Generic OAuth: Prevent adding duplicated users

[dsotirakis]

What this PR does / why we need it:

The purpose of this PR is to prevent adding duplicated users in user_auth column, when logging in.
Essentially, since we'll have to deal with many duplicated entries already, we add a check where:

Notes:

1. Check for auth_id is now removed, since no auth_id exists when using Generic OAuth. This was the main cause of the problem, since every time a new user with Generic OAuth login existed was re-added on the database.
2. The new DELETE operation, can be potentially removed in the future.

Which issue(s) this PR fixes:

Fixes #23077

Special notes for your reviewer:

Steps to reproduce:

• Make sure you have a Generic OAuth provider config ready. (The most easy and straight-forward one should be to add a Bitbucket config)
• Set up the [auth.generic_oauth] config in your custom.ini file inside grafana repo.
• Make sure you are on master, then try to login and logout 3-4 times.
• Then go to grafana.db, browse user_auth table, and you'll see something like:

id	user_id	auth_module	auth_id	created	o_auth_access_token	o_auth_refresh_token	o_auth_token_type	o_auth_expiry
33	4	oauth_generic_oauth		2021-03-24 12:02:25	<o_auth_access_token>	<o_auth_refresh_token>	<o_auth_token_type>	2021-03-24 14:02:11
33	4	oauth_generic_oauth		2021-03-24 12:02:25	<o_auth_access_token>	<o_auth_refresh_token>	<o_auth_token_type>	2021-03-24 14:02:11
33	4	oauth_generic_oauth		2021-03-24 12:02:25	<o_auth_access_token>	<o_auth_refresh_token>	<o_auth_token_type>	2021-03-24 14:02:11

• Checkout branch and run against it.
• Try to login again.
• You'll see:

id	user_id	auth_module	auth_id	created	o_auth_access_token	o_auth_refresh_token	o_auth_token_type	o_auth_expiry
33	4	oauth_generic_oauth		2021-03-24 12:22:25	<o_auth_access_token>	<o_auth_refresh_token>	<o_auth_token_type>	2021-03-24 14:22:11

[dsotirakis]

Trying to make this less ugly.

[marefr]

Great work with the conversion of tests 🎉

I added some additional comments. Let me know if you don't understand and we can discuss it.

[marefr]

See comment and let me know if I misunderstood

[marefr]

Great. Now I think it should work according to my idea. Not sure I'm correct though and that it works :) I will test it manually as well. Added a comment regarding a missing error check.

Would be great to add a test for generic_oauth in sqlstore/user_auth_test.go as well to validate the changes works as expected.

[marefr]

Works as expected 👍

Verified no new rows in user_auth is created when signing in with existing generic_oauth user that exists in user_auth and that a new row is created for generic_oauth user when there are no rows in the user_auth table.

One thing left, I added a comment. Otherwise this should be good to merge I think since it prevents adding duplicate rows in the user_auth table. Great work

[marefr]

LGTM left a couple comments/suggestions.

After this been merged need to think about what's left in regard to duplicate rows

[marefr]

Can you put this in a const variable since used in 3 different places now?

[dsotirakis]

It's used with different Login field so we shall create a method / func for that - think it's not necessary?

[marefr]

Was referring to the magic string oauth_generic_oauth. Sorry for being unclear