocenas@gmail.com> Co-authored-by: spinillos <selenepinillos@gmail.com> Co-authored-by: Karl Persson <kalle.persson@grafana.com> Co-authored-by: Leonard Gram <leo@xlson.com>	4 years ago
Carl Bergquist	a10fa5cad3	Instrumentation: Start tracing database requests (#34572 ) Signed-off-by: bergquist <carl.bergquist@gmail.com>	4 years ago
Vladimir Kochnev	39a3b0d0b0	Auth: support JWT Authentication (#29995 )	4 years ago
Joan López de la Franca Beltran	610999cfa2	Auth: Allow soft token revocation (#31601 ) * Add revoked_at field to user auth token to allow soft revokes * Allow soft token revocations * Update token revocations and tests * Return error info on revokedTokenErr * Override session cookie only when no revokedErr nor API request * Display modal on revoked token error * Feedback: Refactor TokenRevokedModal to FC * Add GetUserRevokedTokens into UserTokenService * Backendsrv: adds tests and refactors soft token path * Apply feedback * Write redirect cookie on token revoked error * Update TokenRevokedModal style * Return meaningful error info * Some UI changes * Update backend_srv tests * Minor style fix on backend_srv tests * Replace deprecated method usage to publish events * Fix backend_srv tests * Apply suggestions from code review Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com> * Apply suggestions from code review * Apply suggestions from code review Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com> * Minor style fix after PR suggestion commit * Apply suggestions from code review Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com> * Prettier fixes Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com> Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>	4 years ago
Carl Bergquist	5114fa39ce	we should never log unhashed tokens (#31432 ) Signed-off-by: bergquist <carl.bergquist@gmail.com>	4 years ago
Agnès Toulet	2a70c73025	Auth: add expired token error and update CreateToken function (#30203 ) * Auth: add error for expired token * Auth: save token error into context data * Auth: send full user and req context to CreateToken * Auth: add token ID in context * add TokenExpiredError struct * update auth tests * remove most of the changes to CreateToken func * clean up * Login: add requestURI in CreateToken ctx * update RequestURIKey comment	4 years ago
Arve Knudsen	25048ebdf8	Chore: Add CloudWatch HTTP API tests (#29691 ) * CloudWatch: Add HTTP API tests Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>	4 years ago
Arve Knudsen	12661e8a9d	Move middleware context handler logic to service (#29605 ) * middleware: Move context handler to own service Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Emil Tullsted <sakjur@users.noreply.github.com> Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>	5 years ago
taciomcosta	10ff4eecef	Backend: fix IPv6 address parsing erroneous (#28585 ) * Backend: Fix parsing of client IP address Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>	5 years ago
Arve Knudsen	b5379c5335	Chore: Fix SQL related Go variable naming (#28887 ) * Chore: Fix variable naming Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>	5 years ago
Arve Knudsen	676d393ec9	Chore: Fix issues reported by staticcheck; enable stylecheck linter (#28866 ) * Chore: Fix issues reported by staticcheck Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Apply suggestions from code review Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>	5 years ago
Arve Knudsen	a078e40238	Settings: Rename constants/variables to follow Go naming standards (#28002 ) * settings: Rename constants/variables to follow Go naming standards Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>	5 years ago
Hansuuuuuuuuuu	8d971ab2f2	Auth: Replace maximum inactive/lifetime settings of days to duration (#27150 ) Allows login_maximum_inactive_lifetime_duration and login_maximum_lifetime_duration to be configured using time.Duration-compatible values while retaining backward compatibility. Fixes #17554 Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>	5 years ago
Arve Knudsen	41d432b5ae	Chore: Enable whitespace linter (#25903 ) Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>	5 years ago
Arve Knudsen	2a78d2a61c	pkg/services: Check errors (#19712 ) * pkg/services: Check errors * pkg/services: Don't treat context.Canceled\|context.DeadlineExceeded as error	6 years ago
Arve Knudsen	b858a5f496	Don't truncate IPv6 addresses (#19573 ) * Bugfix: Fix parsing of IPv6 addresses Make sure that IPv6 addresses aren't truncated when parsing. Fixes #18924 * util: Change network address parsing funcs to return error * pkg/api: Return NetworkAddress instead of host/port	6 years ago
Leonard Gram	d71043609e	Testing: Include BatchRevoke for all tokens in the fake. (#17728 )	6 years ago
Alexander Zobnin	60ddad8fdb	Batch disable users (#17254 ) * batch disable users * batch revoke users tokens * split batch disable user and revoke token * fix tests for batch disable users * Chore: add BatchDisableUsers() to the bus	6 years ago
zhulongcheng	2fff8f77dc	move log package to /infra (#17023 ) ref #14679 Signed-off-by: zhulongcheng <zhulongcheng.me@gmail.com>	6 years ago
Carl Bergquist	9660356638	Auth: Enable retries and transaction for some db calls for auth tokens (#16785 ) the WithSession wrapper handles retries and connection management so the caller dont have to worry about it.	6 years ago
Carl Bergquist	490515aec6	build: partially replace gometalinter with golangci-lint (#16610 ) we still use gometalinter for goconst since it doesn't report errors for duplicated in test files	6 years ago
Marcus Efraimsson	8029e48588	support get user tokens/revoke all user tokens in UserTokenService	6 years ago
bergquist	7754c37a1f	reduce loglevel to debug	6 years ago
bergquist	e163aadfe4	use authtoken for session quota restrictions closes #15360	6 years ago
bergquist	170783c292	make hourly cleanup the default behavior	6 years ago
Marcus Efraimsson	1a140ee199	run token cleanup job when grafana starts, then each hour	6 years ago
Marcus Efraimsson	8ae066ab5d	move authtoken package into auth package	6 years ago

1 2

93 Commits (7339dbc09013608b7819ec16dee801bee6781aa2)