@backstage/plugin-auth-backend-module-aws-alb-provider 0.3.1-next.0 → 0.3.1-next.1

package/CHANGELOG.md

@@ -1,5 +1,16 @@
 # @backstage/plugin-auth-backend-module-aws-alb-provider
 
+## 0.3.1-next.1
+
+### Patch Changes
+
+- 5c9cc05: Use native fetch instead of node-fetch
+- Updated dependencies
+  - @backstage/plugin-auth-backend@0.24.1-next.1
+  - @backstage/plugin-auth-node@0.5.5-next.1
+  - @backstage/backend-plugin-api@1.1.0-next.1
+  - @backstage/errors@1.2.5
+
 ## 0.3.1-next.0
 
 ### Patch Changes

package/dist/helpers.cjs.js

@@ -2,11 +2,8 @@
 
 var crypto = require('crypto');
 var jose = require('jose');
-var fetch = require('node-fetch');
 var errors = require('@backstage/errors');
 
-function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'default' in e ? e : { default: e }; }
-
 function _interopNamespaceCompat(e) {
   if (e && typeof e === 'object' && 'default' in e) return e;
   var n = Object.create(null);
@@ -26,7 +23,6 @@ function _interopNamespaceCompat(e) {
 }
 
 var crypto__namespace = /*#__PURE__*/_interopNamespaceCompat(crypto);
-var fetch__default = /*#__PURE__*/_interopDefaultCompat(fetch);
 
 const makeProfileInfo = (profile, idToken) => {
   let email = void 0;
@@ -83,7 +79,7 @@ const provisionKeyCache = (region, keyCache) => {
     if (optionalCacheKey) {
       return crypto__namespace.createPublicKey(optionalCacheKey);
     }
-    const keyText = await fetch__default.default(
+    const keyText = await fetch(
       `${getPublicKeyEndpoint(region)}/${encodeURIComponent(header.kid)}`
     ).then((response) => response.text());
     const keyValue = crypto__namespace.createPublicKey(keyText);

