mirror of
https://github.com/grafana/grafana.git
synced 2025-07-28 11:32:36 +08:00
5652bde447
* Use secrets service in pluginproxy * Use secrets service in pluginxontext * Use secrets service in pluginsettings * Use secrets service in provisioning * Use secrets service in authinfoservice * Use secrets service in api * Use secrets service in sqlstore * Use secrets service in dashboardshapshots * Use secrets service in tsdb * Use secrets service in datasources * Use secrets service in alerting * Use secrets service in ngalert * Break cyclic dependancy * Refactor service * Break cyclic dependancy * Add FakeSecretsStore * Setup Secrets Service in sqlstore * Fix * Continue secrets service refactoring * Fix cyclic dependancy in sqlstore tests * Fix secrets service references * Fix linter errors * Add fake secrets service for tests * Refactor SetupTestSecretsService * Update setting up secret service in tests * Fix missing secrets service in multiorg_alertmanager_test * Use fake db in tests and sort imports * Use fake db in datasources tests * Fix more tests * Fix linter issues * Attempt to fix plugin proxy tests * Pass secrets service to getPluginProxiedRequest in pluginproxy tests * Fix pluginproxy tests * Revert using secrets service in alerting and provisioning * Update decryptFn in alerting migration * Rename defaultProvider to currentProvider * Use fake secrets service in alert channels tests * Refactor secrets service test helper * Update setting up secrets service in tests * Revert alerting changes in api * Add comments * Remove secrets service from background services * Convert global encryption functions into vars * Revert "Convert global encryption functions into vars" This reverts commit 498eb19859eba364a2400a6d7e73236b1c9a5b37. * Add feature toggle for envelope encryption * Rename toggle Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> Co-authored-by: Joan López de la Franca Beltran <joanjan14@gmail.com>
88 lines
2.5 KiB
Go
88 lines
2.5 KiB
Go
package pluginproxy
|
|
|
|
import (
|
|
"encoding/json"
|
|
"net/http"
|
|
"net/http/httputil"
|
|
"net/url"
|
|
|
|
"github.com/grafana/grafana/pkg/bus"
|
|
"github.com/grafana/grafana/pkg/models"
|
|
"github.com/grafana/grafana/pkg/plugins"
|
|
"github.com/grafana/grafana/pkg/services/secrets"
|
|
"github.com/grafana/grafana/pkg/setting"
|
|
"github.com/grafana/grafana/pkg/util"
|
|
"github.com/grafana/grafana/pkg/util/proxyutil"
|
|
)
|
|
|
|
type templateData struct {
|
|
JsonData map[string]interface{}
|
|
SecureJsonData map[string]string
|
|
}
|
|
|
|
// NewApiPluginProxy create a plugin proxy
|
|
func NewApiPluginProxy(ctx *models.ReqContext, proxyPath string, route *plugins.Route,
|
|
appID string, cfg *setting.Cfg, secretsService secrets.Service) *httputil.ReverseProxy {
|
|
director := func(req *http.Request) {
|
|
query := models.GetPluginSettingByIdQuery{OrgId: ctx.OrgId, PluginId: appID}
|
|
if err := bus.DispatchCtx(ctx.Req.Context(), &query); err != nil {
|
|
ctx.JsonApiErr(500, "Failed to fetch plugin settings", err)
|
|
return
|
|
}
|
|
|
|
secureJsonData, err := secretsService.DecryptJsonData(ctx.Req.Context(), query.Result.SecureJsonData)
|
|
if err != nil {
|
|
ctx.JsonApiErr(500, "Failed to decrypt plugin settings", err)
|
|
return
|
|
}
|
|
|
|
data := templateData{
|
|
JsonData: query.Result.JsonData,
|
|
SecureJsonData: secureJsonData,
|
|
}
|
|
|
|
interpolatedURL, err := interpolateString(route.URL, data)
|
|
if err != nil {
|
|
ctx.JsonApiErr(500, "Could not interpolate plugin route url", err)
|
|
return
|
|
}
|
|
targetURL, err := url.Parse(interpolatedURL)
|
|
if err != nil {
|
|
ctx.JsonApiErr(500, "Could not parse url", err)
|
|
return
|
|
}
|
|
req.URL.Scheme = targetURL.Scheme
|
|
req.URL.Host = targetURL.Host
|
|
req.Host = targetURL.Host
|
|
req.URL.Path = util.JoinURLFragments(targetURL.Path, proxyPath)
|
|
|
|
// clear cookie headers
|
|
req.Header.Del("Cookie")
|
|
req.Header.Del("Set-Cookie")
|
|
|
|
proxyutil.PrepareProxyRequest(req)
|
|
|
|
// Create a HTTP header with the context in it.
|
|
ctxJSON, err := json.Marshal(ctx.SignedInUser)
|
|
if err != nil {
|
|
ctx.JsonApiErr(500, "failed to marshal context to json.", err)
|
|
return
|
|
}
|
|
|
|
req.Header.Set("X-Grafana-Context", string(ctxJSON))
|
|
|
|
applyUserHeader(cfg.SendUserHeader, req, ctx.SignedInUser)
|
|
|
|
if err := addHeaders(&req.Header, route, data); err != nil {
|
|
ctx.JsonApiErr(500, "Failed to render plugin headers", err)
|
|
return
|
|
}
|
|
|
|
if err := setBodyContent(req, route, data); err != nil {
|
|
logger.Error("Failed to set plugin route body content", "error", err)
|
|
}
|
|
}
|
|
|
|
return &httputil.ReverseProxy{Director: director}
|
|
}
|