Affected by GO-2022-0342 and 27 other vulnerabilities

GO-2022-0342: Grafana XSS in Dashboard Text Panel in github.com/grafana/grafana

GO-2022-0707: Grafana Authentication Bypass in github.com/grafana/grafana

GO-2024-2483: Grafana XSS via adding a link in General feature in github.com/grafana/grafana

GO-2024-2510: Grafana Cross-site Scripting (XSS) in github.com/grafana/grafana

GO-2024-2513: Grafana information disclosure in github.com/grafana/grafana

GO-2024-2515: Grafana XSS via the OpenTSDB datasource in github.com/grafana/grafana

GO-2024-2516: Grafana XSS via a column style in github.com/grafana/grafana

GO-2024-2517: Grafana XSS in header column rename in github.com/grafana/grafana

GO-2024-2519: Grafana world readable configuration files in github.com/grafana/grafana

GO-2024-2520: Grafana XSS via a query alias for the ElasticSearch datasource in github.com/grafana/grafana

GO-2024-2523: Grafana stored XSS in github.com/grafana/grafana

GO-2024-2629: Grafana's users with permissions to create a data source can CRUD all data sources in github.com/grafana/grafana

GO-2024-2661: Arbitrary file read in github.com/grafana/grafana

GO-2024-2697: Grafana: Users outside an organization can delete a snapshot with its key in github.com/grafana/grafana

GO-2024-2843: Grafana Email addresses and usernames can not be trusted in github.com/grafana/grafana

GO-2024-2844: Grafana User enumeration via forget password in github.com/grafana/grafana

GO-2024-2847: Grafana Escalation from admin to server admin when auth proxy is used in github.com/grafana/grafana

GO-2024-2848: Grafana when using email as a username can block other users from signing in in github.com/grafana/grafana

GO-2024-2851: Grafana Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins in github.com/grafana/grafana

GO-2024-2852: Grafana account takeover via OAuth vulnerability in github.com/grafana/grafana

GO-2024-2854: Grafana folders admin only permission privilege escalation in github.com/grafana/grafana

GO-2024-2855: Grafana Plugin signature bypass in github.com/grafana/grafana

GO-2024-2856: Grafana Race condition allowing privilege escalation in github.com/grafana/grafana

GO-2024-2857: Grafana Stored Cross-site Scripting in Unified Alerting in github.com/grafana/grafana

GO-2024-2867: Grafana Spoofing originalUrl of snapshots in github.com/grafana/grafana

GO-2024-3079: Grafana plugin data sources vulnerable to access control bypass in github.com/grafana/grafana

GO-2024-3215: Grafana Command Injection And Local File Inclusion Via Sql Expressions in github.com/grafana/grafana

GO-2024-3240: Grafana org admin can delete pending invites in different org in github.com/grafana/grafana

clients

package

v0.0.0-testrgm6 Latest Latest Go to latest Published: Jul 24, 2023 License: AGPL-3.0 Imports: 45 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/grafana/grafana

