AuthProxy: additions to ttl config change (#20249)

* fixes according to feedback * additions to config and docs

AuthProxy: additions to ttl config change (#20249)
* fixes according to feedback * additions to config and docs
3111c362 · Jon Gyllenswärd · Torkel Ödegaard · 026d1346 · 3111c362 · 3111c362
Commit 3111c362 authored Nov 08, 2019 by Jon Gyllenswärd Committed by Torkel Ödegaard Nov 08, 2019
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 5 deletions

conf/sample.ini
+2 -2

docs/sources/auth/auth-proxy.md
+3 -2

pkg/setting/setting.go
+7 -1

No files found.
--- a/conf/sample.ini
+++ b/conf/sample.ini
@@ -329,7 +329,7 @@
 ;token_url = https://foo.bar/login/oauth/access_token
 ;api_url = https://foo.bar/user
 ;team_ids =
-;allowed_organizations = 
+;allowed_organizations =
 ;role_attribute_path =
 ;tls_skip_verify_insecure = false
 ;tls_client_cert =
@@ -396,7 +396,7 @@
 ;header_name = X-WEBAUTH-USER
 ;header_property = username
 ;auto_sign_up = true
-;ldap_sync_ttl = 60
+;sync_ttl = 60
 ;whitelist = 192.168.1.1, 192.168.2.1
 ;headers = Email:X-User-Email, Name:X-User-Name
 # Read the auth proxy docs for details on what the setting below enables

--- a/docs/sources/auth/auth-proxy.md
+++ b/docs/sources/auth/auth-proxy.md
@@ -27,8 +27,9 @@ header_name = X-WEBAUTH-USER
 header_property = username
 # Set to `true` to enable auto sign up of users who do not exist in Grafana DB. Defaults to `true`.
 auto_sign_up = true
-# If combined with Grafana LDAP integration define sync interval in minutes
-ldap_sync_ttl = 60
+# Define cache time to live in minutes
+# If combined with Grafana LDAP integration it is also the sync interval
+sync_ttl = 60
 # Limit where auth proxy requests come from by configuring a list of IP addresses.
 # This can be used to prevent users spoofing the X-WEBAUTH-USER header.
 # Example `whitelist = 192.168.1.1, 192.168.1.0/24, 2001::23, 2001::0/120`

--- a/pkg/setting/setting.go
+++ b/pkg/setting/setting.go
@@ -46,6 +46,12 @@ var (
 	ERR_TEMPLATE_NAME = "error"
 )

+// This constant corresponds to the default value for ldap_sync_ttl in .ini files
+// it is used for comparision and has to be kept in sync
+const (
+	AUTH_PROXY_SYNC_TTL = 60
+)
+
 var (
 	// App settings.
 	Env              = DEV
@@ -860,7 +866,7 @@ func (cfg *Cfg) Load(args *CommandLineArgs) error {
 	ldapSyncVal := authProxy.Key("ldap_sync_ttl").MustInt()
 	syncVal := authProxy.Key("sync_ttl").MustInt()

-	if ldapSyncVal != 60 {
+	if ldapSyncVal != AUTH_PROXY_SYNC_TTL {
 		AuthProxySyncTtl = ldapSyncVal
 		cfg.Logger.Warn("[Deprecated] the configuration setting 'ldap_sync_ttl' is deprecated, please use 'sync_ttl' instead")
 	} else {