Skip to content

Support X-Access-Token for Grafana Cloud #107

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Support X-Access-Token for Grafana Cloud #107

wants to merge 1 commit into from
+70 −20

Conversation

csmarchbanks
Copy link
Contributor

In Grafana Cloud it is possible to have a plugin submit requests on behalf of the calling user by setting the X-Access-Token header instead of the standard Authorization header. This PR will preferentially look for the presence of an access token and use that before falling back to an API key like normal.

@csmarchbanks csmarchbanks requested a review from a team as a code owner April 24, 2025 22:17
csmarchbanks
csmarchbanks commented Apr 24, 2025
View reviewed changes
tools/oncall.go
@@ -67,6 +70,7 @@ func oncallClientFromContext(ctx context.Context) (*aapi.Client, error) {

grafanaOnCallURL = strings.TrimRight(grafanaOnCallURL, "/")

// TODO: Allow access to OnCall using an access token instead of an API key.
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This TODO will wait for another PR as the OnCall client needs to be upgraded to take a transport. In the meantime we may just need to disable these tools when we use an access token.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@sd2k mentioned there are additional complications apart from just the OnCall client upgrade (something about the way routing is set up in cloud IIRC) but yeah that's non-blocking for this PR.

@csmarchbanks
Support X-Access-Token for Grafana Cloud
d8ed43d 
In Grafana Cloud it is possible to have a plugin submit requests on
behalf of the calling user by setting the X-Access-Token header instead
of the standard Authorization header. This PR will preferentially look
for the presence of an access token and use that before falling back to
an API key like normal.
@csmarchbanks csmarchbanks force-pushed the support-x-access-token branch from fbfe711 to d8ed43d Compare April 24, 2025 22:19
annanay25
annanay25 approved these changes Apr 24, 2025
View reviewed changes
Copy link
Contributor

@annanay25 annanay25 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm, nice!

tools/oncall.go
@@ -67,6 +70,7 @@ func oncallClientFromContext(ctx context.Context) (*aapi.Client, error) {

grafanaOnCallURL = strings.TrimRight(grafanaOnCallURL, "/")

// TODO: Allow access to OnCall using an access token instead of an API key.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@sd2k mentioned there are additional complications apart from just the OnCall client upgrade (something about the way routing is set up in cloud IIRC) but yeah that's non-blocking for this PR.

tools/sift.go
@@ -97,11 +97,12 @@ type siftClient struct {
url string
}

func newSiftClient(url, apiKey string) *siftClient {
func newSiftClient(url, accessToken, apiKey string) *siftClient {
client := &http.Client{
Transport: &authRoundTripper{
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we should move this authRoundTripper out into a common location in the future

@annanay25 annanay25 mentioned this pull request Apr 25, 2025
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@annanay25 annanay25 annanay25 approved these changes

Assignees

@csmarchbanks csmarchbanks

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@csmarchbanks @annanay25