opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-08-01 09:34:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

Auth: Use PKCE by default (If OAuth provider supports PKCE) (#68095)

Browse Source 
OAuth: change use_pkce = true to defaults.ini/sample.ini #68073

Signed-off-by: junya koyama <arukiidou@yahoo.co.jp>
This commit is contained in:
arukiidou
2023-05-12 16:37:29 +09:00
committed by GitHub
parent debf04eb2c
commit f79654feb3
2 changed files with 14 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
conf/defaults.ini
View File

@ -611,6 +611,7 @@ role_attribute_strict = false
allow_assign_grafana_admin = false
skip_org_role_sync = false
tls_skip_verify_insecure = false
use_pkce = true
#################################### Google Auth #########################
[auth.google]
@ -629,6 +630,7 @@ allowed_domains =
hosted_domain =
skip_org_role_sync = false
tls_skip_verify_insecure = false
use_pkce = true
#################################### Grafana.com Auth ####################
# legacy key names (so they work in env variables)
@ -670,6 +672,7 @@ role_attribute_strict = false
allow_assign_grafana_admin = false
force_use_graph_api = false
tls_skip_verify_insecure = false
use_pkce = true
#################################### Okta OAuth #######################
[auth.okta]
@ -691,6 +694,7 @@ role_attribute_strict = false
allow_assign_grafana_admin = false
skip_org_role_sync = false
tls_skip_verify_insecure = false
use_pkce = true
#################################### Generic OAuth #######################
[auth.generic_oauth]

4
conf/sample.ini
View File

@ -599,6 +599,7 @@
;allow_assign_grafana_admin = false
;skip_org_role_sync = false
;tls_skip_verify_insecure = false
;use_pkce = true
#################################### Google Auth ##########################
[auth.google]
@ -616,6 +617,7 @@
;allowed_domains =
;hosted_domain =
;skip_org_role_sync = false
;use_pkce = true
#################################### Grafana.com Auth ####################
[auth.grafana_com]
@ -646,6 +648,7 @@
;allowed_groups =
;role_attribute_strict = false
;allow_assign_grafana_admin = false
;use_pkce = true
# prevent synchronizing users organization roles
;skip_org_role_sync = false
@ -667,6 +670,7 @@
;role_attribute_strict = false
;allow_assign_grafana_admin = false
;skip_org_role_sync = false
;use_pkce = true
#################################### Generic OAuth ##########################
[auth.generic_oauth]