connectors

package
v11.1.4-modfix Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 20, 2024 License: AGPL-3.0 Imports: 38 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrIDTokenNotFound = errors.New("id_token not found")
	ErrEmailNotFound   = errors.New("error getting user info: no email found in access token")
)
View Source 
var (
	ErrMissingTeamMembership = errutil.Unauthorized(
		"auth.missing_team",
		errutil.WithPublicMessage(
			"User is not a member of one of the required teams. Please contact identity provider administrator."))
	ErrMissingOrganizationMembership = errutil.Unauthorized(
		"auth.missing_organization",
		errutil.WithPublicMessage(
			"User is not a member of one of the required organizations. Please contact identity provider administrator."))
)
View Source 
var (
	ExtraAzureADSettingKeys = map[string]ExtraKeyInfo{
		// contains filtered or unexported fields
	}
)
View Source 
var ExtraGenericOAuthSettingKeys = map[string]ExtraKeyInfo{
	// contains filtered or unexported fields
}
View Source 
var ExtraGithubSettingKeys = map[string]ExtraKeyInfo{
	// contains filtered or unexported fields
}
View Source 
var ExtraGoogleSettingKeys = map[string]ExtraKeyInfo{
	// contains filtered or unexported fields
}
View Source 
var ExtraGrafanaComSettingKeys = map[string]ExtraKeyInfo{
	// contains filtered or unexported fields
}

Functions

func CreateOAuthInfoFromKeyValues 

func CreateOAuthInfoFromKeyValues(settingsKV map[string]any) (*social.OAuthInfo, error)

CreateOAuthInfoFromKeyValues creates an OAuthInfo struct from a map[string]any using mapstructure it puts all extra key values into OAuthInfo's Extra map

func MustBool 

func MustBool(value any, defaultValue bool) bool

Types

type ExtraFieldType 

type ExtraFieldType int
const (
	String ExtraFieldType = iota
	Bool
)

type ExtraKeyInfo 

type ExtraKeyInfo struct {
	Type         ExtraFieldType
	DefaultValue any
}

type GithubTeam 

type GithubTeam struct {
	Id           int    `json:"id"`
	Slug         string `json:"slug"`
	URL          string `json:"html_url"`
	Organization struct {
		Login string `json:"login"`
	} `json:"organization"`
	Parent *struct {
		Id int `json:"id"`
	} `json:"parent"`
}

func (*GithubTeam) GetShorthand 

func (t *GithubTeam) GetShorthand() (string, error)

type MappingConfiguration 

type MappingConfiguration struct {
	// contains filtered or unexported fields
}

MappingConfiguration represents the mapping configuration from external orgs to Grafana orgs and roles. orgMapping: mapping from external orgs to Grafana orgs and roles strictRoleMapping: if true, the mapper ensures that the evaluated role from orgMapping or the directlyMappedRole is a valid role, otherwise it will return nil.

type OktaClaims 

type OktaClaims struct {
	ID                string `json:"sub"`
	Email             string `json:"email"`
	PreferredUsername string `json:"preferred_username"`
	Name              string `json:"name"`
}

type OktaUserInfoJson 

type OktaUserInfoJson struct {
	Name        string              `json:"name"`
	DisplayName string              `json:"display_name"`
	Login       string              `json:"login"`
	Username    string              `json:"username"`
	Email       string              `json:"email"`
	Upn         string              `json:"upn"`
	Attributes  map[string][]string `json:"attributes"`
	Groups      []string            `json:"groups"`
	// contains filtered or unexported fields
}

type OrgRecord 

type OrgRecord struct {
	Login string `json:"login"`
}

type OrgRoleMapper 

type OrgRoleMapper struct {
	// contains filtered or unexported fields
}

OrgRoleMapper maps external orgs/groups to Grafana orgs and basic roles.

func ProvideOrgRoleMapper 

func ProvideOrgRoleMapper(cfg *setting.Cfg, orgService org.Service) *OrgRoleMapper

func (*OrgRoleMapper) MapOrgRoles 

func (m *OrgRoleMapper) MapOrgRoles(
	mappingCfg *MappingConfiguration,
	externalOrgs []string,
	directlyMappedRole org.RoleType,
) map[int64]org.RoleType

MapOrgRoles maps the external orgs/groups to Grafana orgs and roles. It returns a map or orgID to role.

mappingCfg: mapping configuration from external orgs to Grafana orgs and roles. Use `ParseOrgMappingSettings` to convert the raw setting to this format.

externalOrgs: list of orgs/groups from the provider

directlyMappedRole: role that is directly mapped to the user (ex: through `role_attribute_path`)

func (*OrgRoleMapper) ParseOrgMappingSettings 

func (m *OrgRoleMapper) ParseOrgMappingSettings(ctx context.Context, mappings []string, roleStrict bool) *MappingConfiguration

