grafana

Author	SHA1	Message	Date
Sofia Papagiannaki	58b7ae14ce	[v8.5.x] Chore: Release 8.5.14 (#56698 ) * remove support for v1 (cherry picked from commit 8630a7a991af74edc4030f57d37a4bc263202fde) * Security: Make proxy endpoints not leak sensitive HTTP headers Fixes CVE-2022-31130 (cherry picked from commit 2974574a53ab6d26be7b706e76271173a91fea3a) * Security: Fix do not forward login cookie in outgoing requests (cherry picked from commit 54a32fc83b233f5910495b5fcca0b4f881221538) * Add test for username/login field conflict (cherry picked from commit `7aabcf2694`) * Swap order of login fields (cherry picked from commit `5ec176cada`) * "Release: Updated versions in package to 8.5.14" (#547) Co-authored-by: Will Browne <will.browne@grafana.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: linoman <2051016+linoman@users.noreply.github.com> Co-authored-by: Grot (@grafanabot) <43478413+grafanabot@users.noreply.github.com>	2022-10-11 15:25:10 +03:00
Serge Zaitsev	7729b14da3	Chore: Remove bus (#47511 ) (#47677 ) * Chore: Remove bus * remove unused const (cherry picked from commit `18e93c7077`)	2022-04-13 11:51:21 +02:00
Grot (@grafanabot)	5721ff9689	Chore: Remove bus from contexthandler (#47458 ) (#47636 ) * Chore: remove bus from contexthandler * remove bus from orgredirect (cherry picked from commit `2cf88cfec8`) Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>	2022-04-12 22:31:53 +02:00
Grot (@grafanabot)	556178c714	Chore: Remove bus from contexthandler (#47374 ) (#47616 ) * Chore: Remove bus from contexthandler * fix tests * try different wire binding * maybe remove a few more dispatches * fix tests (cherry picked from commit `d153d896c5`) Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>	2022-04-12 12:05:27 +02:00
Serge Zaitsev	3a7fc80948	Chore: Remove last bus parts from login package (#47313 ) * Chore: Remove last bus parts from login package * fix middleware tests	2022-04-06 08:45:01 +02:00
Serge Zaitsev	33006436cc	Chore: Remove bus.Dispatch from some login packages (#47248 ) * Chore: Remove bus.Dispatch from some login packages * remove debug log Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> * remove login.Init() * remove unused reset function * remove AuthenticateUserFunc global * swap conditional branches Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> * fix formatting Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>	2022-04-04 20:36:15 +02:00
idafurjes	7936c4c522	Rename AddHandlerCtx to AddHandler (#43557 )	2021-12-28 16:08:07 +01:00
idafurjes	e6123bc3ef	Replace AddHandler with AddHandlerCtx in tests (#42585 )	2021-12-01 15:43:31 +01:00
Carl Bergquist	4710566514	bus: add ctx for all signed in user queries (#33970 ) Signed-off-by: bergquist <carl.bergquist@gmail.com>	2021-05-18 18:24:42 +02:00
Arve Knudsen	12661e8a9d	Move middleware context handler logic to service (#29605 ) * middleware: Move context handler to own service Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Emil Tullsted <sakjur@users.noreply.github.com> Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>	2020-12-11 11:44:44 +01:00
Arve Knudsen	4e0ad50102	middleware: Make scenario test functions take a testing.T argument (#29564 ) Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>	2020-12-04 11:09:32 +01:00
Arve Knudsen	58dbf96a12	Middleware: Rewrite tests to use standard library (#29535 ) * middleware: Rewrite tests to use standard library Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>	2020-12-03 08:28:54 +01:00
Arve Knudsen	35e0e078b7	pkg/util: Check errors (#19832 ) * pkg/util: Check errors * pkg/services: DRY up code	2019-10-23 10:40:12 +02:00
Oleg Gaidarenko	d88fdc86fc	Auth: Do not search for the user twice (#18366 ) * Auth: Do not search for the user twice Previously `initContextWithBasicAuth` did not use `LoginUserQuery`, doing `GetUserByLoginQuery` only i.e. looking user in DB only, things changed when this function started to check LDAP provider via `LoginUserQuery` (#6940), however, this request was placed after `GetUserByLoginQuery`, so we first looking in DB then in the LDAP - if LDAP user hasn't logged in we will not find it in DB, so `LoginUserQuery` will never be reached. `LoginUserQuery` request already performs `GetUserByLoginQuery` request in correct sequence. So we can just remove redundant request. * Correct sequence execution during authentification & introduce tests for it * Move basic auth tests to separate test file, since main test file already pretty large * Introduce `testing.go` for the middleware module * Remove redundant test helper function * Make handler names more explicit Ref `5777f65d05` Fixes #18329 * Auth: address review comment	2019-08-03 21:50:05 +02:00

14 Commits