@backstage/plugin-auth-backend-module-oauth2-proxy-provider 0.2.0-next.1 → 0.2.0

package/CHANGELOG.md

@@ -1,5 +1,31 @@
 # @backstage/plugin-auth-backend-module-oauth2-proxy-provider
 
+## 0.2.0
+
+### Minor Changes
+
+- d425fc4: **BREAKING**: The return values from `createBackendPlugin`, `createBackendModule`, and `createServiceFactory` are now simply `BackendFeature` and `ServiceFactory`, instead of the previously deprecated form of a function that returns them. For this reason, `createServiceFactory` also no longer accepts the callback form where you provide direct options to the service. This also affects all `coreServices.*` service refs.
+
+  This may in particular affect tests; if you were effectively doing `createBackendModule({...})()` (note the parentheses), you can now remove those extra parentheses at the end. You may encounter cases of this in your `packages/backend/src/index.ts` too, where you add plugins, modules, and services. If you were using `createServiceFactory` with a function as its argument for the purpose of passing in options, this pattern has been deprecated for a while and is no longer supported. You may want to explore the new multiton patterns to achieve your goals, or moving settings to app-config.
+
+  As part of this change, the `IdentityFactoryOptions` type was removed, and can no longer be used to tweak that service. The identity service was also deprecated some time ago, and you will want to [migrate to the new auth system](https://backstage.io/docs/tutorials/auth-service-migration) if you still rely on it.
+
+### Patch Changes
+
+- Updated dependencies
+  - @backstage/backend-plugin-api@1.0.0
+  - @backstage/plugin-auth-node@0.5.2
+  - @backstage/errors@1.2.4
+
+## 0.2.0-next.2
+
+### Patch Changes
+
+- Updated dependencies
+  - @backstage/plugin-auth-node@0.5.2-next.2
+  - @backstage/backend-plugin-api@1.0.0-next.2
+  - @backstage/errors@1.2.4
+
 ## 0.2.0-next.1
 
 ### Patch Changes

package/dist/index.cjs.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.cjs.js","sources":["../src/authenticator.ts","../src/resolvers.ts","../src/module.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthenticationError } from '@backstage/errors';\nimport { createProxyAuthenticator } from '@backstage/plugin-auth-node';\nimport { decodeJwt } from 'jose';\nimport { OAuth2ProxyResult } from './types';\n\n/**\n * NOTE: This may come in handy if you're doing work on this provider:\n * plugins/auth-backend/examples/docker-compose.oauth2-proxy.yaml\n *\n * @public\n */\nexport const OAUTH2_PROXY_JWT_HEADER = 'X-OAUTH2-PROXY-ID-TOKEN';\n\n/** @public */\nexport const oauth2ProxyAuthenticator = createProxyAuthenticator({\n  defaultProfileTransform: async (result: OAuth2ProxyResult) => {\n    return {\n      profile: {\n        email: result.getHeader('x-forwarded-email'),\n        displayName:\n          result.getHeader('x-forwarded-preferred-username') ||\n          result.getHeader('x-forwarded-user'),\n      },\n    };\n  },\n  async initialize() {},\n  async authenticate({ req }) {\n    try {\n      const authHeader = req.header(OAUTH2_PROXY_JWT_HEADER);\n      const jwt = authHeader?.match(/^Bearer[ ]+(\\S+)$/i)?.[1];\n      const decodedJWT = jwt && decodeJwt(jwt);\n\n      const result = {\n        fullProfile: decodedJWT || {},\n        accessToken: jwt || '',\n        headers: req.headers,\n        getHeader(name: string) {\n          if (name.toLocaleLowerCase('en-US') === 'set-cookie') {\n            throw new Error('Access Set-Cookie via the headers object instead');\n          }\n          return req.get(name);\n        },\n      };\n\n      return {\n        result,\n        providerInfo: {\n          accessToken: result.accessToken,\n        },\n      };\n    } catch (e) {\n      throw new AuthenticationError('Authentication failed', e);\n    }\n  },\n});\n","/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  createSignInResolverFactory,\n  SignInInfo,\n} from '@backstage/plugin-auth-node';\nimport { OAuth2ProxyResult } from './types';\n\n/**\n * @public\n */\nexport namespace oauth2ProxySignInResolvers {\n  export const forwardedUserMatchingUserEntityName =\n    createSignInResolverFactory({\n      create() {\n        return async (info: SignInInfo<OAuth2ProxyResult>, ctx) => {\n          const name = info.result.getHeader('x-forwarded-user');\n          if (!name) {\n            throw new Error('Request did not contain a user');\n          }\n          return ctx.signInWithCatalogUser({\n            entityRef: { name },\n          });\n        };\n      },\n    });\n}\n","/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { createBackendModule } from '@backstage/backend-plugin-api';\nimport {\n  authProvidersExtensionPoint,\n  createProxyAuthProviderFactory,\n  commonSignInResolvers,\n} from '@backstage/plugin-auth-node';\nimport { oauth2ProxyAuthenticator } from './authenticator';\nimport { oauth2ProxySignInResolvers } from './resolvers';\n\n/** @public */\nexport const authModuleOauth2ProxyProvider = createBackendModule({\n  pluginId: 'auth',\n  moduleId: 'oauth2-proxy-provider',\n  register(reg) {\n    reg.registerInit({\n      deps: {\n        providers: authProvidersExtensionPoint,\n      },\n      async init({ providers }) {\n        providers.registerProvider({\n          providerId: 'oauth2Proxy',\n          factory: createProxyAuthProviderFactory({\n            authenticator: oauth2ProxyAuthenticator,\n            signInResolverFactories: {\n              ...commonSignInResolvers,\n              ...oauth2ProxySignInResolvers,\n            },\n          }),\n        });\n      },\n    });\n  },\n});\n"],"names":["createProxyAuthenticator","decodeJwt","AuthenticationError","oauth2ProxySignInResolvers","createSignInResolverFactory","createBackendModule","authProvidersExtensionPoint","createProxyAuthProviderFactory","commonSignInResolvers"],"mappings":";;;;;;;;;AA2BO,MAAM,uBAA0B,GAAA,0BAAA;AAGhC,MAAM,2BAA2BA,uCAAyB,CAAA;AAAA,EAC/D,uBAAA,EAAyB,OAAO,MAA8B,KAAA;AAC5D,IAAO,OAAA;AAAA,MACL,OAAS,EAAA;AAAA,QACP,KAAA,EAAO,MAAO,CAAA,SAAA,CAAU,mBAAmB,CAAA;AAAA,QAC3C,aACE,MAAO,CAAA,SAAA,CAAU,gCAAgC,CACjD,IAAA,MAAA,CAAO,UAAU,kBAAkB,CAAA;AAAA,OACvC;AAAA,KACF,CAAA;AAAA,GACF;AAAA,EACA,MAAM,UAAa,GAAA;AAAA,GAAC;AAAA,EACpB,MAAM,YAAA,CAAa,EAAE,GAAA,EAAO,EAAA;AAC1B,IAAI,IAAA;AACF,MAAM,MAAA,UAAA,GAAa,GAAI,CAAA,MAAA,CAAO,uBAAuB,CAAA,CAAA;AACrD,MAAA,MAAM,GAAM,GAAA,UAAA,EAAY,KAAM,CAAA,oBAAoB,IAAI,CAAC,CAAA,CAAA;AACvD,MAAM,MAAA,UAAA,GAAa,GAAO,IAAAC,cAAA,CAAU,GAAG,CAAA,CAAA;AAEvC,MAAA,MAAM,MAAS,GAAA;AAAA,QACb,WAAA,EAAa,cAAc,EAAC;AAAA,QAC5B,aAAa,GAAO,IAAA,EAAA;AAAA,QACpB,SAAS,GAAI,CAAA,OAAA;AAAA,QACb,UAAU,IAAc,EAAA;AACtB,UAAA,IAAI,IAAK,CAAA,iBAAA,CAAkB,OAAO,CAAA,KAAM,YAAc,EAAA;AACpD,YAAM,MAAA,IAAI,MAAM,kDAAkD,CAAA,CAAA;AAAA,WACpE;AACA,UAAO,OAAA,GAAA,CAAI,IAAI,IAAI,CAAA,CAAA;AAAA,SACrB;AAAA,OACF,CAAA;AAEA,MAAO,OAAA;AAAA,QACL,MAAA;AAAA,QACA,YAAc,EAAA;AAAA,UACZ,aAAa,MAAO,CAAA,WAAA;AAAA,SACtB;AAAA,OACF,CAAA;AAAA,aACO,CAAG,EAAA;AACV,MAAM,MAAA,IAAIC,0BAAoB,CAAA,uBAAA,EAAyB,CAAC,CAAA,CAAA;AAAA,KAC1D;AAAA,GACF;AACF,CAAC;;AC7CgB,IAAA,0BAAA,CAAA;AAAA,CAAV,CAAUC,2BAAV,KAAA;AACE,EAAMA,2BAAAA,CAAA,sCACXC,0CAA4B,CAAA;AAAA,IAC1B,MAAS,GAAA;AACP,MAAO,OAAA,OAAO,MAAqC,GAAQ,KAAA;AACzD,QAAA,MAAM,IAAO,GAAA,IAAA,CAAK,MAAO,CAAA,SAAA,CAAU,kBAAkB,CAAA,CAAA;AACrD,QAAA,IAAI,CAAC,IAAM,EAAA;AACT,UAAM,MAAA,IAAI,MAAM,gCAAgC,CAAA,CAAA;AAAA,SAClD;AACA,QAAA,OAAO,IAAI,qBAAsB,CAAA;AAAA,UAC/B,SAAA,EAAW,EAAE,IAAK,EAAA;AAAA,SACnB,CAAA,CAAA;AAAA,OACH,CAAA;AAAA,KACF;AAAA,GACD,CAAA,CAAA;AAAA,CAdY,EAAA,0BAAA,KAAA,0BAAA,GAAA,EAAA,CAAA,CAAA;;ACCV,MAAM,gCAAgCC,oCAAoB,CAAA;AAAA,EAC/D,QAAU,EAAA,MAAA;AAAA,EACV,QAAU,EAAA,uBAAA;AAAA,EACV,SAAS,GAAK,EAAA;AACZ,IAAA,GAAA,CAAI,YAAa,CAAA;AAAA,MACf,IAAM,EAAA;AAAA,QACJ,SAAW,EAAAC,0CAAA;AAAA,OACb;AAAA,MACA,MAAM,IAAA,CAAK,EAAE,SAAA,EAAa,EAAA;AACxB,QAAA,SAAA,CAAU,gBAAiB,CAAA;AAAA,UACzB,UAAY,EAAA,aAAA;AAAA,UACZ,SAASC,6CAA+B,CAAA;AAAA,YACtC,aAAe,EAAA,wBAAA;AAAA,YACf,uBAAyB,EAAA;AAAA,cACvB,GAAGC,oCAAA;AAAA,cACH,GAAG,0BAAA;AAAA,aACL;AAAA,WACD,CAAA;AAAA,SACF,CAAA,CAAA;AAAA,OACH;AAAA,KACD,CAAA,CAAA;AAAA,GACH;AACF,CAAC;;;;;;"}
+{"version":3,"file":"index.cjs.js","sources":["../src/authenticator.ts","../src/resolvers.ts","../src/module.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthenticationError } from '@backstage/errors';\nimport { createProxyAuthenticator } from '@backstage/plugin-auth-node';\nimport { decodeJwt } from 'jose';\nimport { OAuth2ProxyResult } from './types';\n\n/**\n * NOTE: This may come in handy if you're doing work on this provider:\n * plugins/auth-backend/examples/docker-compose.oauth2-proxy.yaml\n *\n * @public\n */\nexport const OAUTH2_PROXY_JWT_HEADER = 'X-OAUTH2-PROXY-ID-TOKEN';\n\n/** @public */\nexport const oauth2ProxyAuthenticator = createProxyAuthenticator({\n  defaultProfileTransform: async (result: OAuth2ProxyResult) => {\n    return {\n      profile: {\n        email: result.getHeader('x-forwarded-email'),\n        displayName:\n          result.getHeader('x-forwarded-preferred-username') ||\n          result.getHeader('x-forwarded-user'),\n      },\n    };\n  },\n  async initialize() {},\n  async authenticate({ req }) {\n    try {\n      // This unpacking of the JWT is just a utility provided by the\n      // authenticator to make the fields available to the profile transform and\n      // sign-in resolvers. The JWT is already validated by the upstream OAuth2\n      // Proxy, and since OAuth2 Proxy doesn't provide a way to authenticate\n      // forwarded requests, we don't do any additional validation here but\n      // instead trust that there is no way for attackers to bypass the OAuth2\n      // Proxy. We could validate these individual ID tokens for some of the\n      // upstream providers, but that is currently not in scope for this\n      // authenticator.\n      const authHeader = req.header(OAUTH2_PROXY_JWT_HEADER);\n      const jwt = authHeader?.match(/^Bearer[ ]+(\\S+)$/i)?.[1];\n      const decodedJWT = jwt && decodeJwt(jwt);\n\n      const result = {\n        fullProfile: decodedJWT || {},\n        accessToken: jwt || '',\n        headers: req.headers,\n        getHeader(name: string) {\n          if (name.toLocaleLowerCase('en-US') === 'set-cookie') {\n            throw new Error('Access Set-Cookie via the headers object instead');\n          }\n          return req.get(name);\n        },\n      };\n\n      return {\n        result,\n        providerInfo: {\n          accessToken: result.accessToken,\n        },\n      };\n    } catch (e) {\n      throw new AuthenticationError('Authentication failed', e);\n    }\n  },\n});\n","/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  createSignInResolverFactory,\n  SignInInfo,\n} from '@backstage/plugin-auth-node';\nimport { OAuth2ProxyResult } from './types';\n\n/**\n * @public\n */\nexport namespace oauth2ProxySignInResolvers {\n  export const forwardedUserMatchingUserEntityName =\n    createSignInResolverFactory({\n      create() {\n        return async (info: SignInInfo<OAuth2ProxyResult>, ctx) => {\n          const name = info.result.getHeader('x-forwarded-user');\n          if (!name) {\n            throw new Error('Request did not contain a user');\n          }\n          return ctx.signInWithCatalogUser({\n            entityRef: { name },\n          });\n        };\n      },\n    });\n}\n","/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { createBackendModule } from '@backstage/backend-plugin-api';\nimport {\n  authProvidersExtensionPoint,\n  createProxyAuthProviderFactory,\n  commonSignInResolvers,\n} from '@backstage/plugin-auth-node';\nimport { oauth2ProxyAuthenticator } from './authenticator';\nimport { oauth2ProxySignInResolvers } from './resolvers';\n\n/** @public */\nexport const authModuleOauth2ProxyProvider = createBackendModule({\n  pluginId: 'auth',\n  moduleId: 'oauth2-proxy-provider',\n  register(reg) {\n    reg.registerInit({\n      deps: {\n        providers: authProvidersExtensionPoint,\n      },\n      async init({ providers }) {\n        providers.registerProvider({\n          providerId: 'oauth2Proxy',\n          factory: createProxyAuthProviderFactory({\n            authenticator: oauth2ProxyAuthenticator,\n            signInResolverFactories: {\n              ...commonSignInResolvers,\n              ...oauth2ProxySignInResolvers,\n            },\n          }),\n        });\n      },\n    });\n  },\n});\n"],"names":["createProxyAuthenticator","decodeJwt","AuthenticationError","oauth2ProxySignInResolvers","createSignInResolverFactory","createBackendModule","authProvidersExtensionPoint","createProxyAuthProviderFactory","commonSignInResolvers"],"mappings":";;;;;;;;;AA2BO,MAAM,uBAA0B,GAAA,0BAAA;AAGhC,MAAM,2BAA2BA,uCAAyB,CAAA;AAAA,EAC/D,uBAAA,EAAyB,OAAO,MAA8B,KAAA;AAC5D,IAAO,OAAA;AAAA,MACL,OAAS,EAAA;AAAA,QACP,KAAA,EAAO,MAAO,CAAA,SAAA,CAAU,mBAAmB,CAAA;AAAA,QAC3C,aACE,MAAO,CAAA,SAAA,CAAU,gCAAgC,CACjD,IAAA,MAAA,CAAO,UAAU,kBAAkB,CAAA;AAAA,OACvC;AAAA,KACF,CAAA;AAAA,GACF;AAAA,EACA,MAAM,UAAa,GAAA;AAAA,GAAC;AAAA,EACpB,MAAM,YAAA,CAAa,EAAE,GAAA,EAAO,EAAA;AAC1B,IAAI,IAAA;AAUF,MAAM,MAAA,UAAA,GAAa,GAAI,CAAA,MAAA,CAAO,uBAAuB,CAAA,CAAA;AACrD,MAAA,MAAM,GAAM,GAAA,UAAA,EAAY,KAAM,CAAA,oBAAoB,IAAI,CAAC,CAAA,CAAA;AACvD,MAAM,MAAA,UAAA,GAAa,GAAO,IAAAC,cAAA,CAAU,GAAG,CAAA,CAAA;AAEvC,MAAA,MAAM,MAAS,GAAA;AAAA,QACb,WAAA,EAAa,cAAc,EAAC;AAAA,QAC5B,aAAa,GAAO,IAAA,EAAA;AAAA,QACpB,SAAS,GAAI,CAAA,OAAA;AAAA,QACb,UAAU,IAAc,EAAA;AACtB,UAAA,IAAI,IAAK,CAAA,iBAAA,CAAkB,OAAO,CAAA,KAAM,YAAc,EAAA;AACpD,YAAM,MAAA,IAAI,MAAM,kDAAkD,CAAA,CAAA;AAAA,WACpE;AACA,UAAO,OAAA,GAAA,CAAI,IAAI,IAAI,CAAA,CAAA;AAAA,SACrB;AAAA,OACF,CAAA;AAEA,MAAO,OAAA;AAAA,QACL,MAAA;AAAA,QACA,YAAc,EAAA;AAAA,UACZ,aAAa,MAAO,CAAA,WAAA;AAAA,SACtB;AAAA,OACF,CAAA;AAAA,aACO,CAAG,EAAA;AACV,MAAM,MAAA,IAAIC,0BAAoB,CAAA,uBAAA,EAAyB,CAAC,CAAA,CAAA;AAAA,KAC1D;AAAA,GACF;AACF,CAAC;;ACtDgB,IAAA,0BAAA,CAAA;AAAA,CAAV,CAAUC,2BAAV,KAAA;AACE,EAAMA,2BAAAA,CAAA,sCACXC,0CAA4B,CAAA;AAAA,IAC1B,MAAS,GAAA;AACP,MAAO,OAAA,OAAO,MAAqC,GAAQ,KAAA;AACzD,QAAA,MAAM,IAAO,GAAA,IAAA,CAAK,MAAO,CAAA,SAAA,CAAU,kBAAkB,CAAA,CAAA;AACrD,QAAA,IAAI,CAAC,IAAM,EAAA;AACT,UAAM,MAAA,IAAI,MAAM,gCAAgC,CAAA,CAAA;AAAA,SAClD;AACA,QAAA,OAAO,IAAI,qBAAsB,CAAA;AAAA,UAC/B,SAAA,EAAW,EAAE,IAAK,EAAA;AAAA,SACnB,CAAA,CAAA;AAAA,OACH,CAAA;AAAA,KACF;AAAA,GACD,CAAA,CAAA;AAAA,CAdY,EAAA,0BAAA,KAAA,0BAAA,GAAA,EAAA,CAAA,CAAA;;ACCV,MAAM,gCAAgCC,oCAAoB,CAAA;AAAA,EAC/D,QAAU,EAAA,MAAA;AAAA,EACV,QAAU,EAAA,uBAAA;AAAA,EACV,SAAS,GAAK,EAAA;AACZ,IAAA,GAAA,CAAI,YAAa,CAAA;AAAA,MACf,IAAM,EAAA;AAAA,QACJ,SAAW,EAAAC,0CAAA;AAAA,OACb;AAAA,MACA,MAAM,IAAA,CAAK,EAAE,SAAA,EAAa,EAAA;AACxB,QAAA,SAAA,CAAU,gBAAiB,CAAA;AAAA,UACzB,UAAY,EAAA,aAAA;AAAA,UACZ,SAASC,6CAA+B,CAAA;AAAA,YACtC,aAAe,EAAA,wBAAA;AAAA,YACf,uBAAyB,EAAA;AAAA,cACvB,GAAGC,oCAAA;AAAA,cACH,GAAG,0BAAA;AAAA,aACL;AAAA,WACD,CAAA;AAAA,SACF,CAAA,CAAA;AAAA,OACH;AAAA,KACD,CAAA,CAAA;AAAA,GACH;AACF,CAAC;;;;;;"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@backstage/plugin-auth-backend-module-oauth2-proxy-provider",
-  "version": "0.2.0-next.1",
+  "version": "0.2.0",
   "description": "The oauth2-proxy-provider backend module for the auth plugin.",
   "backstage": {
     "role": "backend-plugin-module",
@@ -33,13 +33,13 @@
     "test": "backstage-cli package test"
   },
   "dependencies": {
-    "@backstage/backend-plugin-api": "^0.9.0-next.1",
+    "@backstage/backend-plugin-api": "^1.0.0",
     "@backstage/errors": "^1.2.4",
-    "@backstage/plugin-auth-node": "^0.5.2-next.1",
+    "@backstage/plugin-auth-node": "^0.5.2",
     "jose": "^5.0.0"
   },
   "devDependencies": {
-    "@backstage/backend-test-utils": "^0.6.0-next.1",
-    "@backstage/cli": "^0.27.1-next.1"
+    "@backstage/backend-test-utils": "^1.0.0",
+    "@backstage/cli": "^0.27.1"
   }
 }