New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Auth: Fix US gov azure ad oauth URL parsing #71254
Conversation
4f6f392
to
527733e
Compare
Updates regex for tenant ID parsing to support .us domains in addition to .com domains for Azure AD. Fixes grafana#71252
527733e
to
a9dd414
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the fix @douglasryanadams
Thank you for reviewing and merging this so switftly, it says a lot to us about how well this project is run. I was able to validate our integration works with this fix today by building from source for Ubuntu. (Confirming that there were no other bugs impeding Gov Azure AD from working at this time, at least for us.) |
Thanks for the kind words, we've identified another detail that has caused us to put in some extra work that is relevant #71365 |
Updates regex for tenant ID parsing to support .us domains in addition to .com domains for Azure AD. Fixes #71252
The backport to
To backport manually, run these commands in your terminal: # Fetch latest updates from GitHub
git fetch
# Create a new branch
git switch --create backport-71254-to-v10.0.x origin/v10.0.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x 3a245e49458b4799c105b34807ed8b2a4ebaf192
# When the conflicts are resolved, stage and commit the changes
git add . && git cherry-pick --continue If you have the GitHub CLI installed: # Create the PR body template
gh pr view 71254 --json body --template 'Backport 3a245e49458b4799c105b34807ed8b2a4ebaf192 from #71254{{ "\n\n---\n\n" }}{{ index . "body" }}' > .pr-body.txt
# Push the branch to GitHub and a PR
gh pr create --title "[v10.0.x] Auth: Fix US gov azure ad oauth URL parsing" --body-file .pr-body.txt --label "type/bug" --label "area/backend" --label "add to changelog" --label "pr/external" --label "backport" --base v10.0.x --milestone 10.0.x --web Or, if you don't have the GitHub CLI installed (we recommend you install it!): # If you don't have the GitHub CLI installed: Push the branch to GitHub and manually create a PR:
git push --set-upstream origin backport-71254-to-v10.0.x
# Remove the local backport branch
git switch main
git branch -D backport-71254-to-v10.0.x Unless you've used the GitHub CLI above, now create a pull request where the |
Updates regex for tenant ID parsing to support .us domains in addition to .com domains for Azure AD.
Fixes #71252
What is this feature?
Allows for Azure AD URLs with domains that end in ".us" in addition to ".com" to support US Gov Azure deployments.
Why do we need this feature?
Fixes a bug that prevents groups using US Gov Azure from integrating Grafana to the [azure.read] Auth scheme.
Who is this feature for?
US Gov Azure organizations.
Which issue(s) does this PR fix?:
Fixes: #71252
Special notes for your reviewer:
Please check that: