Add support for authenticated iframe (with JWT) #326
Commits on Sep 30, 2023
-
Add support for authenticated iframe (with JWT)
The image renderer from Grafana is very slow and cpu heavy. Iframe is not an option for most cases because it needs anonymous access to Grafana. This commit adds JWT support to secure the Grafana access when using iframe. When a graph is loaded in Icinga web interface, the signed JWT token is sent to Grafana in the request, if JWT is validated graph is displayed, if anything goes wrong with the token validation, Grafana will refuse the access. The library Firebase PHP-JWT is used to create the token. For now, the library is included in the vendor directory. The JWT token uses RSA keys, these keys are generated automatically in /etc when the user saves the configuration with jwt enabled.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.