@backstage/backend-app-api 0.7.1-next.0 → 0.7.2-next.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +14 -0
- package/alpha/package.json +1 -1
- package/dist/index.cjs.js +2 -7
- package/dist/index.cjs.js.map +1 -1
- package/package.json +27 -27
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,19 @@
|
|
|
1
1
|
# @backstage/backend-app-api
|
|
2
2
|
|
|
3
|
+
## 0.7.2-next.1
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- 09f8988: Remove explicit `alg` check for user tokens in `verifyToken`
|
|
8
|
+
- Updated dependencies
|
|
9
|
+
- @backstage/backend-common@0.22.0-next.1
|
|
10
|
+
- @backstage/backend-tasks@0.5.23-next.1
|
|
11
|
+
- @backstage/plugin-auth-node@0.4.13-next.1
|
|
12
|
+
- @backstage/plugin-permission-node@0.7.29-next.1
|
|
13
|
+
- @backstage/cli-node@0.2.5
|
|
14
|
+
- @backstage/config-loader@1.8.0
|
|
15
|
+
- @backstage/backend-plugin-api@0.6.18-next.1
|
|
16
|
+
|
|
3
17
|
## 0.7.1-next.0
|
|
4
18
|
|
|
5
19
|
### Patch Changes
|
package/alpha/package.json
CHANGED
package/dist/index.cjs.js
CHANGED
|
@@ -2467,18 +2467,16 @@ var __privateMethod$3 = (obj, member, method) => {
|
|
|
2467
2467
|
};
|
|
2468
2468
|
var _getTokenVerificationOptions, getTokenVerificationOptions_fn;
|
|
2469
2469
|
const _UserTokenHandler = class _UserTokenHandler {
|
|
2470
|
-
constructor(
|
|
2471
|
-
this.algorithms = algorithms;
|
|
2470
|
+
constructor(jwksClient) {
|
|
2472
2471
|
this.jwksClient = jwksClient;
|
|
2473
2472
|
__privateAdd$4(this, _getTokenVerificationOptions);
|
|
2474
2473
|
}
|
|
2475
2474
|
static create(options) {
|
|
2476
|
-
const algorithms = ["ES256"];
|
|
2477
2475
|
const jwksClient = new JwksClient(async () => {
|
|
2478
2476
|
const url = await options.discovery.getBaseUrl("auth");
|
|
2479
2477
|
return new URL(`${url}/.well-known/jwks.json`);
|
|
2480
2478
|
});
|
|
2481
|
-
return new _UserTokenHandler(
|
|
2479
|
+
return new _UserTokenHandler(jwksClient);
|
|
2482
2480
|
}
|
|
2483
2481
|
async verifyToken(token) {
|
|
2484
2482
|
const verifyOpts = __privateMethod$3(this, _getTokenVerificationOptions, getTokenVerificationOptions_fn).call(this, token);
|
|
@@ -2551,14 +2549,12 @@ getTokenVerificationOptions_fn = function(token) {
|
|
|
2551
2549
|
const { typ } = jose.decodeProtectedHeader(token);
|
|
2552
2550
|
if (typ === pluginAuthNode.tokenTypes.user.typParam) {
|
|
2553
2551
|
return {
|
|
2554
|
-
algorithms: this.algorithms,
|
|
2555
2552
|
requiredClaims: ["iat", "exp", "sub"],
|
|
2556
2553
|
typ: pluginAuthNode.tokenTypes.user.typParam
|
|
2557
2554
|
};
|
|
2558
2555
|
}
|
|
2559
2556
|
if (typ === pluginAuthNode.tokenTypes.limitedUser.typParam) {
|
|
2560
2557
|
return {
|
|
2561
|
-
algorithms: this.algorithms,
|
|
2562
2558
|
requiredClaims: ["iat", "exp", "sub"],
|
|
2563
2559
|
typ: pluginAuthNode.tokenTypes.limitedUser.typParam
|
|
2564
2560
|
};
|
|
@@ -2566,7 +2562,6 @@ getTokenVerificationOptions_fn = function(token) {
|
|
|
2566
2562
|
const { aud } = jose.decodeJwt(token);
|
|
2567
2563
|
if (aud === pluginAuthNode.tokenTypes.user.audClaim) {
|
|
2568
2564
|
return {
|
|
2569
|
-
algorithms: this.algorithms,
|
|
2570
2565
|
audience: pluginAuthNode.tokenTypes.user.audClaim
|
|
2571
2566
|
};
|
|
2572
2567
|
}
|