Documentation ¶

Index ¶

type APIKey
- func ProvideAPIKey(apiKeyService apikey.Service, userService user.Service) *APIKey
- func (s *APIKey) Authenticate(ctx context.Context, r *authn.Request) (*authn.Identity, error)
- func (s *APIKey) Hook(ctx context.Context, identity *authn.Identity, r *authn.Request) error
- func (s *APIKey) Name() string
- func (s *APIKey) Priority() uint
- func (s *APIKey) Test(ctx context.Context, r *authn.Request) bool
type Anonymous
- func ProvideAnonymous(cfg *setting.Cfg, orgService org.Service, anonSessionService anonymous.Service) *Anonymous
- func (a *Anonymous) Authenticate(ctx context.Context, r *authn.Request) (*authn.Identity, error)
- func (a *Anonymous) Name() string
- func (a *Anonymous) Priority() uint
- func (a *Anonymous) Test(ctx context.Context, r *authn.Request) bool
- func (a *Anonymous) UsageStatFn(ctx context.Context) (map[string]interface{}, error)
type Basic
- func ProvideBasic(client authn.PasswordClient) *Basic
- func (c *Basic) Authenticate(ctx context.Context, r *authn.Request) (*authn.Identity, error)
- func (c *Basic) Name() string
- func (c *Basic) Priority() uint
- func (c *Basic) String() string
- func (c *Basic) Test(ctx context.Context, r *authn.Request) bool
type ExtendedJWT
- func ProvideExtendedJWT(userService user.Service, cfg *setting.Cfg, signingKeys signingkeys.Service, ...) *ExtendedJWT
- func (s *ExtendedJWT) Authenticate(ctx context.Context, r *authn.Request) (*authn.Identity, error)
- func (s *ExtendedJWT) Name() string
- func (s *ExtendedJWT) Priority() uint
- func (s *ExtendedJWT) Test(ctx context.Context, r *authn.Request) bool
type ExtendedJWTClaims
type Form
- func ProvideForm(client authn.PasswordClient) *Form
- func (c *Form) Authenticate(ctx context.Context, r *authn.Request) (*authn.Identity, error)
- func (c *Form) Name() string
type Grafana
- func ProvideGrafana(cfg *setting.Cfg, userService user.Service) *Grafana
- func (c *Grafana) AuthenticatePassword(ctx context.Context, r *authn.Request, username, password string) (*authn.Identity, error)
- func (c *Grafana) AuthenticateProxy(ctx context.Context, r *authn.Request, username string, ...) (*authn.Identity, error)
- func (c *Grafana) String() string
type JWT
- func ProvideJWT(jwtService auth.JWTVerifierService, cfg *setting.Cfg) *JWT
- func (s *JWT) Authenticate(ctx context.Context, r *authn.Request) (*authn.Identity, error)
- func (s *JWT) Name() string
- func (s *JWT) Priority() uint
- func (s *JWT) Test(ctx context.Context, r *authn.Request) bool
type LDAP
- func ProvideLDAP(cfg *setting.Cfg, ldapService ldapService) *LDAP
- func (c *LDAP) AuthenticatePassword(ctx context.Context, r *authn.Request, username, password string) (*authn.Identity, error)
- func (c *LDAP) AuthenticateProxy(ctx context.Context, r *authn.Request, username string, _ map[string]string) (*authn.Identity, error)
- func (c *LDAP) String() string
type OAuth
- func ProvideOAuth(name string, cfg *setting.Cfg, oauthCfg *social.OAuthInfo, ...) *OAuth
- func (c *OAuth) Authenticate(ctx context.Context, r *authn.Request) (*authn.Identity, error)
- func (c *OAuth) Name() string
- func (c *OAuth) RedirectURL(ctx context.Context, r *authn.Request) (*authn.Redirect, error)
type Password
- func ProvidePassword(loginAttempts loginattempt.Service, clients ...authn.PasswordClient) *Password
- func (c *Password) AuthenticatePassword(ctx context.Context, r *authn.Request, username, password string) (*authn.Identity, error)
type Proxy
- func ProvideProxy(cfg *setting.Cfg, cache proxyCache, userSrv user.Service, ...) (*Proxy, error)
- func (c *Proxy) Authenticate(ctx context.Context, r *authn.Request) (*authn.Identity, error)
- func (c *Proxy) Hook(ctx context.Context, identity *authn.Identity, r *authn.Request) error
- func (c *Proxy) Name() string
- func (c *Proxy) Priority() uint
- func (c *Proxy) Test(ctx context.Context, r *authn.Request) bool
type Render
- func ProvideRender(userService user.Service, renderService rendering.Service) *Render
- func (c *Render) Authenticate(ctx context.Context, r *authn.Request) (*authn.Identity, error)
- func (c *Render) Name() string
- func (c *Render) Priority() uint
- func (c *Render) Test(ctx context.Context, r *authn.Request) bool
type Session
- func ProvideSession(cfg *setting.Cfg, sessionService auth.UserTokenService, ...) *Session
- func (s *Session) Authenticate(ctx context.Context, r *authn.Request) (*authn.Identity, error)
- func (s *Session) Hook(ctx context.Context, identity *authn.Identity, r *authn.Request) error
- func (s *Session) Name() string
- func (s *Session) Priority() uint
- func (s *Session) Test(ctx context.Context, r *authn.Request) bool

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type APIKey ¶

type APIKey struct {
	// contains filtered or unexported fields
}

func ProvideAPIKey ¶

func ProvideAPIKey(apiKeyService apikey.Service, userService user.Service) *APIKey

func (*APIKey) Authenticate ¶

func (s *APIKey) Authenticate(ctx context.Context, r *authn.Request) (*authn.Identity, error)

func (*APIKey) Hook ¶

func (s *APIKey) Hook(ctx context.Context, identity *authn.Identity, r *authn.Request) error

func (*APIKey) Name ¶

func (s *APIKey) Name() string

func (*APIKey) Priority ¶

func (s *APIKey) Priority() uint

func (*APIKey) Test ¶

func (s *APIKey) Test(ctx context.Context, r *authn.Request) bool

type Anonymous ¶

type Anonymous struct {
	// contains filtered or unexported fields
}

func ProvideAnonymous ¶

func ProvideAnonymous(cfg *setting.Cfg, orgService org.Service, anonSessionService anonymous.Service) *Anonymous

func (*Anonymous) Authenticate ¶

func (a *Anonymous) Authenticate(ctx context.Context, r *authn.Request) (*authn.Identity, error)

func (*Anonymous) Name ¶

func (a *Anonymous) Name() string

func (*Anonymous) Priority ¶

func (a *Anonymous) Priority() uint

func (*Anonymous) Test ¶

func (a *Anonymous) Test(ctx context.Context, r *authn.Request) bool

func (*Anonymous) UsageStatFn ¶

func (a *Anonymous) UsageStatFn(ctx context.Context) (map[string]interface{}, error)

type Basic ¶

type Basic struct {
	// contains filtered or unexported fields
}

func ProvideBasic ¶

func ProvideBasic(client authn.PasswordClient) *Basic

func (*Basic) Authenticate ¶

func (c *Basic) Authenticate(ctx context.Context, r *authn.Request) (*authn.Identity, error)

func (*Basic) Name ¶

func (c *Basic) Name() string

func (*Basic) Priority ¶

func (c *Basic) Priority() uint

func (*Basic) String ¶

func (c *Basic) String() string

func (*Basic) Test ¶

func (c *Basic) Test(ctx context.Context, r *authn.Request) bool

type ExtendedJWT ¶

type ExtendedJWT struct {
	// contains filtered or unexported fields
}

func ProvideExtendedJWT ¶

func ProvideExtendedJWT(userService user.Service, cfg *setting.Cfg, signingKeys signingkeys.Service, oauthServer oauthserver.OAuth2Server) *ExtendedJWT

func (*ExtendedJWT) Authenticate ¶

func (s *ExtendedJWT) Authenticate(ctx context.Context, r *authn.Request) (*authn.Identity, error)

func (*ExtendedJWT) Name ¶

func (s *ExtendedJWT) Name() string

func (*ExtendedJWT) Priority ¶

func (s *ExtendedJWT) Priority() uint

func (*ExtendedJWT) Test ¶

func (s *ExtendedJWT) Test(ctx context.Context, r *authn.Request) bool

type ExtendedJWTClaims ¶

type ExtendedJWTClaims struct {
	jwt.Claims
	ClientID     string              `json:"client_id"`
	Groups       []string            `json:"groups"`
	Email        string              `json:"email"`
	Name         string              `json:"name"`
	Login        string              `json:"login"`
	Scopes       []string            `json:"scope"`
	Entitlements map[string][]string `json:"entitlements"`
}

type Form ¶

type Form struct {
	// contains filtered or unexported fields
}

func ProvideForm ¶

func ProvideForm(client authn.PasswordClient) *Form

func (*Form) Authenticate ¶

func (c *Form) Authenticate(ctx context.Context, r *authn.Request) (*authn.Identity, error)

func (*Form) Name ¶

func (c *Form) Name() string

type Grafana ¶

type Grafana struct {
	// contains filtered or unexported fields
}

func ProvideGrafana ¶

func ProvideGrafana(cfg *setting.Cfg, userService user.Service) *Grafana

func (*Grafana) AuthenticatePassword ¶

func (c *Grafana) AuthenticatePassword(ctx context.Context, r *authn.Request, username, password string) (*authn.Identity, error)

func (*Grafana) AuthenticateProxy ¶

func (c *Grafana) AuthenticateProxy(ctx context.Context, r *authn.Request, username string, additional map[string]string) (*authn.Identity, error)

func (*Grafana) String ¶

func (c *Grafana) String() string

type JWT ¶

type JWT struct {
	// contains filtered or unexported fields
}

func ProvideJWT ¶

func ProvideJWT(jwtService auth.JWTVerifierService, cfg *setting.Cfg) *JWT

func (*JWT) Authenticate ¶

func (s *JWT) Authenticate(ctx context.Context, r *authn.Request) (*authn.Identity, error)

func (*JWT) Name ¶

func (s *JWT) Name() string

func (*JWT) Priority ¶

func (s *JWT) Priority() uint

func (*JWT) Test ¶

func (s *JWT) Test(ctx context.Context, r *authn.Request) bool

type LDAP ¶

type LDAP struct {
	// contains filtered or unexported fields
}

func ProvideLDAP ¶

func ProvideLDAP(cfg *setting.Cfg, ldapService ldapService) *LDAP

func (*LDAP) AuthenticatePassword ¶

func (c *LDAP) AuthenticatePassword(ctx context.Context, r *authn.Request, username, password string) (*authn.Identity, error)

func (*LDAP) AuthenticateProxy ¶

func (c *LDAP) AuthenticateProxy(ctx context.Context, r *authn.Request, username string, _ map[string]string) (*authn.Identity, error)

func (*LDAP) String ¶

func (c *LDAP) String() string

type OAuth ¶

type OAuth struct {
	// contains filtered or unexported fields
}

func ProvideOAuth ¶

func ProvideOAuth(
	name string, cfg *setting.Cfg, oauthCfg *social.OAuthInfo,
	connector social.SocialConnector, httpClient *http.Client,
) *OAuth

func (*OAuth) Authenticate ¶

func (c *OAuth) Authenticate(ctx context.Context, r *authn.Request) (*authn.Identity, error)

func (*OAuth) Name ¶

func (c *OAuth) Name() string

func (*OAuth) RedirectURL ¶

func (c *OAuth) RedirectURL(ctx context.Context, r *authn.Request) (*authn.Redirect, error)

type Password ¶

type Password struct {
	// contains filtered or unexported fields
}

func ProvidePassword ¶

func ProvidePassword(loginAttempts loginattempt.Service, clients ...authn.PasswordClient) *Password

func (*Password) AuthenticatePassword ¶

func (c *Password) AuthenticatePassword(ctx context.Context, r *authn.Request, username, password string) (*authn.Identity, error)

type Proxy ¶

type Proxy struct {
	// contains filtered or unexported fields
}

func ProvideProxy ¶

func ProvideProxy(cfg *setting.Cfg, cache proxyCache, userSrv user.Service, clients ...authn.ProxyClient) (*Proxy, error)

func (*Proxy) Authenticate ¶

func (c *Proxy) Authenticate(ctx context.Context, r *authn.Request) (*authn.Identity, error)

func (*Proxy) Hook ¶

func (c *Proxy) Hook(ctx context.Context, identity *authn.Identity, r *authn.Request) error

func (*Proxy) Name ¶

func (c *Proxy) Name() string

func (*Proxy) Priority ¶

func (c *Proxy) Priority() uint

func (*Proxy) Test ¶

func (c *Proxy) Test(ctx context.Context, r *authn.Request) bool

type Render ¶

type Render struct {
	// contains filtered or unexported fields
}

func ProvideRender ¶

func ProvideRender(userService user.Service, renderService rendering.Service) *Render

func (*Render) Authenticate ¶

func (c *Render) Authenticate(ctx context.Context, r *authn.Request) (*authn.Identity, error)

func (*Render) Name ¶

func (c *Render) Name() string

func (*Render) Priority ¶

func (c *Render) Priority() uint

func (*Render) Test ¶

func (c *Render) Test(ctx context.Context, r *authn.Request) bool

type Session ¶

type Session struct {
	// contains filtered or unexported fields
}

func ProvideSession ¶

func ProvideSession(cfg *setting.Cfg, sessionService auth.UserTokenService, features *featuremgmt.FeatureManager) *Session

func (*Session) Authenticate ¶

func (s *Session) Authenticate(ctx context.Context, r *authn.Request) (*authn.Identity, error)

func (*Session) Hook ¶

func (s *Session) Hook(ctx context.Context, identity *authn.Identity, r *authn.Request) error

func (*Session) Name ¶

func (s *Session) Name() string

func (*Session) Priority ¶

func (s *Session) Priority() uint

func (*Session) Test ¶

func (s *Session) Test(ctx context.Context, r *authn.Request) bool

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL