opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-08-01 04:01:49 +08:00
Code Issues Packages Projects Releases Wiki Activity
60,980 Commits 2,365 Branches 619 Tags
Commit Graph

8 Commits

Author SHA1 Message Date
Misi
84b8296ffb OAuth: Use the attached external session data in OAuthToken and OAuthTokenSync (#96655) 
* wip

* wip + tests

* wip

* wip opt2

* Use authn.Identity struct's SessionToken

* Merge fixes

* Handle disabling the feature flag correctly

* Fix test

* Cleanup

* Remove HasOAuthEntry from the OAuthTokenService interface

* Remove unused function
 2024-11-27 11:06:39 +01:00
Misi
1061e4712f OAuth: Refactor OAuthToken service to make it easier to use the new external sessions (#96667) 
* Refactor OAuthToken service

* introduce user.SessionAwareIdentityRequester

* replace login.UserAuth parameters with user.SessionAwareIdentityRequester

* Add nosec G101 to fake ID tokens

* Opt 2, min changes

* Revert a change to the current version
 2024-11-21 15:36:28 +02:00
Dan Cech
9020eb4b17 Auth: Update oauthtoken service to use remote cache and server lock (#90572) 
* update oauthtoken service to use remote cache and server lock

* remove token cache

* retry is lock is held by an in-flight refresh

* refactor token renewal to avoid race condition

* re-add refresh token expiry cache, but in SyncOauthTokenHook

* Add delta to the cache ttl

* Fix merge

* Change lockTimeConfig

* Always set the token from within the server lock

* Improvements

* early return when user is not authed by OAuth or refresh is disabled

* Allow more time for token refresh, tracing

* Retry on Mysql Deadlock error 1213

* Update pkg/services/authn/authnimpl/sync/oauth_token_sync.go

Co-authored-by: Dan Cech <dcech@grafana.com>

* Update pkg/services/authn/authnimpl/sync/oauth_token_sync.go

Co-authored-by: Dan Cech <dcech@grafana.com>

* Add settings for configuring min wait time between retries

* Add docs for the new setting

* Clean up

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

---------

Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
 2024-08-19 18:57:37 +02:00
Ryan McKinley
99d8025829 Chore: Move identity and errutil to apimachinery module (#89116) 2024-06-13 07:11:35 +03:00
Gabriel MABILLE
596e828150 Fix: Refresh token when id_token is expired (#79569) 
* Fix: Refresh token when id_token is expired

* add id_token comparison

* Fix wire

* Use userID as cache key

* Apply suggestions from code review

---------

Co-authored-by: linoman <2051016+linoman@users.noreply.github.com>
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
 2024-02-05 16:44:25 +01:00
Jo
fe1563882a Chore: Port oauth token service to identity requester (#73988) 
* port oauth token service to identity requester

* fix broken test

* no need to check for render
 2023-08-29 11:55:58 +02:00
Kristin Laemmert
9256a520a4 chore: move user_auth models to (mostly) login service (#62269) 
* chore: move user_auth models to (mostly) login service
 2023-01-27 13:36:54 -05:00
Karl Persson
412d80b498 AuthN: Add post auth hook for oauth token refresh (#61608) 
* AuthN: rename package to sync

* AuthN: rename sync files

* Ouath: Add mock for OauthTokenService

* AuthN: Implement access token refresh hook

* AuthN: remove feature check from hook

* AuthN: register post auth hook for oauth token refresh
 2023-01-18 10:47:09 +01:00