OAuth: Fix forwarding id token to the data source (#43204)

grafana · Dec 17, 2021 · 2c0f961 · 2c0f961
1 parent bba7bde
commit 2c0f961
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/pkg/services/query/query.go b/pkg/services/query/query.go
@@ -127,6 +127,11 @@ func (s *Service) handleQueryData(ctx context.Context, user *models.SignedInUser
 	if s.oAuthTokenService.IsOAuthPassThruEnabled(ds) {
 		if token := s.oAuthTokenService.GetCurrentOAuthToken(ctx, user); token != nil {
 			req.Headers["Authorization"] = fmt.Sprintf("%s %s", token.Type(), token.AccessToken)
+
+			idToken, ok := token.Extra("id_token").(string)
+			if ok && idToken != "" {
+				req.Headers["X-ID-Token"] = idToken
+			}
 		}
 	}