login

package

v11.1.4-modfix Latest Latest Go to latest Published: Aug 20, 2024 License: AGPL-3.0 Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/minicali/grafana

Documentation ¶

Index ¶

Constants
func GetAuthProviderLabel(authModule string) string
func IsExternallySynced(cfg *setting.Cfg, authModule string, oauthInfo *social.OAuthInfo) bool
func IsGrafanaAdminExternallySynced(cfg *setting.Cfg, oauthInfo *social.OAuthInfo, authModule string) bool
func IsProviderEnabled(cfg *setting.Cfg, authModule string, oauthInfo *social.OAuthInfo) bool
type AuthInfoService
type DeleteAuthInfoCommand
type ExternalUserInfo
- func (e *ExternalUserInfo) String() string
type GetAuthInfoQuery
type GetUserByAuthInfoQuery
type GetUserLabelsQuery
type LoginInfo
type LoginUserQuery
type RequestURIKey
type SetAuthInfoCommand
type Store
type UpdateAuthInfoCommand
type UserAuth
type UserLookupParams
type UserProtectionService

Constants ¶

View Source

const (
	// modules
	PasswordAuthModule  = "password"
	APIKeyAuthModule    = "apikey"
	SAMLAuthModule      = "auth.saml"
	LDAPAuthModule      = "ldap"
	AuthProxyAuthModule = "authproxy"
	JWTModule           = "jwt"
	ExtendedJWTModule   = "extendedjwt"
	RenderModule        = "render"
	// OAuth provider modules
	AzureADAuthModule    = "oauth_azuread"
	GoogleAuthModule     = "oauth_google"
	GitLabAuthModule     = "oauth_gitlab"
	GithubAuthModule     = "oauth_github"
	GenericOAuthModule   = "oauth_generic_oauth"
	GrafanaComAuthModule = "oauth_grafana_com"
	GrafanaNetAuthModule = "oauth_grafananet"
	OktaAuthModule       = "oauth_okta"

	// labels
	SAMLLabel = "SAML"
	LDAPLabel = "LDAP"
	JWTLabel  = "JWT"
	// OAuth provider labels
	AuthProxyLabel    = "Auth Proxy"
	AzureADLabel      = "AzureAD"
	GoogleLabel       = "Google"
	GenericOAuthLabel = "Generic OAuth"
	GitLabLabel       = "GitLab"
	GithubLabel       = "GitHub"
	GrafanaComLabel   = "grafana.com"
	OktaLabel         = "Okta"
)

Variables ¶

This section is empty.

Functions ¶

func GetAuthProviderLabel ¶

func GetAuthProviderLabel(authModule string) string

used for frontend to display a more user friendly label

func IsExternallySynced ¶

func IsExternallySynced(cfg *setting.Cfg, authModule string, oauthInfo *social.OAuthInfo) bool

IsExternnalySynced is used to tell if the user roles are externally synced true means that the org role sync is handled by Grafana Note: currently the users authinfo is overridden each time the user logs in https://github.com/grafana/grafana/blob/4181acec72f76df7ad02badce13769bae4a1f840/pkg/services/login/authinfoservice/database/database.go#L61 this means that if the user has multiple auth providers and one of them is set to sync org roles then IsExternallySynced will be true for this one provider and false for the others

func IsGrafanaAdminExternallySynced ¶

func IsGrafanaAdminExternallySynced(cfg *setting.Cfg, oauthInfo *social.OAuthInfo, authModule string) bool

IsGrafanaAdminExternallySynced returns true if Grafana server admin role is being managed by an external auth provider, and false otherwise. Grafana admin role sync is available for JWT, OAuth providers and LDAP. For JWT and OAuth providers there is an additional config option `allow_assign_grafana_admin` that has to be enabled for Grafana Admin role to be synced.

func IsProviderEnabled ¶

func IsProviderEnabled(cfg *setting.Cfg, authModule string, oauthInfo *social.OAuthInfo) bool

