Documentation
¶
Index ¶
- Constants
- Variables
- type BasicUserInfo
- type Error
- type GithubTeam
- type OAuthInfo
- type OktaClaims
- type OktaUserInfoJson
- type OrgRecord
- type Service
- type SocialAzureAD
- type SocialBase
- type SocialConnector
- type SocialGenericOAuth
- func (s *SocialGenericOAuth) FetchOrganizations(ctx context.Context, client *http.Client) ([]string, bool)
- func (s *SocialGenericOAuth) FetchPrivateEmail(ctx context.Context, client *http.Client) (string, error)
- func (s *SocialGenericOAuth) FetchTeamMemberships(ctx context.Context, client *http.Client) ([]string, error)
- func (s *SocialGenericOAuth) IsGroupMember(groups []string) bool
- func (s *SocialGenericOAuth) IsOrganizationMember(ctx context.Context, client *http.Client) bool
- func (s *SocialGenericOAuth) IsTeamMember(ctx context.Context, client *http.Client) bool
- func (s *SocialGenericOAuth) SupportBundleContent(bf *bytes.Buffer) error
- func (s *SocialGenericOAuth) UserInfo(ctx context.Context, client *http.Client, token *oauth2.Token) (*BasicUserInfo, error)
- type SocialGithub
- func (s *SocialGithub) FetchOrganizations(ctx context.Context, client *http.Client, organizationsUrl string) ([]string, error)
- func (s *SocialGithub) FetchPrivateEmail(ctx context.Context, client *http.Client) (string, error)
- func (s *SocialGithub) FetchTeamMemberships(ctx context.Context, client *http.Client) ([]GithubTeam, error)
- func (s *SocialGithub) HasMoreRecords(headers http.Header) (string, bool)
- func (s *SocialGithub) IsOrganizationMember(ctx context.Context, client *http.Client, organizationsUrl string) bool
- func (s *SocialGithub) IsTeamMember(ctx context.Context, client *http.Client) bool
- func (s *SocialGithub) UserInfo(ctx context.Context, client *http.Client, token *oauth2.Token) (*BasicUserInfo, error)
- type SocialGitlab
- type SocialGoogle
- type SocialGrafanaCom
- type SocialOkta
- type SocialService
- func (ss *SocialService) GetConnector(name string) (SocialConnector, error)
- func (ss *SocialService) GetOAuthHttpClient(name string) (*http.Client, error)
- func (ss *SocialService) GetOAuthInfoProvider(name string) *OAuthInfo
- func (ss *SocialService) GetOAuthInfoProviders() map[string]*OAuthInfo
- func (ss *SocialService) GetOAuthProviders() map[string]bool
- type UserInfoJson
Constants ¶
View Source
const (
OfflineAccessScope = "offline_access"
)
View Source
const (
RoleGrafanaAdmin = "GrafanaAdmin" // For AzureAD for example this value cannot contain spaces
)
Variables ¶
View Source
var ( ErrIDTokenNotFound = errors.New("id_token not found") ErrEmailNotFound = errors.New("error getting user info: no email found in access token") )
View Source
var ( ErrMissingTeamMembership = errutil.NewBase(errutil.StatusUnauthorized, "auth.missing_team", errutil.WithPublicMessage( "User is not a member of one of the required teams. Please contact identity provider administrator.")) ErrMissingOrganizationMembership = errutil.NewBase(errutil.StatusUnauthorized, "auth.missing_organization", errutil.WithPublicMessage( "User is not a member of one of the required organizations. Please contact identity provider administrator.")) )
View Source
var ( SocialBaseUrl = "/login/" SocialMap = make(map[string]SocialConnector) )
Functions ¶
This section is empty.
Types ¶
type BasicUserInfo ¶
type BasicUserInfo struct {
Id string
Name string
Email string
Login string
Role org.RoleType
IsGrafanaAdmin *bool // nil will avoid overriding user's set server admin setting
Groups []string
}
func (*BasicUserInfo) String ¶
func (b *BasicUserInfo) String() string
type GithubTeam ¶
type GithubTeam struct {
Id int `json:"id"`
Slug string `json:"slug"`
URL string `json:"html_url"`
Organization struct {
Login string `json:"login"`
} `json:"organization"`
}
func (*GithubTeam) GetShorthand ¶
func (t *GithubTeam) GetShorthand() (string, error)
type OAuthInfo ¶
type OAuthInfo struct {
ApiUrl string `toml:"api_url"`
AuthUrl string `toml:"auth_url"`
ClientId string `toml:"client_id"`
ClientSecret string `toml:"-"`
EmailAttributeName string `toml:"email_attribute_name"`
EmailAttributePath string `toml:"email_attribute_path"`
GroupsAttributePath string `toml:"groups_attribute_path"`
HostedDomain string `toml:"hosted_domain"`
Icon string `toml:"icon"`
Name string `toml:"name"`
RoleAttributePath string `toml:"role_attribute_path"`
TeamIdsAttributePath string `toml:"team_ids_attribute_path"`
TeamsUrl string `toml:"teams_url"`
TlsClientCa string `toml:"tls_client_ca"`
TlsClientCert string `toml:"tls_client_cert"`
TlsClientKey string `toml:"tls_client_key"`
TokenUrl string `toml:"token_url"`
AllowedDomains []string `toml:"allowed_domains"`
Scopes []string `toml:"scopes"`
AllowAssignGrafanaAdmin bool `toml:"allow_assign_grafana_admin"`
AllowSignup bool `toml:"allow_signup"`
AutoLogin bool `toml:"auto_login"`
Enabled bool `toml:"enabled"`
RoleAttributeStrict bool `toml:"role_attribute_strict"`
TlsSkipVerify bool `toml:"tls_skip_verify"`
UsePKCE bool `toml:"use_pkce"`
UseRefreshToken bool `toml:"use_refresh_token"`
}
type OktaClaims ¶
type OktaUserInfoJson ¶
type OktaUserInfoJson struct {
Name string `json:"name"`
DisplayName string `json:"display_name"`
Login string `json:"login"`
Username string `json:"username"`
Email string `json:"email"`
Upn string `json:"upn"`
Attributes map[string][]string `json:"attributes"`
Groups []string `json:"groups"`
// contains filtered or unexported fields
}
type SocialAzureAD ¶
type SocialAzureAD struct {
*SocialBase
// contains filtered or unexported fields
}
func (*SocialAzureAD) IsGroupMember ¶
func (s *SocialAzureAD) IsGroupMember(groups []string) bool
func (*SocialAzureAD) SupportBundleContent ¶
func (s *SocialAzureAD) SupportBundleContent(bf *bytes.Buffer) error
type SocialBase ¶
func (*SocialBase) IsEmailAllowed ¶
func (s *SocialBase) IsEmailAllowed(email string) bool
func (*SocialBase) IsSignupAllowed ¶
func (s *SocialBase) IsSignupAllowed() bool
func (*SocialBase) SupportBundleContent ¶
func (s *SocialBase) SupportBundleContent(bf *bytes.Buffer) error
type SocialConnector ¶
type SocialConnector interface {
UserInfo(ctx context.Context, client *http.Client, token *oauth2.Token) (*BasicUserInfo, error)
IsEmailAllowed(email string) bool
IsSignupAllowed() bool
AuthCodeURL(state string, opts ...oauth2.AuthCodeOption) string
Exchange(ctx context.Context, code string, authOptions ...oauth2.AuthCodeOption) (*oauth2.Token, error)
Client(ctx context.Context, t *oauth2.Token) *http.Client
TokenSource(ctx context.Context, t *oauth2.Token) oauth2.TokenSource
SupportBundleContent(*bytes.Buffer) error
}
type SocialGenericOAuth ¶
type SocialGenericOAuth struct {
*SocialBase
// contains filtered or unexported fields
}
func (*SocialGenericOAuth) FetchOrganizations ¶
func (*SocialGenericOAuth) FetchPrivateEmail ¶
func (*SocialGenericOAuth) FetchTeamMemberships ¶
func (*SocialGenericOAuth) IsGroupMember ¶
func (s *SocialGenericOAuth) IsGroupMember(groups []string) bool
func (*SocialGenericOAuth) IsOrganizationMember ¶
func (*SocialGenericOAuth) IsTeamMember ¶
func (*SocialGenericOAuth) SupportBundleContent ¶
func (s *SocialGenericOAuth) SupportBundleContent(bf *bytes.Buffer) error
type SocialGithub ¶
type SocialGithub struct {
*SocialBase
// contains filtered or unexported fields
}
func (*SocialGithub) FetchOrganizations ¶
func (*SocialGithub) FetchPrivateEmail ¶
func (*SocialGithub) FetchTeamMemberships ¶
func (s *SocialGithub) FetchTeamMemberships(ctx context.Context, client *http.Client) ([]GithubTeam, error)
func (*SocialGithub) HasMoreRecords ¶
func (s *SocialGithub) HasMoreRecords(headers http.Header) (string, bool)
func (*SocialGithub) IsOrganizationMember ¶
func (*SocialGithub) IsTeamMember ¶
type SocialGitlab ¶
type SocialGitlab struct {
*SocialBase
// contains filtered or unexported fields
}
type SocialGoogle ¶
type SocialGoogle struct {
*SocialBase
// contains filtered or unexported fields
}
func (*SocialGoogle) AuthCodeURL ¶
func (s *SocialGoogle) AuthCodeURL(state string, opts ...oauth2.AuthCodeOption) string
type SocialGrafanaCom ¶
type SocialGrafanaCom struct {
*SocialBase
// contains filtered or unexported fields
}
func (*SocialGrafanaCom) IsEmailAllowed ¶
func (s *SocialGrafanaCom) IsEmailAllowed(email string) bool
func (*SocialGrafanaCom) IsOrganizationMember ¶
func (s *SocialGrafanaCom) IsOrganizationMember(organizations []OrgRecord) bool
type SocialOkta ¶
type SocialOkta struct {
*SocialBase
// contains filtered or unexported fields
}
func (*SocialOkta) GetGroups ¶
func (s *SocialOkta) GetGroups(data *OktaUserInfoJson) []string
func (*SocialOkta) IsGroupMember ¶
func (s *SocialOkta) IsGroupMember(groups []string) bool
type SocialService ¶
type SocialService struct {
// contains filtered or unexported fields
}
func ProvideService ¶
func ProvideService(cfg *setting.Cfg, features *featuremgmt.FeatureManager, usageStats usagestats.Service, bundleRegistry supportbundles.Service, cache remotecache.CacheStorage, ) *SocialService
func (*SocialService) GetConnector ¶
func (ss *SocialService) GetConnector(name string) (SocialConnector, error)
func (*SocialService) GetOAuthHttpClient ¶
func (ss *SocialService) GetOAuthHttpClient(name string) (*http.Client, error)
func (*SocialService) GetOAuthInfoProvider ¶
func (ss *SocialService) GetOAuthInfoProvider(name string) *OAuthInfo
func (*SocialService) GetOAuthInfoProviders ¶
func (ss *SocialService) GetOAuthInfoProviders() map[string]*OAuthInfo
func (*SocialService) GetOAuthProviders ¶
func (ss *SocialService) GetOAuthProviders() map[string]bool
GetOAuthProviders returns available oauth providers and if they're enabled or not
type UserInfoJson ¶
type UserInfoJson struct {
Sub string `json:"sub"`
Name string `json:"name"`
DisplayName string `json:"display_name"`
Login string `json:"login"`
Username string `json:"username"`
Email string `json:"email"`
Upn string `json:"upn"`
Attributes map[string][]string `json:"attributes"`
// contains filtered or unexported fields
}
func (*UserInfoJson) String ¶
func (info *UserInfoJson) String() string
Source Files
Click to show internal directories.
Click to hide internal directories.