Claudiu Dragalina-Paraipan
05ab4cdd1f
authz: use authlib client Co-authored-by: Gabriel MABILLE <gabriel.mabille@grafana.com>
60 lines
1.3 KiB
Go
60 lines
1.3 KiB
Go
package authz
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"github.com/grafana/grafana/pkg/setting"
|
|
)
|
|
|
|
type Mode string
|
|
|
|
func (s Mode) IsValid() bool {
|
|
switch s {
|
|
case ModeGRPC, ModeInProc, ModeCloud:
|
|
return true
|
|
}
|
|
return false
|
|
}
|
|
|
|
const (
|
|
ModeGRPC Mode = "grpc"
|
|
ModeInProc Mode = "inproc"
|
|
ModeCloud Mode = "cloud"
|
|
)
|
|
|
|
type Cfg struct {
|
|
remoteAddress string
|
|
listen bool
|
|
mode Mode
|
|
|
|
token string
|
|
tokenExchangeURL string
|
|
tokenNamespace string
|
|
}
|
|
|
|
func ReadCfg(cfg *setting.Cfg) (*Cfg, error) {
|
|
section := cfg.SectionWithEnvOverrides("authorization")
|
|
|
|
mode := Mode(section.Key("mode").MustString(string(ModeInProc)))
|
|
if !mode.IsValid() {
|
|
return nil, fmt.Errorf("authorization: invalid mode %q", mode)
|
|
}
|
|
|
|
token := section.Key("token").MustString("")
|
|
tokenExchangeURL := section.Key("token_exchange_url").MustString("")
|
|
tokenNamespace := section.Key("token_namespace").MustString("stack-" + cfg.StackID)
|
|
|
|
if mode == ModeCloud && token == "" && tokenExchangeURL == "" {
|
|
return nil, fmt.Errorf("authorization: missing token or tokenExchangeUrl")
|
|
}
|
|
|
|
return &Cfg{
|
|
remoteAddress: section.Key("remote_address").MustString(""),
|
|
listen: section.Key("listen").MustBool(false),
|
|
mode: mode,
|
|
token: token,
|
|
tokenExchangeURL: tokenExchangeURL,
|
|
tokenNamespace: tokenNamespace,
|
|
}, nil
|
|
}
|