ParseOrgMappingSettings parses the `org_mapping` setting and returns an internal representation of the mapping. If the roleStrict is enabled, the mapping should contain a valid role for each org. FIXME: Consider introducing a struct to represent the org mapping settings

type SocialAzureAD 

type SocialAzureAD struct {
	*SocialBase
	// contains filtered or unexported fields
}

func NewAzureADProvider 

func NewAzureADProvider(info *social.OAuthInfo, cfg *setting.Cfg, orgRoleMapper *OrgRoleMapper, ssoSettings ssosettings.Service, features featuremgmt.FeatureToggles, cache remotecache.CacheStorage) *SocialAzureAD

func (*SocialAzureAD) Reload 

func (s *SocialAzureAD) Reload(ctx context.Context, settings ssoModels.SSOSettings) error

func (*SocialAzureAD) SupportBundleContent 

func (s *SocialAzureAD) SupportBundleContent(bf *bytes.Buffer) error

func (*SocialAzureAD) UserInfo 

func (s *SocialAzureAD) UserInfo(ctx context.Context, client *http.Client, token *oauth2.Token) (*social.BasicUserInfo, error)

func (*SocialAzureAD) Validate 

func (s *SocialAzureAD) Validate(ctx context.Context, settings ssoModels.SSOSettings, _ ssoModels.SSOSettings, requester identity.Requester) error

type SocialBase 

type SocialBase struct {
	*oauth2.Config
	// contains filtered or unexported fields
}

func (*SocialBase) AuthCodeURL 

func (s *SocialBase) AuthCodeURL(state string, opts ...oauth2.AuthCodeOption) string

func (*SocialBase) Client 

func (s *SocialBase) Client(ctx context.Context, t *oauth2.Token) *http.Client

func (*SocialBase) Exchange 

func (s *SocialBase) Exchange(ctx context.Context, code string, opts ...oauth2.AuthCodeOption) (*oauth2.Token, error)

func (*SocialBase) GetOAuthInfo 

func (s *SocialBase) GetOAuthInfo() *social.OAuthInfo

func (*SocialBase) IsEmailAllowed 

func (s *SocialBase) IsEmailAllowed(email string) bool

func (*SocialBase) IsSignupAllowed 

func (s *SocialBase) IsSignupAllowed() bool

func (*SocialBase) SupportBundleContent 

func (s *SocialBase) SupportBundleContent(bf *bytes.Buffer) error

func (*SocialBase) TokenSource 

func (s *SocialBase) TokenSource(ctx context.Context, t *oauth2.Token) oauth2.TokenSource

type SocialError 

type SocialError struct {
	// contains filtered or unexported fields
}

SocialError is a custom error type for social connectors to provide a public message when the connector expectaions are not met.

func (SocialError) Error 

func (e SocialError) Error() string

type SocialGenericOAuth 

type SocialGenericOAuth struct {
	*SocialBase
	// contains filtered or unexported fields
}

func NewGenericOAuthProvider 

func NewGenericOAuthProvider(info *social.OAuthInfo, cfg *setting.Cfg, orgRoleMapper *OrgRoleMapper, ssoSettings ssosettings.Service, features featuremgmt.FeatureToggles) *SocialGenericOAuth

func (*SocialGenericOAuth) Reload 

func (s *SocialGenericOAuth) Reload(ctx context.Context, settings ssoModels.SSOSettings) error

func (*SocialGenericOAuth) SupportBundleContent 

func (s *SocialGenericOAuth) SupportBundleContent(bf *bytes.Buffer) error

func (*SocialGenericOAuth) UserInfo 

func (s *SocialGenericOAuth) UserInfo(ctx context.Context, client *http.Client, token *oauth2.Token) (*social.BasicUserInfo, error)

func (*SocialGenericOAuth) Validate 

func (s *SocialGenericOAuth) Validate(ctx context.Context, settings ssoModels.SSOSettings, _ ssoModels.SSOSettings, requester identity.Requester) error

type SocialGithub 

type SocialGithub struct {
	*SocialBase
	// contains filtered or unexported fields
}

func NewGitHubProvider 

func NewGitHubProvider(info *social.OAuthInfo, cfg *setting.Cfg, orgRoleMapper *OrgRoleMapper, ssoSettings ssosettings.Service, features featuremgmt.FeatureToggles) *SocialGithub

func (*SocialGithub) Reload 

func (s *SocialGithub) Reload(ctx context.Context, settings ssoModels.SSOSettings) error

func (*SocialGithub) UserInfo 

func (s *SocialGithub) UserInfo(ctx context.Context, client *http.Client, token *oauth2.Token) (*social.BasicUserInfo, error)

