@backstage/backend-defaults 0.3.0-next.3 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +41 -0
- package/auth/package.json +6 -0
- package/cache/package.json +1 -1
- package/config.d.ts +277 -0
- package/database/package.json +1 -1
- package/discovery/package.json +1 -1
- package/dist/auth.cjs.js +1025 -0
- package/dist/auth.cjs.js.map +1 -0
- package/dist/auth.d.ts +14 -0
- package/dist/cache.cjs.js.map +1 -1
- package/dist/cache.d.ts +31 -37
- package/dist/cjs/config-BDOwXIyo.cjs.js +64 -0
- package/dist/cjs/config-BDOwXIyo.cjs.js.map +1 -0
- package/dist/cjs/createConfigSecretEnumerator-DShyoWWL.cjs.js +33 -0
- package/dist/cjs/createConfigSecretEnumerator-DShyoWWL.cjs.js.map +1 -0
- package/dist/cjs/helpers-D2f1CG0o.cjs.js +53 -0
- package/dist/cjs/helpers-D2f1CG0o.cjs.js.map +1 -0
- package/dist/database.cjs.js +25 -26
- package/dist/database.cjs.js.map +1 -1
- package/dist/database.d.ts +7 -2
- package/dist/discovery.cjs.js +6 -6
- package/dist/discovery.cjs.js.map +1 -1
- package/dist/discovery.d.ts +9 -1
- package/dist/httpAuth.cjs.js +192 -0
- package/dist/httpAuth.cjs.js.map +1 -0
- package/dist/httpAuth.d.ts +15 -0
- package/dist/httpRouter.cjs.js +191 -0
- package/dist/httpRouter.cjs.js.map +1 -0
- package/dist/httpRouter.d.ts +55 -0
- package/dist/index.cjs.js +14 -8
- package/dist/index.cjs.js.map +1 -1
- package/dist/lifecycle.cjs.js.map +1 -1
- package/dist/lifecycle.d.ts +5 -1
- package/dist/logger.cjs.js +17 -0
- package/dist/logger.cjs.js.map +1 -0
- package/dist/logger.d.ts +14 -0
- package/dist/permissions.cjs.js.map +1 -1
- package/dist/permissions.d.ts +6 -0
- package/dist/rootConfig.cjs.js +3 -0
- package/dist/rootConfig.cjs.js.map +1 -1
- package/dist/rootConfig.d.ts +17 -2
- package/dist/rootHttpRouter.cjs.js +629 -0
- package/dist/rootHttpRouter.cjs.js.map +1 -0
- package/dist/rootHttpRouter.d.ts +283 -0
- package/dist/rootLifecycle.cjs.js.map +1 -1
- package/dist/rootLifecycle.d.ts +5 -1
- package/dist/rootLogger.cjs.js +143 -0
- package/dist/rootLogger.cjs.js.map +1 -0
- package/dist/rootLogger.d.ts +58 -0
- package/dist/scheduler.cjs.js +2 -3
- package/dist/scheduler.cjs.js.map +1 -1
- package/dist/scheduler.d.ts +5 -1
- package/dist/urlReader.cjs.js +68 -126
- package/dist/urlReader.cjs.js.map +1 -1
- package/dist/urlReader.d.ts +49 -43
- package/dist/userInfo.cjs.js +70 -0
- package/dist/userInfo.cjs.js.map +1 -0
- package/dist/userInfo.d.ts +14 -0
- package/httpAuth/package.json +6 -0
- package/httpRouter/package.json +6 -0
- package/lifecycle/package.json +1 -1
- package/logger/package.json +6 -0
- package/migrations/auth/20240327104803_public_keys.js +50 -0
- package/package.json +82 -12
- package/permissions/package.json +1 -1
- package/rootConfig/package.json +1 -1
- package/rootHttpRouter/package.json +6 -0
- package/rootLifecycle/package.json +1 -1
- package/rootLogger/package.json +6 -0
- package/scheduler/package.json +1 -1
- package/urlReader/package.json +1 -1
- package/userInfo/package.json +6 -0
package/dist/urlReader.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
/// <reference types="node" />
|
|
2
2
|
import * as _backstage_backend_plugin_api from '@backstage/backend-plugin-api';
|
|
3
|
-
import { UrlReaderService, LoggerService,
|
|
3
|
+
import { UrlReaderService, LoggerService, UrlReaderServiceReadTreeResponse, UrlReaderServiceReadUrlOptions, UrlReaderServiceReadUrlResponse, UrlReaderServiceReadTreeOptions, UrlReaderServiceSearchOptions, UrlReaderServiceSearchResponse } from '@backstage/backend-plugin-api';
|
|
4
4
|
import { AzureIntegration, AzureDevOpsCredentialsProvider, BitbucketCloudIntegration, BitbucketIntegration, BitbucketServerIntegration, GerritIntegration, GithubIntegration, GithubCredentialsProvider, GitLabIntegration, GiteaIntegration, HarnessIntegration, AwsS3Integration } from '@backstage/integration';
|
|
5
5
|
import { Readable } from 'stream';
|
|
6
6
|
import { Config } from '@backstage/config';
|
|
@@ -82,9 +82,9 @@ interface ReadTreeResponseFactory {
|
|
|
82
82
|
* Defaults to true.
|
|
83
83
|
*/
|
|
84
84
|
stripFirstDirectory?: boolean;
|
|
85
|
-
}): Promise<
|
|
86
|
-
fromZipArchive(options: ReadTreeResponseFactoryOptions): Promise<
|
|
87
|
-
fromReadableArray(options: FromReadableArrayOptions): Promise<
|
|
85
|
+
}): Promise<UrlReaderServiceReadTreeResponse>;
|
|
86
|
+
fromZipArchive(options: ReadTreeResponseFactoryOptions): Promise<UrlReaderServiceReadTreeResponse>;
|
|
87
|
+
fromReadableArray(options: FromReadableArrayOptions): Promise<UrlReaderServiceReadTreeResponse>;
|
|
88
88
|
}
|
|
89
89
|
|
|
90
90
|
/**
|
|
@@ -101,9 +101,9 @@ declare class AzureUrlReader implements UrlReaderService {
|
|
|
101
101
|
credentialsProvider: AzureDevOpsCredentialsProvider;
|
|
102
102
|
});
|
|
103
103
|
read(url: string): Promise<Buffer>;
|
|
104
|
-
readUrl(url: string, options?:
|
|
105
|
-
readTree(url: string, options?:
|
|
106
|
-
search(url: string, options?:
|
|
104
|
+
readUrl(url: string, options?: UrlReaderServiceReadUrlOptions): Promise<UrlReaderServiceReadUrlResponse>;
|
|
105
|
+
readTree(url: string, options?: UrlReaderServiceReadTreeOptions): Promise<UrlReaderServiceReadTreeResponse>;
|
|
106
|
+
search(url: string, options?: UrlReaderServiceSearchOptions): Promise<UrlReaderServiceSearchResponse>;
|
|
107
107
|
toString(): string;
|
|
108
108
|
}
|
|
109
109
|
|
|
@@ -120,9 +120,9 @@ declare class BitbucketCloudUrlReader implements UrlReaderService {
|
|
|
120
120
|
treeResponseFactory: ReadTreeResponseFactory;
|
|
121
121
|
});
|
|
122
122
|
read(url: string): Promise<Buffer>;
|
|
123
|
-
readUrl(url: string, options?:
|
|
124
|
-
readTree(url: string, options?:
|
|
125
|
-
search(url: string, options?:
|
|
123
|
+
readUrl(url: string, options?: UrlReaderServiceReadUrlOptions): Promise<UrlReaderServiceReadUrlResponse>;
|
|
124
|
+
readTree(url: string, options?: UrlReaderServiceReadTreeOptions): Promise<UrlReaderServiceReadTreeResponse>;
|
|
125
|
+
search(url: string, options?: UrlReaderServiceSearchOptions): Promise<UrlReaderServiceSearchResponse>;
|
|
126
126
|
toString(): string;
|
|
127
127
|
private getLastCommitShortHash;
|
|
128
128
|
}
|
|
@@ -142,9 +142,9 @@ declare class BitbucketUrlReader implements UrlReaderService {
|
|
|
142
142
|
treeResponseFactory: ReadTreeResponseFactory;
|
|
143
143
|
});
|
|
144
144
|
read(url: string): Promise<Buffer>;
|
|
145
|
-
readUrl(url: string, options?:
|
|
146
|
-
readTree(url: string, options?:
|
|
147
|
-
search(url: string, options?:
|
|
145
|
+
readUrl(url: string, options?: UrlReaderServiceReadUrlOptions): Promise<UrlReaderServiceReadUrlResponse>;
|
|
146
|
+
readTree(url: string, options?: UrlReaderServiceReadTreeOptions): Promise<UrlReaderServiceReadTreeResponse>;
|
|
147
|
+
search(url: string, options?: UrlReaderServiceSearchOptions): Promise<UrlReaderServiceSearchResponse>;
|
|
148
148
|
toString(): string;
|
|
149
149
|
private getLastCommitShortHash;
|
|
150
150
|
}
|
|
@@ -162,9 +162,9 @@ declare class BitbucketServerUrlReader implements UrlReaderService {
|
|
|
162
162
|
treeResponseFactory: ReadTreeResponseFactory;
|
|
163
163
|
});
|
|
164
164
|
read(url: string): Promise<Buffer>;
|
|
165
|
-
readUrl(url: string, options?:
|
|
166
|
-
readTree(url: string, options?:
|
|
167
|
-
search(url: string, options?:
|
|
165
|
+
readUrl(url: string, options?: UrlReaderServiceReadUrlOptions): Promise<UrlReaderServiceReadUrlResponse>;
|
|
166
|
+
readTree(url: string, options?: UrlReaderServiceReadTreeOptions): Promise<UrlReaderServiceReadTreeResponse>;
|
|
167
|
+
search(url: string, options?: UrlReaderServiceSearchOptions): Promise<UrlReaderServiceSearchResponse>;
|
|
168
168
|
toString(): string;
|
|
169
169
|
private getLastCommitShortHash;
|
|
170
170
|
}
|
|
@@ -192,17 +192,15 @@ declare class BitbucketServerUrlReader implements UrlReaderService {
|
|
|
192
192
|
declare class GerritUrlReader implements UrlReaderService {
|
|
193
193
|
private readonly integration;
|
|
194
194
|
private readonly deps;
|
|
195
|
-
private readonly workDir;
|
|
196
195
|
static factory: ReaderFactory;
|
|
197
196
|
constructor(integration: GerritIntegration, deps: {
|
|
198
197
|
treeResponseFactory: ReadTreeResponseFactory;
|
|
199
|
-
}
|
|
198
|
+
});
|
|
200
199
|
read(url: string): Promise<Buffer>;
|
|
201
|
-
readUrl(url: string, options?:
|
|
202
|
-
readTree(url: string, options?:
|
|
203
|
-
search(): Promise<
|
|
200
|
+
readUrl(url: string, options?: UrlReaderServiceReadUrlOptions): Promise<UrlReaderServiceReadUrlResponse>;
|
|
201
|
+
readTree(url: string, options?: UrlReaderServiceReadTreeOptions): Promise<UrlReaderServiceReadTreeResponse>;
|
|
202
|
+
search(): Promise<UrlReaderServiceSearchResponse>;
|
|
204
203
|
toString(): string;
|
|
205
|
-
private readTreeFromGitClone;
|
|
206
204
|
private readTreeFromGitiles;
|
|
207
205
|
}
|
|
208
206
|
|
|
@@ -222,9 +220,9 @@ declare class GithubUrlReader implements UrlReaderService {
|
|
|
222
220
|
});
|
|
223
221
|
read(url: string): Promise<Buffer>;
|
|
224
222
|
private getCredentials;
|
|
225
|
-
readUrl(url: string, options?:
|
|
226
|
-
readTree(url: string, options?:
|
|
227
|
-
search(url: string, options?:
|
|
223
|
+
readUrl(url: string, options?: UrlReaderServiceReadUrlOptions): Promise<UrlReaderServiceReadUrlResponse>;
|
|
224
|
+
readTree(url: string, options?: UrlReaderServiceReadTreeOptions): Promise<UrlReaderServiceReadTreeResponse>;
|
|
225
|
+
search(url: string, options?: UrlReaderServiceSearchOptions): Promise<UrlReaderServiceSearchResponse>;
|
|
228
226
|
toString(): string;
|
|
229
227
|
private doReadTree;
|
|
230
228
|
private doSearch;
|
|
@@ -247,9 +245,9 @@ declare class GitlabUrlReader implements UrlReaderService {
|
|
|
247
245
|
treeResponseFactory: ReadTreeResponseFactory;
|
|
248
246
|
});
|
|
249
247
|
read(url: string): Promise<Buffer>;
|
|
250
|
-
readUrl(url: string, options?:
|
|
251
|
-
readTree(url: string, options?:
|
|
252
|
-
search(url: string, options?:
|
|
248
|
+
readUrl(url: string, options?: UrlReaderServiceReadUrlOptions): Promise<UrlReaderServiceReadUrlResponse>;
|
|
249
|
+
readTree(url: string, options?: UrlReaderServiceReadTreeOptions): Promise<UrlReaderServiceReadTreeResponse>;
|
|
250
|
+
search(url: string, options?: UrlReaderServiceSearchOptions): Promise<UrlReaderServiceSearchResponse>;
|
|
253
251
|
/**
|
|
254
252
|
* This function splits the input globPattern string into segments using the path separator /. It then iterates over
|
|
255
253
|
* the segments from the end of the array towards the beginning, checking if the concatenated string up to that
|
|
@@ -282,9 +280,9 @@ declare class GiteaUrlReader implements UrlReaderService {
|
|
|
282
280
|
treeResponseFactory: ReadTreeResponseFactory;
|
|
283
281
|
});
|
|
284
282
|
read(url: string): Promise<Buffer>;
|
|
285
|
-
readUrl(url: string, options?:
|
|
286
|
-
readTree(url: string, options?:
|
|
287
|
-
search(): Promise<
|
|
283
|
+
readUrl(url: string, options?: UrlReaderServiceReadUrlOptions): Promise<UrlReaderServiceReadUrlResponse>;
|
|
284
|
+
readTree(url: string, options?: UrlReaderServiceReadTreeOptions): Promise<UrlReaderServiceReadTreeResponse>;
|
|
285
|
+
search(): Promise<UrlReaderServiceSearchResponse>;
|
|
288
286
|
toString(): string;
|
|
289
287
|
private getLastCommitHash;
|
|
290
288
|
}
|
|
@@ -303,9 +301,9 @@ declare class HarnessUrlReader implements UrlReaderService {
|
|
|
303
301
|
treeResponseFactory: ReadTreeResponseFactory;
|
|
304
302
|
});
|
|
305
303
|
read(url: string): Promise<Buffer>;
|
|
306
|
-
readUrl(url: string, options?:
|
|
307
|
-
readTree(url: string, options?:
|
|
308
|
-
search(): Promise<
|
|
304
|
+
readUrl(url: string, options?: UrlReaderServiceReadUrlOptions): Promise<UrlReaderServiceReadUrlResponse>;
|
|
305
|
+
readTree(url: string, options?: UrlReaderServiceReadTreeOptions): Promise<UrlReaderServiceReadTreeResponse>;
|
|
306
|
+
search(): Promise<UrlReaderServiceSearchResponse>;
|
|
309
307
|
toString(): string;
|
|
310
308
|
private getLastCommitHash;
|
|
311
309
|
}
|
|
@@ -332,9 +330,9 @@ declare class AwsS3UrlReader implements UrlReaderService {
|
|
|
332
330
|
private buildS3Client;
|
|
333
331
|
private retrieveS3ObjectData;
|
|
334
332
|
read(url: string): Promise<Buffer>;
|
|
335
|
-
readUrl(url: string, options?:
|
|
336
|
-
readTree(url: string, options?:
|
|
337
|
-
search(): Promise<
|
|
333
|
+
readUrl(url: string, options?: UrlReaderServiceReadUrlOptions): Promise<UrlReaderServiceReadUrlResponse>;
|
|
334
|
+
readTree(url: string, options?: UrlReaderServiceReadTreeOptions): Promise<UrlReaderServiceReadTreeResponse>;
|
|
335
|
+
search(): Promise<UrlReaderServiceSearchResponse>;
|
|
338
336
|
toString(): string;
|
|
339
337
|
}
|
|
340
338
|
|
|
@@ -358,9 +356,9 @@ declare class FetchUrlReader implements UrlReaderService {
|
|
|
358
356
|
*/
|
|
359
357
|
static factory: ReaderFactory;
|
|
360
358
|
read(url: string): Promise<Buffer>;
|
|
361
|
-
readUrl(url: string, options?:
|
|
362
|
-
readTree(): Promise<
|
|
363
|
-
search(): Promise<
|
|
359
|
+
readUrl(url: string, options?: UrlReaderServiceReadUrlOptions): Promise<UrlReaderServiceReadUrlResponse>;
|
|
360
|
+
readTree(): Promise<UrlReaderServiceReadTreeResponse>;
|
|
361
|
+
search(): Promise<UrlReaderServiceSearchResponse>;
|
|
364
362
|
toString(): string;
|
|
365
363
|
}
|
|
366
364
|
|
|
@@ -374,11 +372,11 @@ declare class ReadUrlResponseFactory {
|
|
|
374
372
|
/**
|
|
375
373
|
* Resolves a ReadUrlResponse from a Readable stream.
|
|
376
374
|
*/
|
|
377
|
-
static fromReadable(stream: Readable, options?: ReadUrlResponseFactoryFromStreamOptions): Promise<
|
|
375
|
+
static fromReadable(stream: Readable, options?: ReadUrlResponseFactoryFromStreamOptions): Promise<UrlReaderServiceReadUrlResponse>;
|
|
378
376
|
/**
|
|
379
377
|
* Resolves a ReadUrlResponse from an old-style NodeJS.ReadableStream.
|
|
380
378
|
*/
|
|
381
|
-
static fromNodeJSReadable(oldStyleStream: NodeJS.ReadableStream, options?: ReadUrlResponseFactoryFromStreamOptions): Promise<
|
|
379
|
+
static fromNodeJSReadable(oldStyleStream: NodeJS.ReadableStream, options?: ReadUrlResponseFactoryFromStreamOptions): Promise<UrlReaderServiceReadUrlResponse>;
|
|
382
380
|
}
|
|
383
381
|
|
|
384
382
|
/**
|
|
@@ -413,7 +411,15 @@ declare class UrlReaders {
|
|
|
413
411
|
static default(options: UrlReadersOptions): UrlReaderService;
|
|
414
412
|
}
|
|
415
413
|
|
|
416
|
-
/**
|
|
414
|
+
/**
|
|
415
|
+
* Reading content from external systems.
|
|
416
|
+
*
|
|
417
|
+
* See {@link @backstage/code-plugin-api#UrlReaderService}
|
|
418
|
+
* and {@link https://backstage.io/docs/backend-system/core-services/url-reader | the service docs}
|
|
419
|
+
* for more information.
|
|
420
|
+
*
|
|
421
|
+
* @public
|
|
422
|
+
*/
|
|
417
423
|
declare const urlReaderServiceFactory: () => _backstage_backend_plugin_api.ServiceFactory<_backstage_backend_plugin_api.UrlReaderService, "plugin">;
|
|
418
424
|
|
|
419
425
|
export { AwsS3UrlReader, AzureUrlReader, BitbucketCloudUrlReader, BitbucketServerUrlReader, BitbucketUrlReader, FetchUrlReader, type FromReadableArrayOptions, GerritUrlReader, GiteaUrlReader, GithubUrlReader, GitlabUrlReader, HarnessUrlReader, type ReadTreeResponseFactory, type ReadTreeResponseFactoryOptions, ReadUrlResponseFactory, type ReadUrlResponseFactoryFromStreamOptions, type ReaderFactory, type UrlReaderPredicateTuple, UrlReaders, type UrlReadersOptions, urlReaderServiceFactory };
|
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var backendPluginApi = require('@backstage/backend-plugin-api');
|
|
4
|
+
var errors = require('@backstage/errors');
|
|
5
|
+
var jose = require('jose');
|
|
6
|
+
var fetch = require('node-fetch');
|
|
7
|
+
var helpers = require('./cjs/helpers-D2f1CG0o.cjs.js');
|
|
8
|
+
|
|
9
|
+
function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'default' in e ? e : { default: e }; }
|
|
10
|
+
|
|
11
|
+
var fetch__default = /*#__PURE__*/_interopDefaultCompat(fetch);
|
|
12
|
+
|
|
13
|
+
class DefaultUserInfoService {
|
|
14
|
+
discovery;
|
|
15
|
+
constructor(options) {
|
|
16
|
+
this.discovery = options.discovery;
|
|
17
|
+
}
|
|
18
|
+
async getUserInfo(credentials) {
|
|
19
|
+
const internalCredentials = helpers.toInternalBackstageCredentials(credentials);
|
|
20
|
+
if (internalCredentials.principal.type !== "user") {
|
|
21
|
+
throw new Error("Only user credentials are supported");
|
|
22
|
+
}
|
|
23
|
+
if (!internalCredentials.token) {
|
|
24
|
+
throw new Error("User credentials is unexpectedly missing token");
|
|
25
|
+
}
|
|
26
|
+
const { sub: userEntityRef, ent: tokenEnt } = jose.decodeJwt(
|
|
27
|
+
internalCredentials.token
|
|
28
|
+
);
|
|
29
|
+
if (typeof userEntityRef !== "string") {
|
|
30
|
+
throw new Error("User entity ref must be a string");
|
|
31
|
+
}
|
|
32
|
+
let ownershipEntityRefs = tokenEnt;
|
|
33
|
+
if (!ownershipEntityRefs) {
|
|
34
|
+
const userInfoResp = await fetch__default.default(
|
|
35
|
+
`${await this.discovery.getBaseUrl("auth")}/v1/userinfo`,
|
|
36
|
+
{
|
|
37
|
+
headers: {
|
|
38
|
+
Authorization: `Bearer ${internalCredentials.token}`
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
);
|
|
42
|
+
if (!userInfoResp.ok) {
|
|
43
|
+
throw await errors.ResponseError.fromResponse(userInfoResp);
|
|
44
|
+
}
|
|
45
|
+
const {
|
|
46
|
+
claims: { ent }
|
|
47
|
+
} = await userInfoResp.json();
|
|
48
|
+
ownershipEntityRefs = ent;
|
|
49
|