Types ¶

type AuthInfoService ¶

type AuthInfoService interface {
	GetAuthInfo(ctx context.Context, query *GetAuthInfoQuery) (*UserAuth, error)
	GetUserLabels(ctx context.Context, query GetUserLabelsQuery) (map[int64]string, error)
	SetAuthInfo(ctx context.Context, cmd *SetAuthInfoCommand) error
	UpdateAuthInfo(ctx context.Context, cmd *UpdateAuthInfoCommand) error
	DeleteUserAuthInfo(ctx context.Context, userID int64) error
}

type DeleteAuthInfoCommand ¶

type DeleteAuthInfoCommand struct {
	UserAuth *UserAuth
}

type ExternalUserInfo ¶

type ExternalUserInfo struct {
	OAuthToken     *oauth2.Token
	AuthModule     string
	AuthId         string
	UserId         int64
	Email          string
	Login          string
	Name           string
	Groups         []string
	OrgRoles       map[int64]org.RoleType
	IsGrafanaAdmin *bool // This is a pointer to know if we should sync this or not (nil = ignore sync)
	IsDisabled     bool
	SkipTeamSync   bool
}

func (*ExternalUserInfo) String ¶

func (e *ExternalUserInfo) String() string

type GetAuthInfoQuery ¶

type GetAuthInfoQuery struct {
	UserId     int64
	AuthModule string
	AuthId     string
}

type GetUserByAuthInfoQuery ¶

type GetUserByAuthInfoQuery struct {
	AuthModule string
	AuthId     string
	UserLookupParams
}

type GetUserLabelsQuery ¶

type GetUserLabelsQuery struct {
	UserIDs []int64
}

type LoginInfo ¶

type LoginInfo struct {
	AuthModule    string
	User          *user.User
	ExternalUser  ExternalUserInfo
	LoginUsername string
	HTTPStatus    int
	Error         error
}

type LoginUserQuery ¶

type LoginUserQuery struct {
	ReqContext *contextmodel.ReqContext
	Username   string
	Password   string
	User       *user.User
	IpAddress  string
	AuthModule string
	Cfg        *setting.Cfg
}

type RequestURIKey ¶

type RequestURIKey struct{}

RequestURIKey is used as key to save request URI in contexts (used for the Enterprise auditing feature)

type SetAuthInfoCommand ¶

type SetAuthInfoCommand struct {
	AuthModule string
	AuthId     string
	UserId     int64
	OAuthToken *oauth2.Token
}

type Store ¶

type Store interface {
	GetAuthInfo(ctx context.Context, query *GetAuthInfoQuery) (*UserAuth, error)
	GetUserLabels(ctx context.Context, query GetUserLabelsQuery) (map[int64]string, error)
	SetAuthInfo(ctx context.Context, cmd *SetAuthInfoCommand) error
	UpdateAuthInfo(ctx context.Context, cmd *UpdateAuthInfoCommand) error
	DeleteUserAuthInfo(ctx context.Context, userID int64) error
}

type UpdateAuthInfoCommand ¶

type UpdateAuthInfoCommand struct {
	AuthModule string
	AuthId     string
	UserId     int64
	OAuthToken *oauth2.Token
}

type UserAuth ¶

type UserAuth struct {
	Id                int64
	UserId            int64
	AuthModule        string
	AuthId            string
	Created           time.Time
	OAuthAccessToken  string
	OAuthRefreshToken string
	OAuthIdToken      string
	OAuthTokenType    string
	OAuthExpiry       time.Time
}

type UserLookupParams ¶

type UserLookupParams struct {
	// Describes lookup order as well
	Email *string // if set, will try to find the user by email
	Login *string // if set, will try to find the user by login
}

type UserProtectionService ¶

type UserProtectionService interface {
	AllowUserMapping(user *user.User, authModule string) error
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
authinfoimpl
authinfotest

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL