public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
62,065 Commits 655 Branches 650 Tags
f2f1663dba8a5f6884df19bebd2dbe61c831d8d5
Commit Graph

18 Commits

Author SHA1 Message Date
Matheus Macabu cfb5f5601f Secrets: Add inline secure value can reference method (#108965) 2025-07-31 16:42:40 +02:00
Matheus Macabu 8dda9da035 Dependencies: Bump authlib to support service identity in claims (#105513) 2025-05-16 10:52:30 +03:00
Karl Persson 16fda6f686 Authz: Setup access claims for service identity (#100986) 
* Setup access claims for service identity and add them to identityes without any claims
 2025-02-20 13:54:47 +01:00
Ryan McKinley 680e6bc1f8 Authlib: Use types package rather than claims (#99243) 2025-01-21 12:06:55 +03:00
Karl Persson 3a17d0c927 IAM: align AuthInfo interface (#97228) 
* Update to use updated interface
 2024-12-03 15:11:17 +01:00
Karl Persson 76f052e8de Requester: Remove duplicated function (#97038) 
* Remove duplicated function

* Remove GetDisplayName from interface

* Use GetName
 2024-11-26 15:29:31 +01:00
Karl Persson 3990637af9 IAM: remove duplicated functions (#96989) 
* Remove duplicated function and use the one provided by claims package
 2024-11-26 09:22:45 +01:00
Karl Persson 8d74296b6c Authn: Always set namespace (#96230) 
* Rename from AllowedKubernetesNamespace to Namespace

* Use a sync hook to always set namespace for Identity.

* format

* Don't set uid when authenticating as user
 2024-11-12 10:12:47 +01:00
Claudiu Dragalina-Paraipan a8b07b0c81 [authn] use authlib client+interceptors for in-proc mode (#93124) 
* Add authlib gRPC authenticators for in-proc mode

* implement `StaticRequester` signing in the unified resource client
- [x] when the `claims.AuthInfo` value type is `identity.StaticRequester`, and there's no ID token set, create an internal token and sign it with symmetrical key. This is a workaround for `go-jose` not offering the possibility to create an unsigned token.
- [x] update `IDClaimsWrapper` to support the scenario above
- [x] Switch to using `claims.From()` in `dashboardSqlAccess.SaveDashboard()`

---------

Co-authored-by: gamab <gabriel.mabille@grafana.com>
 2024-09-24 09:03:48 +03:00
Karl Persson 8bcd9c2594 Identity: Remove typed id (#91801) 
* Refactor identity struct to store type in separate field

* Update ResolveIdentity to take string representation of typedID

* Add IsIdentityType to requester interface

* Use IsIdentityType from interface

* Remove usage of TypedID

* Remote typedID struct

* fix GetInternalID
 2024-08-13 10:18:28 +02:00
Ryan McKinley 21d4a4f49e Auth: use IdentityType from authlib (#91763) 2024-08-12 09:26:53 +03:00
Ryan McKinley 243c0935fc Auth: Use claims.AuthInfo in requester (#91739) 2024-08-09 19:46:56 +03:00
Karl Persson bcfb66b416 Identity: remove GetTypedID (#91745) 2024-08-09 18:20:24 +03:00
Claudiu Dragalina-Paraipan e2435f92f1 [authn]: add GetIDClaims() to Requester (#91387) 
* authn: add GetIDClaims() to Requester

Co-Authored-By: Gabriel MABILLE <gamab@users.noreply.github.com>

* authn: update StaticRequester

Co-Authored-By: Gabriel MABILLE <gamab@users.noreply.github.com>

* update auth/idtest/mock

Co-Authored-By: Gabriel MABILLE <gamab@users.noreply.github.com>

* Fix test

Co-authored-by: Claudiu Dragalina-Paraipan <claudiu.dragalina@grafana.com>

---------

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: gamab <gabriel.mabille@grafana.com>
 2024-08-02 12:36:02 +03:00
Ryan McKinley 728150bdbd Identity: extend k8s user.Info (#90937) 2024-07-30 08:27:23 +03:00
Ryan McKinley 9db3bc926e Identity: Rename "namespace" to "type" in the requester interface (#90567) 2024-07-25 12:52:14 +03:00
Charandas c210617735 K8s: use contexthandler in standalone handler chain (#90102) 2024-07-08 12:22:10 -07:00
Ryan McKinley 2173429ce2 Identity: Add static requester struct (#89190) 2024-06-14 09:04:06 +03:00