opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-08-02 04:31:36 +08:00
Code Issues Packages Projects Releases Wiki Activity

OAuth: Check both TLS client cert and key

Browse Source 
If either is set, try to use them.

This should help avoid a situation where someone has half-configured TLS
client authentication and it doesn't work without raising an obvious
error.
This commit is contained in:
Matt Bostock
2017-10-06 15:03:46 +01:00
parent 16c5d0e4b7
commit f2f8ca52d9
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/api/login_oauth.go
View File

@ -81,7 +81,7 @@ func OAuthLogin(ctx *middleware.Context) {
// initialize oauth2 context // initialize oauth2 context
oauthCtx := oauth2.NoContext oauthCtx := oauth2.NoContext
if setting.OAuthService.OAuthInfos[name].TlsClientCert != "" { if setting.OAuthService.OAuthInfos[name].TlsClientCert != "" || setting.OAuthService.OAuthInfos[name].TlsClientKey != "" {
cert, err := tls.LoadX509KeyPair(setting.OAuthService.OAuthInfos[name].TlsClientCert, setting.OAuthService.OAuthInfos[name].TlsClientKey) cert, err := tls.LoadX509KeyPair(setting.OAuthService.OAuthInfos[name].TlsClientCert, setting.OAuthService.OAuthInfos[name].TlsClientKey)
if err != nil { if err != nil {
log.Fatal(err) log.Fatal(err)