func (*SocialGithub) Validate 

func (s *SocialGithub) Validate(ctx context.Context, settings ssoModels.SSOSettings, _ ssoModels.SSOSettings, requester identity.Requester) error

type SocialGitlab 

type SocialGitlab struct {
	*SocialBase
}

func NewGitLabProvider 

func NewGitLabProvider(info *social.OAuthInfo, cfg *setting.Cfg, orgRoleMapper *OrgRoleMapper, ssoSettings ssosettings.Service, features featuremgmt.FeatureToggles) *SocialGitlab

func (*SocialGitlab) Reload 

func (s *SocialGitlab) Reload(ctx context.Context, settings ssoModels.SSOSettings) error

func (*SocialGitlab) UserInfo 

func (s *SocialGitlab) UserInfo(ctx context.Context, client *http.Client, token *oauth2.Token) (*social.BasicUserInfo, error)

func (*SocialGitlab) Validate 

func (s *SocialGitlab) Validate(ctx context.Context, settings ssoModels.SSOSettings, _ ssoModels.SSOSettings, requester identity.Requester) error

type SocialGoogle 

type SocialGoogle struct {
	*SocialBase
	// contains filtered or unexported fields
}

func NewGoogleProvider 

func NewGoogleProvider(info *social.OAuthInfo, cfg *setting.Cfg, orgRoleMapper *OrgRoleMapper, ssoSettings ssosettings.Service, features featuremgmt.FeatureToggles) *SocialGoogle

func (*SocialGoogle) AuthCodeURL 

func (s *SocialGoogle) AuthCodeURL(state string, opts ...oauth2.AuthCodeOption) string

func (*SocialGoogle) Reload 

func (s *SocialGoogle) Reload(ctx context.Context, settings ssoModels.SSOSettings) error

func (*SocialGoogle) UserInfo 

func (s *SocialGoogle) UserInfo(ctx context.Context, client *http.Client, token *oauth2.Token) (*social.BasicUserInfo, error)

func (*SocialGoogle) Validate 

func (s *SocialGoogle) Validate(ctx context.Context, settings ssoModels.SSOSettings, _ ssoModels.SSOSettings, requester identity.Requester) error

type SocialGrafanaCom 

type SocialGrafanaCom struct {
	*SocialBase
	// contains filtered or unexported fields
}

func NewGrafanaComProvider 

func NewGrafanaComProvider(info *social.OAuthInfo, cfg *setting.Cfg, orgRoleMapper *OrgRoleMapper, ssoSettings ssosettings.Service, features featuremgmt.FeatureToggles) *SocialGrafanaCom

func (*SocialGrafanaCom) IsEmailAllowed 

func (s *SocialGrafanaCom) IsEmailAllowed(email string) bool

func (*SocialGrafanaCom) Reload 

func (s *SocialGrafanaCom) Reload(ctx context.Context, settings ssoModels.SSOSettings) error

func (*SocialGrafanaCom) UserInfo 

func (s *SocialGrafanaCom) UserInfo(ctx context.Context, client *http.Client, _ *oauth2.Token) (*social.BasicUserInfo, error)

UserInfo is used for login credentials for the user

func (*SocialGrafanaCom) Validate 

func (s *SocialGrafanaCom) Validate(ctx context.Context, settings ssoModels.SSOSettings, _ ssoModels.SSOSettings, requester identity.Requester) error

type SocialOkta 

type SocialOkta struct {
	*SocialBase
}

func NewOktaProvider 

func NewOktaProvider(info *social.OAuthInfo, cfg *setting.Cfg, orgRoleMapper *OrgRoleMapper, ssoSettings ssosettings.Service, features featuremgmt.FeatureToggles) *SocialOkta

func (*SocialOkta) Reload 

func (s *SocialOkta) Reload(ctx context.Context, settings ssoModels.SSOSettings) error

func (*SocialOkta) UserInfo 

func (s *SocialOkta) UserInfo(ctx context.Context, client *http.Client, token *oauth2.Token) (*social.BasicUserInfo, error)

func (*SocialOkta) Validate 

func (s *SocialOkta) Validate(ctx context.Context, settings ssoModels.SSOSettings, _ ssoModels.SSOSettings, requester identity.Requester) error

type UserInfoJson 

type UserInfoJson struct {
	Sub         string              `json:"sub"`
	Name        string              `json:"name"`
	DisplayName string              `json:"display_name"`
	Login       string              `json:"login"`
	Username    string              `json:"username"`
	Email       string              `json:"email"`
	Upn         string              `json:"upn"`
	Attributes  map[string][]string `json:"attributes"`
	// contains filtered or unexported fields
}

func (*UserInfoJson) String 

func (info *UserInfoJson) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.