7 năm trước cách đây · 052772ea2e
--- a/pkg/social/social.go
+++ b/pkg/social/social.go
@@ -63,28 +63,34 @@ func NewOAuthService() {
 
				 	for _, name := range allOauthes {
			
 
				 		sec := setting.Raw.Section("auth." + name)
			
 
				 		info := &setting.OAuthInfo{
			
 
				-			ClientId:           sec.Key("client_id").String(),
			
 
				-			ClientSecret:       sec.Key("client_secret").String(),
			
 
				-			Scopes:             util.SplitString(sec.Key("scopes").String()),
			
 
				-			AuthUrl:            sec.Key("auth_url").String(),
			
 
				-			TokenUrl:           sec.Key("token_url").String(),
			
 
				-			ApiUrl:             sec.Key("api_url").String(),
			
 
				-			Enabled:            sec.Key("enabled").MustBool(),
			
 
				-			EmailAttributeName: sec.Key("email_attribute_name").String(),
			
 
				-			AllowedDomains:     util.SplitString(sec.Key("allowed_domains").String()),
			
 
				-			HostedDomain:       sec.Key("hosted_domain").String(),
			
 
				-			AllowSignup:        sec.Key("allow_sign_up").MustBool(),
			
 
				-			Name:               sec.Key("name").MustString(name),
			
 
				-			TlsClientCert:      sec.Key("tls_client_cert").String(),
			
 
				-			TlsClientKey:       sec.Key("tls_client_key").String(),
			
 
				-			TlsClientCa:        sec.Key("tls_client_ca").String(),
			
 
				-			TlsSkipVerify:      sec.Key("tls_skip_verify_insecure").MustBool(),
			
 
				+			ClientId:                 sec.Key("client_id").String(),
			
 
				+			ClientSecret:             sec.Key("client_secret").String(),
			
 
				+			Scopes:                   util.SplitString(sec.Key("scopes").String()),
			
 
				+			AuthUrl:                  sec.Key("auth_url").String(),
			
 
				+			TokenUrl:                 sec.Key("token_url").String(),
			
 
				+			ApiUrl:                   sec.Key("api_url").String(),
			
 
				+			Enabled:                  sec.Key("enabled").MustBool(),
			
 
				+			EmailAttributeName:       sec.Key("email_attribute_name").String(),
			
 
				+			AllowedDomains:           util.SplitString(sec.Key("allowed_domains").String()),
			
 
				+			HostedDomain:             sec.Key("hosted_domain").String(),
			
 
				+			AllowSignup:              sec.Key("allow_sign_up").MustBool(),
			
 
				+			Name:                     sec.Key("name").MustString(name),
			
 
				+			TlsClientCert:            sec.Key("tls_client_cert").String(),
			
 
				+			TlsClientKey:             sec.Key("tls_client_key").String(),
			
 
				+			TlsClientCa:              sec.Key("tls_client_ca").String(),
			
 
				+			TlsSkipVerify:            sec.Key("tls_skip_verify_insecure").MustBool(),
			
 
				+			BrokenAuthHeaderProvider: sec.Key("broken_auth_header_provider").MustBool(),
			
 
				 		}
			
 
				 
			
 
				 		if !info.Enabled {
			
 
				 			continue
			
 
				 		}
			
 
				 
			
 
				+		// handle the clients that do not properly support Basic auth headers and require passing client_id/client_secret via POST payload
			
 
				+		if info.BrokenAuthHeaderProvider {
			
 
				+			oauth2.RegisterBrokenAuthHeaderProvider(info.TokenUrl)
			
 
				+		}
			
 
				+
			
 
				 		if name == "grafananet" {
			
 
				 			name = grafanaCom
			
 
				 		}