Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OAuth: Introduce new setting for configuring max age of OAuth state cookie #23195

Merged
merged 3 commits into from
Mar 30, 2020
Merged

OAuth: Introduce new setting for configuring max age of OAuth state cookie #23195

merged 3 commits into from
Mar 30, 2020

Conversation

rtrompier
Copy link
Contributor

When using oauth2 authentication with multifactor, the 60s delay may be too short

@rtrompier
Cookie : Increase duration to avoid error
e349f3e 
When using oauth2 authentication with multifactor, the 60s delay may be too short
@rtrompier rtrompier requested a review from a team as a code owner March 30, 2020 10:09
@CLAassistant
Copy link

CLAassistant commented Mar 30, 2020
edited
Loading

CLA assistant check)
All committers have signed the CLA.

@aknuds1 aknuds1 added pr/external This PR is from external contributor area/auth/oauth labels Mar 30, 2020
@papagian
Copy link
Contributor

Thank you for contributing!
Instead of a new hardcoded value would you like to introduce a new setting oauth_state_cookie_max_age that defaults to 60?

For doing so, in addition to this modification when writing the OAuth state cookie, you need to update appropriately defaults.ini, samples.ini and the docs.

@marefr marefr requested review from papagian and removed request for a team March 30, 2020 11:13
@rtrompier
Copy link
Contributor Author

Hi @papagian,

I work for the Geneva Hospitals, and we are currently using grafana for COVID19 crisis monitoring. Would it be possible to merge in the state although I agree with you that it would be more elegant via a configuration file ?

Thank you very much ;)

aknuds1
aknuds1 approved these changes Mar 30, 2020
View reviewed changes
Copy link
Contributor

@aknuds1 aknuds1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@papagian papagian changed the title Cookie : Increase duration to avoid error OAuth : Introduce new setting for configuring max age of OAuth state cookie Mar 30, 2020
@papagian papagian added this to the 7.0 milestone Mar 30, 2020
@papagian
Copy link
Contributor

papagian commented Mar 30, 2020
edited
Loading

@rtrompier
I have introduced the new setting. You can override the default behaviour by setting oauth_state_cookie_max_age (under auth section) to 500 in your grafana configuration or alternatively by using the environmental variable GF_AUTH_OAUTH_STATE_COOKIE_MAX_AGE=500.

Stay strong and let me know if you need additional help.

@papagian papagian merged commit 474dac1 into grafana:master Mar 30, 2020
@rtrompier
Copy link
Contributor Author

Thank you so much guys !
Really appreciate your help.

@marefr marefr changed the title OAuth : Introduce new setting for configuring max age of OAuth state cookie OAuth: Introduce new setting for configuring max age of OAuth state cookie Apr 28, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aknuds1 aknuds1 aknuds1 approved these changes

@papagian papagian Awaiting requested review from papagian

@oddlittlebird oddlittlebird Awaiting requested review from oddlittlebird

Assignees
No one assigned
Labels
add to changelog area/auth/oauth pr/external This PR is from external contributor
Projects
None yet
Milestone
7.0-beta1
Development

Successfully merging this pull request may close these issues.
4 participants
@rtrompier @CLAassistant @papagian @aknuds1