+
}
|
|
50
|
+
if (!ownershipEntityRefs) {
|
|
51
|
+
throw new Error("Ownership entity refs can not be determined");
|
|
52
|
+
} else if (!Array.isArray(ownershipEntityRefs) || ownershipEntityRefs.some((ref) => typeof ref !== "string")) {
|
|
53
|
+
throw new Error("Ownership entity refs must be an array of strings");
|
|
54
|
+
}
|
|
55
|
+
return { userEntityRef, ownershipEntityRefs };
|
|
56
|
+
}
|
|
57
|
+
}
|
|
58
|
+
|
|
59
|
+
const userInfoServiceFactory = backendPluginApi.createServiceFactory({
|
|
60
|
+
service: backendPluginApi.coreServices.userInfo,
|
|
61
|
+
deps: {
|
|
62
|
+
discovery: backendPluginApi.coreServices.discovery
|
|
63
|
+
},
|
|
64
|
+
async factory({ discovery }) {
|
|
65
|
+
return new DefaultUserInfoService({ discovery });
|
|
66
|
+
}
|
|
67
|
+
});
|
|
68
|
+
|
|
69
|
+
exports.userInfoServiceFactory = userInfoServiceFactory;
|
|
70
|
+
//# sourceMappingURL=userInfo.cjs.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"userInfo.cjs.js","sources":["../src/entrypoints/userInfo/DefaultUserInfoService.ts","../src/entrypoints/userInfo/userInfoServiceFactory.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n UserInfoService,\n BackstageUserInfo,\n DiscoveryService,\n BackstageCredentials,\n} from '@backstage/backend-plugin-api';\nimport { ResponseError } from '@backstage/errors';\nimport { decodeJwt } from 'jose';\nimport fetch from 'node-fetch';\nimport { toInternalBackstageCredentials } from '../auth/helpers';\n\nexport type Options = {\n discovery: DiscoveryService;\n};\n\nexport class DefaultUserInfoService implements UserInfoService {\n private readonly discovery: DiscoveryService;\n\n constructor(options: Options) {\n this.discovery = options.discovery;\n }\n\n async getUserInfo(\n credentials: BackstageCredentials,\n ): Promise<BackstageUserInfo> {\n const internalCredentials = toInternalBackstageCredentials(credentials);\n if (internalCredentials.principal.type !== 'user') {\n throw new Error('Only user credentials are supported');\n }\n if (!internalCredentials.token) {\n throw new Error('User credentials is unexpectedly missing token');\n }\n const { sub: userEntityRef, ent: tokenEnt } = decodeJwt(\n internalCredentials.token,\n );\n\n if (typeof userEntityRef !== 'string') {\n throw new Error('User entity ref must be a string');\n }\n\n let ownershipEntityRefs = tokenEnt;\n\n if (!ownershipEntityRefs) {\n const userInfoResp = await fetch(\n `${await this.discovery.getBaseUrl('auth')}/v1/userinfo`,\n {\n headers: {\n Authorization: `Bearer ${internalCredentials.token}`,\n },\n },\n );\n\n if (!userInfoResp.ok) {\n throw await ResponseError.fromResponse(userInfoResp);\n }\n\n const {\n claims: { ent },\n } = await userInfoResp.json();\n ownershipEntityRefs = ent;\n }\n\n if (!ownershipEntityRefs) {\n throw new Error('Ownership entity refs can not be determined');\n } else if (\n !Array.isArray(ownershipEntityRefs) ||\n ownershipEntityRefs.some(ref => typeof ref !== 'string')\n ) {\n throw new Error('Ownership entity refs must be an array of strings');\n }\n\n return { userEntityRef, ownershipEntityRefs };\n }\n}\n","/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n coreServices,\n createServiceFactory,\n} from '@backstage/backend-plugin-api';\nimport { DefaultUserInfoService } from './DefaultUserInfoService';\n\n/**\n * Authenticated user information retrieval.\n *\n * See {@link @backstage/code-plugin-api#UserInfoService}\n * and {@link https://backstage.io/docs/backend-system/core-services/user-info | the service docs}\n * for more information.\n *\n * @public\n */\nexport const userInfoServiceFactory = createServiceFactory({\n service: coreServices.userInfo,\n deps: {\n discovery: coreServices.discovery,\n },\n async factory({ discovery }) {\n return new DefaultUserInfoService({ discovery });\n },\n});\n"],"names":["toInternalBackstageCredentials","decodeJwt","fetch","ResponseError","createServiceFactory","coreServices"],"mappings":";;;;;;;;;;;;AA+BO,MAAM,sBAAkD,CAAA;AAAA,EAC5C,SAAA,CAAA;AAAA,EAEjB,YAAY,OAAkB,EAAA;AAC5B,IAAA,IAAA,CAAK,YAAY,OAAQ,CAAA,SAAA,CAAA;AAAA,GAC3B;AAAA,EAEA,MAAM,YACJ,WAC4B,EAAA;AAC5B,IAAM,MAAA,mBAAA,GAAsBA,uCAA+B,WAAW,CAAA,CAAA;AACtE,IAAI,IAAA,mBAAA,CAAoB,SAAU,CAAA,IAAA,KAAS,MAAQ,EAAA;AACjD,MAAM,MAAA,IAAI,MAAM,qCAAqC,CAAA,CAAA;AAAA,KACvD;AACA,IAAI,IAAA,CAAC,oBAAoB,KAAO,EAAA;AAC9B,MAAM,MAAA,IAAI,MAAM,gDAAgD,CAAA,CAAA;AAAA,KAClE;AACA,IAAA,MAAM,EAAE,GAAA,EAAK,aAAe,EAAA,GAAA,EAAK,UAAa,GAAAC,cAAA;AAAA,MAC5C,mBAAoB,CAAA,KAAA;AAAA,KACtB,CAAA;AAEA,IAAI,IAAA,OAAO,kBAAkB,QAAU,EAAA;AACrC,MAAM,MAAA,IAAI,MAAM,kCAAkC,CAAA,CAAA;AAAA,KACpD;AAEA,IAAA,IAAI,mBAAsB,GAAA,QAAA,CAAA;AAE1B,IAAA,IAAI,CAAC,mBAAqB,EAAA;AACxB,MAAA,MAAM,eAAe,MAAMC,sBAAA;AAAA,QACzB,GAAG,MAAM,IAAA,CAAK,SAAU,CAAA,UAAA,CAAW,MAAM,CAAC,CAAA,YAAA,CAAA;AAAA,QAC1C;AAAA,UACE,OAAS,EAAA;AAAA,YACP,aAAA,EAAe,CAAU,OAAA,EAAA,mBAAA,CAAoB,KAAK,CAAA,CAAA;AAAA,WACpD;AAAA,SACF;AAAA,OACF,CAAA;AAEA,MAAI,IAAA,CAAC,aAAa,EAAI,EAAA;AACpB,QAAM,MAAA,MAAMC,oBAAc,CAAA,YAAA,CAAa,YAAY,CAAA,CAAA;AAAA,OACrD;AAEA,MAAM,MAAA;AAAA,QACJ,MAAA,EAAQ,EAAE,GAAI,EAAA;AAAA,OAChB,GAAI,MAAM,YAAA,CAAa,IAAK,EAAA,CAAA;AAC5B,MAAsB,mBAAA,GAAA,GAAA,CAAA;AAAA,KACxB;AAEA,IAAA,IAAI,CAAC,mBAAqB,EAAA;AACxB,MAAM,MAAA,IAAI,MAAM,6CAA6C,CAAA,CAAA;AAAA,KAE7D,MAAA,IAAA,CAAC,KAAM,CAAA,OAAA,CAAQ,mBAAmB,CAAA,IAClC,mBAAoB,CAAA,IAAA,CAAK,CAAO,GAAA,KAAA,OAAO,GAAQ,KAAA,QAAQ,CACvD,EAAA;AACA,MAAM,MAAA,IAAI,MAAM,mDAAmD,CAAA,CAAA;AAAA,KACrE;AAEA,IAAO,OAAA,EAAE,eAAe,mBAAoB,EAAA,CAAA;AAAA,GAC9C;AACF;;AC1DO,MAAM,yBAAyBC,qCAAqB,CAAA;AAAA,EACzD,SAASC,6BAAa,CAAA,QAAA;AAAA,EACtB,IAAM,EAAA;AAAA,IACJ,WAAWA,6BAAa,CAAA,SAAA;AAAA,GAC1B;AAAA,EACA,MAAM,OAAA,CAAQ,EAAE,SAAA,EAAa,EAAA;AAC3B,IAAA,OAAO,IAAI,sBAAA,CAAuB,EAAE,SAAA,EAAW,CAAA,CAAA;AAAA,GACjD;AACF,CAAC;;;;"}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import * as _backstage_backend_plugin_api from '@backstage/backend-plugin-api';
|
|
2
|
+
|
|
3
|
+
/**
|
|
4
|
+
* Authenticated user information retrieval.
|
|
5
|
+
*
|
|
6
|
+
* See {@link @backstage/code-plugin-api#UserInfoService}
|
|
7
|
+
* and {@link https://backstage.io/docs/backend-system/core-services/user-info | the service docs}
|
|
8
|
+
* for more information.
|
|
9
|
+
*
|
|
10
|
+
* @public
|
|
11
|
+
*/
|
|
12
|
+
declare const userInfoServiceFactory: () => _backstage_backend_plugin_api.ServiceFactory<_backstage_backend_plugin_api.UserInfoService, "plugin">;
|
|
13
|
+
|
|
14
|
+
export { userInfoServiceFactory };
|
package/lifecycle/package.json
CHANGED
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Copyright 2024 The Backstage Authors
|
|
3
|
+
*
|
|
4
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
5
|
+
* you may not use this file except in compliance with the License.
|
|
6
|
+
* You may obtain a copy of the License at
|
|
7
|
+
*
|
|
8
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
9
|
+
*
|
|
10
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
11
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
12
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
13
|
+
* See the License for the specific language governing permissions and
|
|
14
|
+
* limitations under the License.
|
|
15
|
+
*/
|
|
16
|
+
|
|
17
|
+
// @ts-check
|
|
18
|
+
|
|
19
|
+
/**
|
|
20
|
+
* @param { import("knex").Knex } knex
|
|
21
|
+
* @returns { Promise<void> }
|
|
22
|
+
*/
|
|
23
|
+
exports.up = async function up(knex) {
|
|
24
|
+
await knex.schema.createTable(
|
|
25
|
+
'backstage_backend_public_keys__keys',
|
|
26
|
+
table => {
|
|
27
|
+
table
|
|
28
|
+
.string('id')
|
|
29
|
+
.primary()
|
|
30
|
+
.notNullable()
|
|
31
|
+
.comment('The unique ID of a public key');
|
|
32
|
+
|
|
33
|
+
table.text('key').notNullable().comment('JSON serialized public key');
|
|
34
|
+
|
|
35
|
+
// Expiration is stored as a string for simplicity, all checks are done client-side
|
|
36
|
+
table
|
|
37
|
+
.string('expires_at')
|
|
38
|
+
.notNullable()
|
|
39
|
+
.comment('The time that the key expires');
|
|
40
|
+
},
|
|
41
|
+
);
|
|
42
|
+
};
|
|
43
|
+
|
|
44
|
+
/**
|
|
45
|
+
* @param { import("knex").Knex } knex
|
|
46
|
+
* @returns { Promise<void> }
|
|
47
|
+
*/
|
|
48
|
+
exports.down = async function down(knex) {
|
|
49
|
+
return knex.schema.dropTable('backstage_backend_public_keys__keys');
|
|
50
|
+
};
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@backstage/backend-defaults",
|
|
3
|
-
"version": "0.3.0
|
|
3
|
+
"version": "0.3.0",
|
|
4
4
|
"description": "Backend defaults used by Backstage backend apps",
|
|
5
5
|
"backstage": {
|
|
6
6
|
"role": "node-library"
|
|
@@ -24,6 +24,11 @@
|
|
|
24
24
|
"types": "./dist/index.d.ts",
|
|
25
25
|
"default": "./dist/index.cjs.js"
|
|
26
26
|
},
|
|
27
|
+
"./auth": {
|
|
28
|
+
"require": "./dist/auth.cjs.js",
|
|
29
|
+
"types": "./dist/auth.d.ts",
|
|
30
|
+
"default": "./dist/auth.cjs.js"
|
|
31
|
+
},
|
|
27
32
|
"./cache": {
|
|
28
33
|
"require": "./dist/cache.cjs.js",
|
|
29
34
|
"types": "./dist/cache.d.ts",
|
|
@@ -39,11 +44,26 @@
|
|
|
39
44
|
"types": "./dist/discovery.d.ts",
|
|
40
45
|
"default": "./dist/discovery.cjs.js"
|
|
41
46
|
},
|
|
47
|
+
"./httpAuth": {
|
|
48
|
+
"require": "./dist/httpAuth.cjs.js",
|
|
49
|
+
"types": "./dist/httpAuth.d.ts",
|
|
50
|
+
"default": "./dist/httpAuth.cjs.js"
|
|
51
|
+
},
|
|
52
|
+
"./httpRouter": {
|
|
53
|
+
"require": "./dist/httpRouter.cjs.js",
|
|
54
|
+
"types": "./dist/httpRouter.d.ts",
|
|
55
|
+
"default": "./dist/httpRouter.cjs.js"
|
|
56
|
+
},
|
|
42
57
|
"./lifecycle": {
|
|
43
58
|
"require": "./dist/lifecycle.cjs.js",
|
|
44
59
|
"types": "./dist/lifecycle.d.ts",
|
|
45
60
|
"default": "./dist/lifecycle.cjs.js"
|
|
46
61
|
},
|
|
62
|
+
"./logger": {
|
|
63
|
+
"require": "./dist/logger.cjs.js",
|
|
64
|
+
"types": "./dist/logger.d.ts",
|
|
65
|
+
"default": "./dist/logger.cjs.js"
|
|
66
|
+
},
|
|
47
67
|
"./permissions": {
|
|
48
68
|
"require": "./dist/permissions.cjs.js",
|
|
49
69
|
"types": "./dist/permissions.d.ts",
|
|
@@ -54,11 +74,21 @@
|
|
|
54
74
|
"types": "./dist/rootConfig.d.ts",
|
|
55
75
|
"default": "./dist/rootConfig.cjs.js"
|
|
56
76
|
},
|
|
77
|
+
"./rootHttpRouter": {
|
|
78
|
+
"require": "./dist/rootHttpRouter.cjs.js",
|
|
79
|
+
"types": "./dist/rootHttpRouter.d.ts",
|
|
80
|
+
"default": "./dist/rootHttpRouter.cjs.js"
|
|
81
|
+
},
|
|
57
82
|
"./rootLifecycle": {
|
|
58
83
|
"require": "./dist/rootLifecycle.cjs.js",
|
|
59
84
|
"types": "./dist/rootLifecycle.d.ts",
|
|
60
85
|
"default": "./dist/rootLifecycle.cjs.js"
|
|
61
86
|
},
|
|
87
|
+
"./rootLogger": {
|
|
88
|
+
"require": "./dist/rootLogger.cjs.js",
|
|
89
|
+
"types": "./dist/rootLogger.d.ts",
|
|
90
|
+
"default": "./dist/rootLogger.cjs.js"
|
|
91
|
+
},
|
|
62
92
|
"./scheduler": {
|
|
63
93
|
"require": "./dist/scheduler.cjs.js",
|
|
64
94
|
"types": "./dist/scheduler.d.ts",
|
|
@@ -69,6 +99,11 @@
|
|
|
69
99
|
"types": "./dist/urlReader.d.ts",
|
|
70
100
|
"default": "./dist/urlReader.cjs.js"
|
|
71
101
|
},
|
|
102
|
+
"./userInfo": {
|
|
103
|
+
"require": "./dist/userInfo.cjs.js",
|
|
104
|
+
"types": "./dist/userInfo.d.ts",
|
|
105
|
+
"default": "./dist/userInfo.cjs.js"
|
|
106
|
+
},
|
|
72
107
|
"./package.json": "./package.json"
|
|
73
108
|
},
|
|
74
109
|
"main": "./dist/index.cjs.js",
|
|
@@ -77,15 +112,22 @@
|
|
|
77
112
|
"config.d.ts",
|
|
78
113
|
"dist",
|
|
79
114
|
"migrations",
|
|
115
|
+
"auth",
|
|
80
116
|
"cache",
|
|
81
117
|
"database",
|
|
82
118
|
"discovery",
|
|
119
|
+
"httpAuth",
|
|
120
|
+
"httpRouter",
|
|
83
121
|
"lifecycle",
|
|
122
|
+
"logger",
|
|
84
123
|
"permissions",
|
|
85
124
|
"rootConfig",
|
|
125
|
+
"rootHttpRouter",
|
|
86
126
|
"rootLifecycle",
|
|
127
|
+
"rootLogger",
|
|
87
128
|
"scheduler",
|
|
88
|
-
"urlReader"
|
|
129
|
+
"urlReader",
|
|
130
|
+
"userInfo"
|
|
89
131
|
],
|
|
90
132
|
"scripts": {
|
|
91
133
|
"build": "backstage-cli package build",
|
|
@@ -102,55 +144,83 @@
|
|
|
102
144
|
"@aws-sdk/client-s3": "^3.350.0",
|
|
103
145
|
"@aws-sdk/credential-providers": "^3.350.0",
|
|
104
146
|
"@aws-sdk/types": "^3.347.0",
|
|
105
|
-
"@backstage/backend-app-api": "^0.7.6
|
|
106
|
-
"@backstage/backend-common": "^0.23.0
|
|
147
|
+
"@backstage/backend-app-api": "^0.7.6",
|
|
148
|
+
"@backstage/backend-common": "^0.23.0",
|
|
107
149
|
"@backstage/backend-dev-utils": "^0.1.4",
|
|
108
|
-
"@backstage/backend-plugin-api": "^0.6.19
|
|
150
|
+
"@backstage/backend-plugin-api": "^0.6.19",
|
|
151
|
+
"@backstage/cli-common": "^0.1.14",
|
|
109
152
|
"@backstage/config": "^1.2.0",
|
|
110
|
-
"@backstage/config-loader": "^1.8.1
|
|
153
|
+
"@backstage/config-loader": "^1.8.1",
|
|
111
154
|
"@backstage/errors": "^1.2.4",
|
|
112
|
-
"@backstage/integration": "^1.12.0
|
|
155
|
+
"@backstage/integration": "^1.12.0",
|
|
113
156
|
"@backstage/integration-aws-node": "^0.1.12",
|
|
114
|
-
"@backstage/plugin-
|
|
115
|
-
"@backstage/plugin-
|
|
157
|
+
"@backstage/plugin-auth-node": "^0.4.14",
|
|
158
|
+
"@backstage/plugin-events-node": "^0.3.5",
|
|
159
|
+
"@backstage/plugin-permission-node": "^0.7.30",
|
|
116
160
|
"@backstage/types": "^1.1.1",
|
|
117
161
|
"@google-cloud/storage": "^7.0.0",
|
|
118
162
|
"@keyv/memcache": "^1.3.5",
|
|
119
163
|
"@keyv/redis": "^2.5.3",
|
|
164
|
+
"@manypkg/get-packages": "^1.1.3",
|
|
120
165
|
"@octokit/rest": "^19.0.3",
|
|
121
166
|
"@opentelemetry/api": "^1.3.0",
|
|
167
|
+
"@types/cors": "^2.8.6",
|
|
168
|
+
"@types/express": "^4.17.6",
|
|
122
169
|
"archiver": "^6.0.0",
|
|
123
170
|
"base64-stream": "^1.0.0",
|
|
124
171
|
"better-sqlite3": "^9.0.0",
|
|
172
|
+
"compression": "^1.7.4",
|
|
125
173
|
"concat-stream": "^2.0.0",
|
|
174
|
+
"cookie": "^0.6.0",
|
|
175
|
+
"cors": "^2.8.5",
|
|
126
176
|
"cron": "^3.0.0",
|
|
177
|
+
"express": "^4.17.1",
|
|
178
|
+
"express-promise-router": "^4.1.0",
|
|
127
179
|
"fs-extra": "^11.2.0",
|
|
128
180
|
"git-url-parse": "^14.0.0",
|
|
181
|
+
"helmet": "^6.0.0",
|
|
129
182
|
"isomorphic-git": "^1.23.0",
|
|
183
|
+
"jose": "^5.0.0",
|
|
130
184
|
"keyv": "^4.5.2",
|
|
131
185
|
"knex": "^3.0.0",
|
|
132
186
|
"lodash": "^4.17.21",
|
|
187
|
+
"logform": "^2.3.2",
|
|
133
188
|
"luxon": "^3.0.0",
|
|
134
189
|
"minimatch": "^9.0.0",
|
|
190
|
+
"minimist": "^1.2.5",
|
|
191
|
+
"morgan": "^1.10.0",
|
|
135
192
|
"mysql2": "^3.0.0",
|
|
136
193
|
"node-fetch": "^2.6.7",
|
|
194
|
+
"node-forge": "^1.3.1",
|
|
137
195
|
"p-limit": "^3.1.0",
|
|
196
|
+
"path-to-regexp": "^6.2.1",
|
|
138
197
|
"pg": "^8.11.3",
|
|
139
198
|
"pg-connection-string": "^2.3.0",
|
|
140
199
|
"raw-body": "^2.4.1",
|
|
200
|
+
"selfsigned": "^2.0.0",
|
|
201
|
+
"stoppable": "^1.1.0",
|
|
141
202
|
"tar": "^6.1.12",
|
|
203
|
+
"triple-beam": "^1.4.1",
|
|
142
204
|
"uuid": "^9.0.0",
|
|
205
|
+
"winston": "^3.2.1",
|
|
206
|
+
"winston-transport": "^4.5.0",
|
|
143
207
|
"yauzl": "^3.0.0",
|
|
144
208
|
"yn": "^4.0.0",
|
|
145
209
|
"zod": "^3.22.4"
|
|
146
210
|
},
|
|
147
211
|
"devDependencies": {
|
|
148
212
|
"@aws-sdk/util-stream-node": "^3.350.0",
|
|
149
|
-
"@backstage/backend-plugin-api": "^0.6.19
|
|
150
|
-
"@backstage/backend-test-utils": "^0.4.0
|
|
151
|
-
"@backstage/cli": "^0.26.7
|
|
213
|
+
"@backstage/backend-plugin-api": "^0.6.19",
|
|
214
|
+
"@backstage/backend-test-utils": "^0.4.0",
|
|
215
|
+
"@backstage/cli": "^0.26.7",
|
|
216
|
+
"@types/http-errors": "^2.0.0",
|
|
217
|
+
"@types/morgan": "^1.9.0",
|
|
218
|
+
"@types/node-forge": "^1.3.0",
|
|
219
|
+
"@types/stoppable": "^1.1.0",
|
|
152
220
|
"aws-sdk-client-mock": "^4.0.0",
|
|
221
|
+
"http-errors": "^2.0.0",
|
|
153
222
|
"msw": "^1.0.0",
|
|
223
|
+
"supertest": "^6.1.3",
|
|
154
224
|
"wait-for-expect": "^3.0.2"
|
|
155
225
|
},
|
|
156
226
|
"configSchema": "config.d.ts"
|
package/permissions/package.json
CHANGED
package/rootConfig/package.json
CHANGED
package/scheduler/package.json
CHANGED