social

package
v0.0.0-test.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 20, 2023 License: AGPL-3.0 Imports: 36 Imported by: 274

Documentation

Index

Constants

View Source
const (
	OfflineAccessScope = "offline_access"
)
View Source
const (
	RoleGrafanaAdmin = "GrafanaAdmin" // For AzureAD for example this value cannot contain spaces
)

Variables

View Source
var (
	ErrIDTokenNotFound = errors.New("id_token not found")
	ErrEmailNotFound   = errors.New("error getting user info: no email found in access token")
)
View Source
var (
	ErrMissingTeamMembership = errutil.NewBase(errutil.StatusUnauthorized,
		"auth.missing_team",
		errutil.WithPublicMessage(
			"User is not a member of one of the required teams. Please contact identity provider administrator."))
	ErrMissingOrganizationMembership = errutil.NewBase(errutil.StatusUnauthorized,
		"auth.missing_organization",
		errutil.WithPublicMessage(
			"User is not a member of one of the required organizations. Please contact identity provider administrator."))
)
View Source
var (
	SocialBaseUrl = "/login/"
	SocialMap     = make(map[string]SocialConnector)
)

Functions

This section is empty.

Types

type BasicUserInfo

type BasicUserInfo struct {
	Id             string
	Name           string
	Email          string
	Login          string
	Role           org.RoleType
	IsGrafanaAdmin *bool // nil will avoid overriding user's set server admin setting
	Groups         []string
}

func (*BasicUserInfo) String

func (b *BasicUserInfo) String() string

type Error

type Error struct {
	// contains filtered or unexported fields
}

func (Error) Error

func (e Error) Error() string

type GithubTeam

type GithubTeam struct {
	Id           int    `json:"id"`
	Slug         string `json:"slug"`
	URL          string `json:"html_url"`
	Organization struct {
		Login string `json:"login"`
	} `json:"organization"`
}

func (*GithubTeam) GetShorthand

func (t *GithubTeam) GetShorthand() (string, error)

type OAuthInfo

type OAuthInfo struct {
	ApiUrl                  string   `toml:"api_url"`
	AuthUrl                 string   `toml:"auth_url"`
	ClientId                string   `toml:"client_id"`
	ClientSecret            string   `toml:"-"`
	EmailAttributeName      string   `toml:"email_attribute_name"`
	EmailAttributePath      string   `toml:"email_attribute_path"`
	GroupsAttributePath     string   `toml:"groups_attribute_path"`
	HostedDomain            string   `toml:"hosted_domain"`
	Icon                    string   `toml:"icon"`
	Name                    string   `toml:"name"`
	RoleAttributePath       string   `toml:"role_attribute_path"`
	TeamIdsAttributePath    string   `toml:"team_ids_attribute_path"`
	TeamsUrl                string   `toml:"teams_url"`
	TlsClientCa             string   `toml:"tls_client_ca"`
	TlsClientCert           string   `toml:"tls_client_cert"`
	TlsClientKey            string   `toml:"tls_client_key"`
	TokenUrl                string   `toml:"token_url"`
	AllowedDomains          []string `toml:"allowed_domains"`
	Scopes                  []string `toml:"scopes"`
	AllowAssignGrafanaAdmin bool     `toml:"allow_assign_grafana_admin"`
	AllowSignup             bool     `toml:"allow_signup"`
	AutoLogin               bool     `toml:"auto_login"`
	Enabled                 bool     `toml:"enabled"`
	RoleAttributeStrict     bool     `toml:"role_attribute_strict"`
	TlsSkipVerify           bool     `toml:"tls_skip_verify"`
	UsePKCE                 bool     `toml:"use_pkce"`
	UseRefreshToken         bool     `toml:"use_refresh_token"`
}

type OktaClaims

type OktaClaims struct {
	ID                string `json:"sub"`
	Email             string `json:"email"`
	PreferredUsername string `json:"preferred_username"`
	Name              string `json:"name"`
}

type OktaUserInfoJson

type OktaUserInfoJson struct {
	Name        string              `json:"name"`
	DisplayName string              `json:"display_name"`
	Login       string              `json:"login"`
	Username    string              `json:"username"`
	Email       string              `json:"email"`
	Upn         string              `json:"upn"`
	Attributes  map[string][]string `json:"attributes"`
	Groups      []string            `json:"groups"`
	// contains filtered or unexported fields
}

type OrgRecord

type OrgRecord struct {
	Login string `json:"login"`
}

type Service

type Service interface {
	GetOAuthProviders() map[string]bool
	GetOAuthHttpClient(string) (*http.Client, error)
	GetConnector(string) (SocialConnector, error)
	GetOAuthInfoProvider(string) *OAuthInfo
	GetOAuthInfoProviders() map[string]*OAuthInfo
}

type SocialAzureAD

type SocialAzureAD struct {
	*SocialBase
	// contains filtered or unexported fields
}

func (*SocialAzureAD) IsGroupMember

func (s *SocialAzureAD) IsGroupMember(groups []string) bool

func (*SocialAzureAD) SupportBundleContent

func (s *SocialAzureAD) SupportBundleContent(bf *bytes.Buffer) error

func (*SocialAzureAD) UserInfo

func (s *SocialAzureAD) UserInfo(ctx context.Context, client *http.Client, token *oauth2.Token) (*BasicUserInfo, error)

type SocialBase

type SocialBase struct {
	*oauth2.Config
	// contains filtered or unexported fields
}

func (*SocialBase) IsEmailAllowed

func (s *SocialBase) IsEmailAllowed(email string) bool

func (*SocialBase) IsSignupAllowed

func (s *SocialBase) IsSignupAllowed() bool

func (*SocialBase) SupportBundleContent

func (s *SocialBase) SupportBundleContent(bf *bytes.Buffer) error

type SocialConnector

type SocialConnector interface {
	UserInfo(ctx context.Context, client *http.Client, token *oauth2.Token) (*BasicUserInfo, error)
	IsEmailAllowed(email string) bool
	IsSignupAllowed() bool

	AuthCodeURL(state string, opts ...oauth2.AuthCodeOption) string
	Exchange(ctx context.Context, code string, authOptions ...oauth2.AuthCodeOption) (*oauth2.Token, error)
	Client(ctx context.Context, t *oauth2.Token) *http.Client
	TokenSource(ctx context.Context, t *oauth2.Token) oauth2.TokenSource
	SupportBundleContent(*bytes.Buffer) error
}

type SocialGenericOAuth

type SocialGenericOAuth struct {
	*SocialBase
	// contains filtered or unexported fields
}

func (*SocialGenericOAuth) FetchOrganizations

func (s *SocialGenericOAuth) FetchOrganizations(ctx context.Context, client *http.Client) ([]string, bool)

func (*SocialGenericOAuth) FetchPrivateEmail

func (s *SocialGenericOAuth) FetchPrivateEmail(ctx context.Context, client *http.Client) (string, error)

func (*SocialGenericOAuth) FetchTeamMemberships

func (s *SocialGenericOAuth) FetchTeamMemberships(ctx context.Context, client *http.Client) ([]string, error)

func (*SocialGenericOAuth) IsGroupMember

func (s *SocialGenericOAuth) IsGroupMember(groups []string) bool

func (*SocialGenericOAuth) IsOrganizationMember

func (s *SocialGenericOAuth) IsOrganizationMember(ctx context.Context, client *http.Client) bool

func (*SocialGenericOAuth) IsTeamMember

func (s *SocialGenericOAuth) IsTeamMember(ctx context.Context, client *http.Client) bool

func (*SocialGenericOAuth) SupportBundleContent

func (s *SocialGenericOAuth) SupportBundleContent(bf *bytes.Buffer) error

func (*SocialGenericOAuth) UserInfo

func (s *SocialGenericOAuth) UserInfo(ctx context.Context, client *http.Client, token *oauth2.Token) (*BasicUserInfo, error)

type SocialGithub

type SocialGithub struct {
	*SocialBase
	// contains filtered or unexported fields
}

func (*SocialGithub) FetchOrganizations

func (s *SocialGithub) FetchOrganizations(ctx context.Context, client *http.Client, organizationsUrl string) ([]string, error)

func (*SocialGithub) FetchPrivateEmail

func (s *SocialGithub) FetchPrivateEmail(ctx context.Context, client *http.Client) (string, error)

func (*SocialGithub) FetchTeamMemberships

func (s *SocialGithub) FetchTeamMemberships(ctx context.Context, client *http.Client) ([]GithubTeam, error)

func (*SocialGithub) HasMoreRecords

func (s *SocialGithub) HasMoreRecords(headers http.Header) (string, bool)

func (*SocialGithub) IsOrganizationMember

func (s *SocialGithub) IsOrganizationMember(ctx context.Context,
	client *http.Client, organizationsUrl string) bool

func (*SocialGithub) IsTeamMember

func (s *SocialGithub) IsTeamMember(ctx context.Context, client *http.Client) bool

func (*SocialGithub) UserInfo

func (s *SocialGithub) UserInfo(ctx context.Context, client *http.Client, token *oauth2.Token) (*BasicUserInfo, error)

type SocialGitlab

type SocialGitlab struct {
	*SocialBase
	// contains filtered or unexported fields
}

func (*SocialGitlab) UserInfo

func (s *SocialGitlab) UserInfo(ctx context.Context, client *http.Client, token *oauth2.Token) (*BasicUserInfo, error)

type SocialGoogle

type SocialGoogle struct {
	*SocialBase
	// contains filtered or unexported fields
}

func (*SocialGoogle) AuthCodeURL

func (s *SocialGoogle) AuthCodeURL(state string, opts ...oauth2.AuthCodeOption) string

func (*SocialGoogle) UserInfo

func (s *SocialGoogle) UserInfo(ctx context.Context, client *http.Client, token *oauth2.Token) (*BasicUserInfo, error)

type SocialGrafanaCom

type SocialGrafanaCom struct {
	*SocialBase
	// contains filtered or unexported fields
}

func (*SocialGrafanaCom) IsEmailAllowed

func (s *SocialGrafanaCom) IsEmailAllowed(email string) bool

func (*SocialGrafanaCom) IsOrganizationMember

func (s *SocialGrafanaCom) IsOrganizationMember(organizations []OrgRecord) bool

func (*SocialGrafanaCom) UserInfo

func (s *SocialGrafanaCom) UserInfo(ctx context.Context, client *http.Client, _ *oauth2.Token) (*BasicUserInfo, error)

UserInfo is used for login credentials for the user

type SocialOkta

type SocialOkta struct {
	*SocialBase
	// contains filtered or unexported fields
}

func (*SocialOkta) GetGroups

func (s *SocialOkta) GetGroups(data *OktaUserInfoJson) []string

func (*SocialOkta) IsGroupMember

func (s *SocialOkta) IsGroupMember(groups []string) bool

func (*SocialOkta) UserInfo

func (s *SocialOkta) UserInfo(ctx context.Context, client *http.Client, token *oauth2.Token) (*BasicUserInfo, error)

type SocialService

type SocialService struct {
	// contains filtered or unexported fields
}

func ProvideService

func ProvideService(cfg *setting.Cfg,
	features *featuremgmt.FeatureManager,
	usageStats usagestats.Service,
	bundleRegistry supportbundles.Service,
	cache remotecache.CacheStorage,
) *SocialService

func (*SocialService) GetConnector

func (ss *SocialService) GetConnector(name string) (SocialConnector, error)

func (*SocialService) GetOAuthHttpClient

func (ss *SocialService) GetOAuthHttpClient(name string) (*http.Client, error)

func (*SocialService) GetOAuthInfoProvider

func (ss *SocialService) GetOAuthInfoProvider(name string) *OAuthInfo

func (*SocialService) GetOAuthInfoProviders

func (ss *SocialService) GetOAuthInfoProviders() map[string]*OAuthInfo

func (*SocialService) GetOAuthProviders

func (ss *SocialService) GetOAuthProviders() map[string]bool

GetOAuthProviders returns available oauth providers and if they're enabled or not

type UserInfoJson

type UserInfoJson struct {
	Sub         string              `json:"sub"`
	Name        string              `json:"name"`
	DisplayName string              `json:"display_name"`
	Login       string              `json:"login"`
	Username    string              `json:"username"`
	Email       string              `json:"email"`
	Upn         string              `json:"upn"`
	Attributes  map[string][]string `json:"attributes"`
	// contains filtered or unexported fields
}

func (*UserInfoJson) String

func (info *UserInfoJson) String() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL