Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AuthN: Support reloading SSO config after the sso settings have changed #80734

Merged
merged 19 commits into from
Jan 22, 2024
Merged

AuthN: Support reloading SSO config after the sso settings have changed #80734

merged 19 commits into from
Jan 22, 2024

Conversation

mgyongyosi
Copy link
Contributor

@mgyongyosi mgyongyosi commented Jan 17, 2024
edited
Loading

What is this feature?
This PR adds the ability to reload OAuth provider configuration when SSO settings feature is enabled. Besides, it changes how the AuthN service handles OAuth clients (all of the clients will be registered on startup).

Why do we need this feature?
To update Grafana's OAuth client to support reloading configuration without restarting Grafana.

Who is this feature for?

Which issue(s) does this PR fix?:

Fixes #

Special notes for your reviewer:

Please check that:

  • It works as expected from a user's perspective.
  • If this is a pre-GA feature, it is behind a feature toggle.
  • The docs are updated, and if this is a notable improvement, it's added to our What's New doc.

@grafana-delivery-bot grafana-delivery-bot bot added this to the 10.4.x milestone Jan 17, 2024
@mgyongyosi mgyongyosi changed the title AuthN: Support reloading SSO after the sso settings have changed [WIP] AuthN: Support reloading SSO after the sso settings have changed Jan 17, 2024
@mgyongyosi mgyongyosi requested a review from kalleep January 18, 2024 09:58
@mgyongyosi mgyongyosi requested a review from dmihai January 18, 2024 15:11
@mgyongyosi mgyongyosi force-pushed the mgyongyosi/sso/authn-svc-reload-support branch from f07ca07 to 14d3b34 Compare January 19, 2024 10:34
@mgyongyosi mgyongyosi force-pushed the mgyongyosi/sso/authn-svc-reload-support branch from 14d3b34 to a7d61b5 Compare January 19, 2024 10:44
@mgyongyosi mgyongyosi added the no-changelog Skip including change in changelog/release notes label Jan 19, 2024
@mgyongyosi mgyongyosi changed the title [WIP] AuthN: Support reloading SSO after the sso settings have changed AuthN: Support reloading SSO config after the sso settings have changed Jan 19, 2024
@mgyongyosi mgyongyosi added add to changelog and removed no-changelog Skip including change in changelog/release notes labels Jan 19, 2024
@mgyongyosi mgyongyosi marked this pull request as ready for review January 19, 2024 10:45
@mgyongyosi mgyongyosi requested a review from a team as a code owner January 19, 2024 10:45
kalleep
kalleep reviewed Jan 19, 2024
View reviewed changes
Copy link
Contributor

@kalleep kalleep left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great work! Left some comments 👍

pkg/login/social/connectors/social_base.go Outdated Show resolved Hide resolved
pkg/login/social/connectors/azuread_oauth.go Outdated Show resolved Hide resolved
pkg/login/social/connectors/gitlab_oauth.go Outdated Show resolved Hide resolved
pkg/login/social/connectors/google_oauth.go Outdated Show resolved Hide resolved
pkg/services/authn/clients/oauth.go Show resolved Hide resolved
pkg/services/ssosettings/ssosettingsimpl/service.go Show resolved Hide resolved
@mgyongyosi mgyongyosi force-pushed the mgyongyosi/sso/authn-svc-reload-support branch from aa792c0 to 78c24d8 Compare January 19, 2024 13:02
@mgyongyosi mgyongyosi force-pushed the mgyongyosi/sso/authn-svc-reload-support branch from 78c24d8 to 95728a9 Compare January 19, 2024 13:04
kalleep
kalleep approved these changes Jan 22, 2024
View reviewed changes
Copy link
Contributor

@kalleep kalleep left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, left one last comment

pkg/login/social/connectors/generic_oauth.go Outdated
func (s *SocialGenericOAuth) Reload(ctx context.Context, settings ssoModels.SSOSettings) error {
newInfo, err := CreateOAuthInfoFromKeyValues(settings.Settings)
if err != nil {
return fmt.Errorf("SSO settings map cannot be converted to OAuthInfo: %v", err)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We repeat this error in all providers, extract it?

@mgyongyosi mgyongyosi merged commit 20bb0a3 into main Jan 22, 2024
12 checks passed
@mgyongyosi mgyongyosi deleted the mgyongyosi/sso/authn-svc-reload-support branch January 22, 2024 13:54
@aangelisc aangelisc modified the milestones: 10.4.x, 10.4.0 Mar 6, 2024
@BrewTestBot BrewTestBot mentioned this pull request Mar 6, 2024
Closed
@BrewTestBot BrewTestBot mentioned this pull request Mar 14, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dmihai dmihai dmihai approved these changes

@kalleep kalleep kalleep approved these changes

Assignees
No one assigned
Labels
add to changelog area/auth/oauth area/auth area/backend
Projects
None yet
Milestone
10.4.0
Development

Successfully merging this pull request may close these issues.
4 participants
@mgyongyosi @dmihai @kalleep @aangelisc