* chore: bump authlib/types to v0.0.0-20251119142549-be091cf2f4d4
Signed-off-by: Maicon Costa <maiconscosta@gmail.com>
* Update Go Workspace
Signed-off-by: Maicon Costa <maiconscosta@gmail.com>
* Stop supporting deprecated namespace format in TestExtendedJWT_Authenticate
Signed-off-by: Maicon Costa <maiconscosta@gmail.com>
* Update go mod
Signed-off-by: Maicon Costa <maiconscosta@gmail.com>
---------
Signed-off-by: Maicon Costa <maiconscosta@gmail.com>
* go get github.com/grafana/grafana-plugin-sdk-go@v0.281.0
* make update-workspace
* updated failing unit test
* disable deprecation warnings
* datasources: allow underscore-prefixed local time range
* updated go.work.sum
* name field must match either k8s regex or grafana legacy uid regex. Adds tests.
* moves invalid test to being valid
* uses new US naming validation for kv store validation
* fix function name and update key regex
* fix comment
* use correct errs var
* updates kv key tests
* Chore: Update authlib
* exclude incompatible version of github.com/grafana/gomemcache
* Update go-jose to v4
* fix jose imports
* remove jose v3 from go.mod
* fix tests
* fix serialize
* fix failing live tests
* add v1 of ES256 testkeys. Port tests to use ES256 instead of HS256
* accept more signature algs for okta and azuread
* azure social graph token sig
* accept more signature algs for oauth refresh and jwt auth
* update workspace
* add a static signer for inproc
* rebase and fix ext_jwt
* fix jwt tests
* apply alex patch on gomemcache
* update linting
* fix ext_jwt panic
* update workspaces
---------
Co-authored-by: Jo Garnier <git@jguer.space>
* remove drone & dead code in pkg/build; update go modules
* remove .drone.star
* Remove drone scripts and drone references in Makefile
* make update-workspace
* remove deadcode tool
* Remove daggerbuild/scripts: deadcode
* Remove drone files / folders in CODEOWNERS
* make update-workspace
* remove more dead code
* Auth: Add functional option for static requester methods
Initially supporting WithServiceIdentityName to set a ServiceIdentity
inside the Claims.Rest object, so that Secrets Manager can parse
the service requesting secret decryption.
On Secret creation, the service will have to pass its identity
(which is a freeform string) to the SecureValues' Decrypters object.
This field gates which services are allowed to decrypt the SecureValue.
And upon decryption, the service should build a static identity with
that same service identity name when calling the decrypt service.
* StaticRequester: Put secret decrypt permission in access token claims
* StaticRequester: Inline getTokenPermissions function
* wip
* Use serviceaccount model from /apps/iam
* revert version update
* Add tembinding, userteam, other improvements
* Change serviceaccounttoken spec
* Revert the change of ServiceAccountToken
* Revert the change of UserTeam
* Clean up
* Remove files that are not needed for now
* Lint
* Update sql query's integration tests
* Fix tests
* update openapi spec
* Move LastSeenAt to the annotations
* Updte openapi_snapshots
* Change lastSeenAt annotation name