package/dist/helpers.cjs.js.map

@@ -1 +1 @@
-{"version":3,"file":"helpers.cjs.js","sources":["../src/helpers.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport { KeyObject } from 'crypto';\nimport * as crypto from 'crypto';\nimport { JWTHeaderParameters, decodeJwt } from 'jose';\nimport NodeCache from 'node-cache';\nimport fetch from 'node-fetch';\nimport { PassportProfile, ProfileInfo } from '@backstage/plugin-auth-node';\nimport { AuthenticationError } from '@backstage/errors';\n\nexport const makeProfileInfo = (\n  profile: PassportProfile,\n  idToken?: string,\n): ProfileInfo => {\n  let email: string | undefined = undefined;\n  if (profile.emails && profile.emails.length > 0) {\n    const [firstEmail] = profile.emails;\n    email = firstEmail.value;\n  }\n\n  let picture: string | undefined = undefined;\n  if (profile.avatarUrl) {\n    picture = profile.avatarUrl;\n  } else if (profile.photos && profile.photos.length > 0) {\n    const [firstPhoto] = profile.photos;\n    picture = firstPhoto.value;\n  }\n\n  let displayName: string | undefined =\n    profile.displayName ?? profile.username ?? profile.id;\n\n  if ((!email || !picture || !displayName) && idToken) {\n    try {\n      const decoded: Record<string, string> = decodeJwt(idToken) as {\n        email?: string;\n        picture?: string;\n        name?: string;\n      };\n      if (!email && decoded.email) {\n        email = decoded.email;\n      }\n      if (!picture && decoded.picture) {\n        picture = decoded.picture;\n      }\n      if (!displayName && decoded.name) {\n        displayName = decoded.name;\n      }\n    } catch (e) {\n      throw new Error(`Failed to parse id token and get profile info, ${e}`);\n    }\n  }\n\n  return {\n    email,\n    picture,\n    displayName,\n  };\n};\n\nconst getPublicKeyEndpoint = (region: string) => {\n  if (region.startsWith('us-gov')) {\n    return `https://s3-${encodeURIComponent(\n      region,\n    )}.amazonaws.com/aws-elb-public-keys-prod-${encodeURIComponent(region)}`;\n  }\n\n  return `https://public-keys.auth.elb.${encodeURIComponent(\n    region,\n  )}.amazonaws.com`;\n};\n\nexport const provisionKeyCache = (region: string, keyCache: NodeCache) => {\n  return async (header: JWTHeaderParameters): Promise<KeyObject> => {\n    if (!header.kid) {\n      throw new AuthenticationError('No key id was specified in header');\n    }\n    const optionalCacheKey = keyCache.get<KeyObject>(header.kid);\n    if (optionalCacheKey) {\n      return crypto.createPublicKey(optionalCacheKey);\n    }\n\n    const keyText: string = await fetch(\n      `${getPublicKeyEndpoint(region)}/${encodeURIComponent(header.kid)}`,\n    ).then(response => response.text());\n\n    const keyValue = crypto.createPublicKey(keyText);\n    keyCache.set(header.kid, keyValue.export({ format: 'pem', type: 'spki' }));\n    return keyValue;\n  };\n};\n"],"names":["decodeJwt","AuthenticationError","crypto","fetch"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAuBa,MAAA,eAAA,GAAkB,CAC7B,OAAA,EACA,OACgB,KAAA;AAChB,EAAA,IAAI,KAA4B,GAAA,KAAA,CAAA;AAChC,EAAA,IAAI,OAAQ,CAAA,MAAA,IAAU,OAAQ,CAAA,MAAA,CAAO,SAAS,CAAG,EAAA;AAC/C,IAAM,MAAA,CAAC,UAAU,CAAA,GAAI,OAAQ,CAAA,MAAA;AAC7B,IAAA,KAAA,GAAQ,UAAW,CAAA,KAAA;AAAA;AAGrB,EAAA,IAAI,OAA8B,GAAA,KAAA,CAAA;AAClC,EAAA,IAAI,QAAQ,SAAW,EAAA;AACrB,IAAA,OAAA,GAAU,OAAQ,CAAA,SAAA;AAAA,aACT,OAAQ,CAAA,MAAA,IAAU,OAAQ,CAAA,MAAA,CAAO,SAAS,CAAG,EAAA;AACtD,IAAM,MAAA,CAAC,UAAU,CAAA,GAAI,OAAQ,CAAA,MAAA;AAC7B,IAAA,OAAA,GAAU,UAAW,CAAA,KAAA;AAAA;AAGvB,EAAA,IAAI,WACF,GAAA,OAAA,CAAQ,WAAe,IAAA,OAAA,CAAQ,YAAY,OAAQ,CAAA,EAAA;AAErD,EAAA,IAAA,CAAK,CAAC,KAAS,IAAA,CAAC,OAAW,IAAA,CAAC,gBAAgB,OAAS,EAAA;AACnD,IAAI,IAAA;AACF,MAAM,MAAA,OAAA,GAAkCA,eAAU,OAAO,CAAA;AAKzD,MAAI,IAAA,CAAC,KAAS,IAAA,OAAA,CAAQ,KAAO,EAAA;AAC3B,QAAA,KAAA,GAAQ,OAAQ,CAAA,KAAA;AAAA;AAElB,MAAI,IAAA,CAAC,OAAW,IAAA,OAAA,CAAQ,OAAS,EAAA;AAC/B,QAAA,OAAA,GAAU,OAAQ,CAAA,OAAA;AAAA;AAEpB,MAAI,IAAA,CAAC,WAAe,IAAA,OAAA,CAAQ,IAAM,EAAA;AAChC,QAAA,WAAA,GAAc,OAAQ,CAAA,IAAA;AAAA;AACxB,aACO,CAAG,EAAA;AACV,MAAA,MAAM,IAAI,KAAA,CAAM,CAAkD,+CAAA,EAAA,CAAC,CAAE,CAAA,CAAA;AAAA;AACvE;AAGF,EAAO,OAAA;AAAA,IACL,KAAA;AAAA,IACA,OAAA;AAAA,IACA;AAAA,GACF;AACF;AAEA,MAAM,oBAAA,GAAuB,CAAC,MAAmB,KAAA;AAC/C,EAAI,IAAA,MAAA,CAAO,UAAW,CAAA,QAAQ,CAAG,EAAA;AAC/B,IAAA,OAAO,CAAc,WAAA,EAAA,kBAAA;AAAA,MACnB;AAAA,KACD,CAAA,wCAAA,EAA2C,kBAAmB,CAAA,MAAM,CAAC,CAAA,CAAA;AAAA;AAGxE,EAAA,OAAO,CAAgC,6BAAA,EAAA,kBAAA;AAAA,IACrC;AAAA,GACD,CAAA,cAAA,CAAA;AACH,CAAA;AAEa,MAAA,iBAAA,GAAoB,CAAC,MAAA,EAAgB,QAAwB,KAAA;AACxE,EAAA,OAAO,OAAO,MAAoD,KAAA;AAChE,IAAI,IAAA,CAAC,OAAO,GAAK,EAAA;AACf,MAAM,MAAA,IAAIC,2BAAoB,mCAAmC,CAAA;AAAA;AAEnE,IAAA,MAAM,gBAAmB,GAAA,QAAA,CAAS,GAAe,CAAA,MAAA,CAAO,GAAG,CAAA;AAC3D,IAAA,IAAI,gBAAkB,EAAA;AACpB,MAAO,OAAAC,iBAAA,CAAO,gBAAgB,gBAAgB,CAAA;AAAA;AAGhD,IAAA,MAAM,UAAkB,MAAMC,sBAAA;AAAA,MAC5B,CAAA,EAAG,qBAAqB,MAAM,CAAC,IAAI,kBAAmB,CAAA,MAAA,CAAO,GAAG,CAAC,CAAA;AAAA,KACjE,CAAA,IAAA,CAAK,CAAY,QAAA,KAAA,QAAA,CAAS,MAAM,CAAA;AAElC,IAAM,MAAA,QAAA,GAAWD,iBAAO,CAAA,eAAA,CAAgB,OAAO,CAAA;AAC/C,IAAS,QAAA,CAAA,GAAA,CAAI,MAAO,CAAA,GAAA,EAAK,QAAS,CAAA,MAAA,CAAO,EAAE,MAAA,EAAQ,KAAO,EAAA,IAAA,EAAM,MAAO,EAAC,CAAC,CAAA;AACzE,IAAO,OAAA,QAAA;AAAA,GACT;AACF;;;;;"}
+{"version":3,"file":"helpers.cjs.js","sources":["../src/helpers.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { KeyObject } from 'crypto';\nimport * as crypto from 'crypto';\nimport { JWTHeaderParameters, decodeJwt } from 'jose';\nimport NodeCache from 'node-cache';\nimport { PassportProfile, ProfileInfo } from '@backstage/plugin-auth-node';\nimport { AuthenticationError } from '@backstage/errors';\n\nexport const makeProfileInfo = (\n  profile: PassportProfile,\n  idToken?: string,\n): ProfileInfo => {\n  let email: string | undefined = undefined;\n  if (profile.emails && profile.emails.length > 0) {\n    const [firstEmail] = profile.emails;\n    email = firstEmail.value;\n  }\n\n  let picture: string | undefined = undefined;\n  if (profile.avatarUrl) {\n    picture = profile.avatarUrl;\n  } else if (profile.photos && profile.photos.length > 0) {\n    const [firstPhoto] = profile.photos;\n    picture = firstPhoto.value;\n  }\n\n  let displayName: string | undefined =\n    profile.displayName ?? profile.username ?? profile.id;\n\n  if ((!email || !picture || !displayName) && idToken) {\n    try {\n      const decoded: Record<string, string> = decodeJwt(idToken) as {\n        email?: string;\n        picture?: string;\n        name?: string;\n      };\n      if (!email && decoded.email) {\n        email = decoded.email;\n      }\n      if (!picture && decoded.picture) {\n        picture = decoded.picture;\n      }\n      if (!displayName && decoded.name) {\n        displayName = decoded.name;\n      }\n    } catch (e) {\n      throw new Error(`Failed to parse id token and get profile info, ${e}`);\n    }\n  }\n\n  return {\n    email,\n    picture,\n    displayName,\n  };\n};\n\nconst getPublicKeyEndpoint = (region: string) => {\n  if (region.startsWith('us-gov')) {\n    return `https://s3-${encodeURIComponent(\n      region,\n    )}.amazonaws.com/aws-elb-public-keys-prod-${encodeURIComponent(region)}`;\n  }\n\n  return `https://public-keys.auth.elb.${encodeURIComponent(\n    region,\n  )}.amazonaws.com`;\n};\n\nexport const provisionKeyCache = (region: string, keyCache: NodeCache) => {\n  return async (header: JWTHeaderParameters): Promise<KeyObject> => {\n    if (!header.kid) {\n      throw new AuthenticationError('No key id was specified in header');\n    }\n    const optionalCacheKey = keyCache.get<KeyObject>(header.kid);\n    if (optionalCacheKey) {\n      return crypto.createPublicKey(optionalCacheKey);\n    }\n\n    const keyText: string = await fetch(\n      `${getPublicKeyEndpoint(region)}/${encodeURIComponent(header.kid)}`,\n    ).then(response => response.text());\n\n    const keyValue = crypto.createPublicKey(keyText);\n    keyCache.set(header.kid, keyValue.export({ format: 'pem', type: 'spki' }));\n    return keyValue;\n  };\n};\n"],"names":["decodeJwt","AuthenticationError","crypto"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAuBa,MAAA,eAAA,GAAkB,CAC7B,OAAA,EACA,OACgB,KAAA;AAChB,EAAA,IAAI,KAA4B,GAAA,KAAA,CAAA;AAChC,EAAA,IAAI,OAAQ,CAAA,MAAA,IAAU,OAAQ,CAAA,MAAA,CAAO,SAAS,CAAG,EAAA;AAC/C,IAAM,MAAA,CAAC,UAAU,CAAA,GAAI,OAAQ,CAAA,MAAA;AAC7B,IAAA,KAAA,GAAQ,UAAW,CAAA,KAAA;AAAA;AAGrB,EAAA,IAAI,OAA8B,GAAA,KAAA,CAAA;AAClC,EAAA,IAAI,QAAQ,SAAW,EAAA;AACrB,IAAA,OAAA,GAAU,OAAQ,CAAA,SAAA;AAAA,aACT,OAAQ,CAAA,MAAA,IAAU,OAAQ,CAAA,MAAA,CAAO,SAAS,CAAG,EAAA;AACtD,IAAM,MAAA,CAAC,UAAU,CAAA,GAAI,OAAQ,CAAA,MAAA;AAC7B,IAAA,OAAA,GAAU,UAAW,CAAA,KAAA;AAAA;AAGvB,EAAA,IAAI,WACF,GAAA,OAAA,CAAQ,WAAe,IAAA,OAAA,CAAQ,YAAY,OAAQ,CAAA,EAAA;AAErD,EAAA,IAAA,CAAK,CAAC,KAAS,IAAA,CAAC,OAAW,IAAA,CAAC,gBAAgB,OAAS,EAAA;AACnD,IAAI,IAAA;AACF,MAAM,MAAA,OAAA,GAAkCA,eAAU,OAAO,CAAA;AAKzD,MAAI,IAAA,CAAC,KAAS,IAAA,OAAA,CAAQ,KAAO,EAAA;AAC3B,QAAA,KAAA,GAAQ,OAAQ,CAAA,KAAA;AAAA;AAElB,MAAI,IAAA,CAAC,OAAW,IAAA,OAAA,CAAQ,OAAS,EAAA;AAC/B,QAAA,OAAA,GAAU,OAAQ,CAAA,OAAA;AAAA;AAEpB,MAAI,IAAA,CAAC,WAAe,IAAA,OAAA,CAAQ,IAAM,EAAA;AAChC,QAAA,WAAA,GAAc,OAAQ,CAAA,IAAA;AAAA;AACxB,aACO,CAAG,EAAA;AACV,MAAA,MAAM,IAAI,KAAA,CAAM,CAAkD,+CAAA,EAAA,CAAC,CAAE,CAAA,CAAA;AAAA;AACvE;AAGF,EAAO,OAAA;AAAA,IACL,KAAA;AAAA,IACA,OAAA;AAAA,IACA;AAAA,GACF;AACF;AAEA,MAAM,oBAAA,GAAuB,CAAC,MAAmB,KAAA;AAC/C,EAAI,IAAA,MAAA,CAAO,UAAW,CAAA,QAAQ,CAAG,EAAA;AAC/B,IAAA,OAAO,CAAc,WAAA,EAAA,kBAAA;AAAA,MACnB;AAAA,KACD,CAAA,wCAAA,EAA2C,kBAAmB,CAAA,MAAM,CAAC,CAAA,CAAA;AAAA;AAGxE,EAAA,OAAO,CAAgC,6BAAA,EAAA,kBAAA;AAAA,IACrC;AAAA,GACD,CAAA,cAAA,CAAA;AACH,CAAA;AAEa,MAAA,iBAAA,GAAoB,CAAC,MAAA,EAAgB,QAAwB,KAAA;AACxE,EAAA,OAAO,OAAO,MAAoD,KAAA;AAChE,IAAI,IAAA,CAAC,OAAO,GAAK,EAAA;AACf,MAAM,MAAA,IAAIC,2BAAoB,mCAAmC,CAAA;AAAA;AAEnE,IAAA,MAAM,gBAAmB,GAAA,QAAA,CAAS,GAAe,CAAA,MAAA,CAAO,GAAG,CAAA;AAC3D,IAAA,IAAI,gBAAkB,EAAA;AACpB,MAAO,OAAAC,iBAAA,CAAO,gBAAgB,gBAAgB,CAAA;AAAA;AAGhD,IAAA,MAAM,UAAkB,MAAM,KAAA;AAAA,MAC5B,CAAA,EAAG,qBAAqB,MAAM,CAAC,IAAI,kBAAmB,CAAA,MAAA,CAAO,GAAG,CAAC,CAAA;AAAA,KACjE,CAAA,IAAA,CAAK,CAAY,QAAA,KAAA,QAAA,CAAS,MAAM,CAAA;AAElC,IAAM,MAAA,QAAA,GAAWA,iBAAO,CAAA,eAAA,CAAgB,OAAO,CAAA;AAC/C,IAAS,QAAA,CAAA,GAAA,CAAI,MAAO,CAAA,GAAA,EAAK,QAAS,CAAA,MAAA,CAAO,EAAE,MAAA,EAAQ,KAAO,EAAA,IAAA,EAAM,MAAO,EAAC,CAAC,CAAA;AACzE,IAAO,OAAA,QAAA;AAAA,GACT;AACF;;;;;"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@backstage/plugin-auth-backend-module-aws-alb-provider",
-  "version": "0.3.1-next.0",
+  "version": "0.3.1-next.1",
   "description": "The aws-alb provider module for the Backstage auth backend.",
   "backstage": {
     "role": "backend-plugin-module",
@@ -37,17 +37,16 @@
     "test": "backstage-cli package test"
   },
   "dependencies": {
-    "@backstage/backend-plugin-api": "1.0.3-next.0",
+    "@backstage/backend-plugin-api": "1.1.0-next.1",
     "@backstage/errors": "1.2.5",
-    "@backstage/plugin-auth-backend": "0.24.1-next.0",
-    "@backstage/plugin-auth-node": "0.5.5-next.0",
+    "@backstage/plugin-auth-backend": "0.24.1-next.1",
+    "@backstage/plugin-auth-node": "0.5.5-next.1",
     "jose": "^5.0.0",
-    "node-cache": "^5.1.2",
-    "node-fetch": "^2.7.0"
+    "node-cache": "^5.1.2"
   },
   "devDependencies": {
-    "@backstage/backend-test-utils": "1.2.0-next.0",
-    "@backstage/cli": "0.29.3-next.0",
+    "@backstage/backend-test-utils": "1.2.0-next.1",
+    "@backstage/cli": "0.29.3-next.1",
     "@backstage/config": "1.3.0",
     "express": "^4.18.2",
     "msw": "^2.0.8"