AuthN: Remove embedded oauth server (#83146)

* AuthN: Remove embedded oauth server * Restore main * go mod tidy * Fix problem * Remove permission intersection * Fix test and lint * Fix TestData test * Revert to origin/main * Update go.mod * Update go.mod * Update go.sum
2024-02-26 11:29:09 +01:00
parent d0679f0993
commit 80d6bf6da0
55 changed files with 46 additions and 5631 deletions
@@ -7,7 +7,6 @@ import (
 )

 const (
-	OAuth2Server    AuthProvider = "OAuth2Server"
 	ServiceAccounts AuthProvider = "ServiceAccounts"

 	// TmpOrgID is the orgID we use while global service accounts are not supported.
@@ -40,23 +39,9 @@ type SelfCfg struct {
 	Permissions []accesscontrol.Permission
 }

-type ImpersonationCfg struct {
-	// Enabled allows the service to request access tokens to impersonate users
-	Enabled bool
-	// Groups allows the service to list the impersonated user's teams
-	Groups bool
-	// Permissions are the permissions that the external service needs when impersonating a user.
-	// The intersection of this set with the impersonated user's permission guarantees that the client will not
-	// gain more privileges than the impersonated user has and vice versa.
-	Permissions []accesscontrol.Permission
-}
-
 // ExternalServiceRegistration represents the registration form to save new client.
 type ExternalServiceRegistration struct {
 	Name string
-	// Impersonation access configuration
-	// (this is not available on all auth providers)
-	Impersonation ImpersonationCfg
 	// Self access configuration
 	Self SelfCfg
 	// Auth Provider that the client will use to connect to Grafana