@backstage/plugin-auth-backend-module-okta-provider 0.2.12-next.0 → 0.2.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/CHANGELOG.md +10 -0
  2. package/dist/authenticator.cjs.js +5 -0
  3. package/dist/authenticator.cjs.js.map +1 -1
  4. package/package.json +8 -8
package/CHANGELOG.md CHANGED
@@ -1,5 +1,15 @@
1
1
  # @backstage/plugin-auth-backend-module-okta-provider
2
2
 
3
+ ## 0.2.12
4
+
5
+ ### Patch Changes
6
+
7
+ - 08aea95: Added a validation check that rejects `audience` configuration values that are not absolute URLs (i.e. missing `https://` or `http://` prefix).
8
+ - 69d880e: Bump to latest zod to ensure it has the latest features
9
+ - Updated dependencies
10
+ - @backstage/backend-plugin-api@1.7.0
11
+ - @backstage/plugin-auth-node@0.6.13
12
+
3
13
  ## 0.2.11-next.0
4
14
 
5
15
  ### Patch Changes
package/dist/authenticator.cjs.js CHANGED
@@ -12,6 +12,11 @@ const oktaAuthenticator = pluginAuthNode.createOAuthAuthenticator({
12
12
  const clientId = config.getString("clientId");
13
13
  const clientSecret = config.getString("clientSecret");
14
14
  const audience = config.getOptionalString("audience") || "https://okta.com";
15
+ if (!audience.match(/^https?:\/\//)) {
16
+ throw new Error(
17
+ `The provided audience "${audience}" is not a valid URL. It must start with "https://" or "http://".`
18
+ );
19
+ }
15
20
  const authServerId = config.getOptionalString("authServerId");
16
21
  const idp = config.getOptionalString("idp");
17
22
  return pluginAuthNode.PassportOAuthAuthenticatorHelper.from(
package/dist/authenticator.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"authenticator.cjs.js","sources":["../src/authenticator.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Strategy as OktaStrategy } from '@davidzemon/passport-okta-oauth';\nimport {\n createOAuthAuthenticator,\n PassportOAuthAuthenticatorHelper,\n PassportOAuthDoneCallback,\n PassportProfile,\n} from '@backstage/plugin-auth-node';\n\n/** @public */\nexport const oktaAuthenticator = createOAuthAuthenticator({\n defaultProfileTransform:\n PassportOAuthAuthenticatorHelper.defaultProfileTransform,\n scopes: {\n required: ['openid', 'email', 'profile', 'offline_access'],\n },\n initialize({ callbackUrl, config }) {\n const clientId = config.getString('clientId');\n const clientSecret = config.getString('clientSecret');\n const audience = config.getOptionalString('audience') || 'https://okta.com';\n const authServerId = config.getOptionalString('authServerId');\n const idp = config.getOptionalString('idp');\n\n return PassportOAuthAuthenticatorHelper.from(\n new OktaStrategy(\n {\n clientID: clientId,\n clientSecret: clientSecret,\n callbackURL: callbackUrl,\n audience: audience,\n authServerID: authServerId,\n idp: idp,\n passReqToCallback: false,\n response_type: 'code',\n },\n (\n accessToken: string,\n refreshToken: string,\n params: any,\n fullProfile: PassportProfile,\n done: PassportOAuthDoneCallback,\n ) => {\n done(\n undefined,\n { fullProfile, params, accessToken },\n { refreshToken },\n );\n },\n ),\n );\n },\n\n async start(input, helper) {\n return helper.start(input, {\n accessType: 'offline',\n prompt: 'consent',\n });\n },\n\n async authenticate(input, helper) {\n return helper.authenticate(input);\n },\n\n async refresh(input, helper) {\n return helper.refresh(input);\n },\n});\n"],"names":["createOAuthAuthenticator","PassportOAuthAuthenticatorHelper","OktaStrategy"],"mappings":";;;;;AAyBO,MAAM,oBAAoBA,uCAAA,CAAyB;AAAA,EACxD,yBACEC,+CAAA,CAAiC,uBAAA;AAAA,EACnC,MAAA,EAAQ;AAAA,IACN,QAAA,EAAU,CAAC,QAAA,EAAU,OAAA,EAAS,WAAW,gBAAgB;AAAA,GAC3D;AAAA,EACA,UAAA,CAAW,EAAE,WAAA,EAAa,MAAA,EAAO,EAAG;AAClC,IAAA,MAAM,QAAA,GAAW,MAAA,CAAO,SAAA,CAAU,UAAU,CAAA;AAC5C,IAAA,MAAM,YAAA,GAAe,MAAA,CAAO,SAAA,CAAU,cAAc,CAAA;AACpD,IAAA,MAAM,QAAA,GAAW,MAAA,CAAO,iBAAA,CAAkB,UAAU,CAAA,IAAK,kBAAA;AACzD,IAAA,MAAM,YAAA,GAAe,MAAA,CAAO,iBAAA,CAAkB,cAAc,CAAA;AAC5D,IAAA,MAAM,GAAA,GAAM,MAAA,CAAO,iBAAA,CAAkB,KAAK,CAAA;AAE1C,IAAA,OAAOA,+CAAA,CAAiC,IAAA;AAAA,MACtC,IAAIC,0BAAA;AAAA,QACF;AAAA,UACE,QAAA,EAAU,QAAA;AAAA,UACV,YAAA;AAAA,UACA,WAAA,EAAa,WAAA;AAAA,UACb,QAAA;AAAA,UACA,YAAA,EAAc,YAAA;AAAA,UACd,GAAA;AAAA,UACA,iBAAA,EAAmB,KAAA;AAAA,UACnB,aAAA,EAAe;AAAA,SACjB;AAAA,QACA,CACE,WAAA,EACA,YAAA,EACA,MAAA,EACA,aACA,IAAA,KACG;AACH,UAAA,IAAA;AAAA,YACE,MAAA;AAAA,YACA,EAAE,WAAA,EAAa,MAAA,EAAQ,WAAA,EAAY;AAAA,YACnC,EAAE,YAAA;AAAa,WACjB;AAAA,QACF;AAAA;AACF,KACF;AAAA,EACF,CAAA;AAAA,EAEA,MAAM,KAAA,CAAM,KAAA,EAAO,MAAA,EAAQ;AACzB,IAAA,OAAO,MAAA,CAAO,MAAM,KAAA,EAAO;AAAA,MACzB,UAAA,EAAY,SAAA;AAAA,MACZ,MAAA,EAAQ;AAAA,KACT,CAAA;AAAA,EACH,CAAA;AAAA,EAEA,MAAM,YAAA,CAAa,KAAA,EAAO,MAAA,EAAQ;AAChC,IAAA,OAAO,MAAA,CAAO,aAAa,KAAK,CAAA;AAAA,EAClC,CAAA;AAAA,EAEA,MAAM,OAAA,CAAQ,KAAA,EAAO,MAAA,EAAQ;AAC3B,IAAA,OAAO,MAAA,CAAO,QAAQ,KAAK,CAAA;AAAA,EAC7B;AACF,CAAC;;;;"}
1
+ {"version":3,"file":"authenticator.cjs.js","sources":["../src/authenticator.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Strategy as OktaStrategy } from '@davidzemon/passport-okta-oauth';\nimport {\n createOAuthAuthenticator,\n PassportOAuthAuthenticatorHelper,\n PassportOAuthDoneCallback,\n PassportProfile,\n} from '@backstage/plugin-auth-node';\n\n/** @public */\nexport const oktaAuthenticator = createOAuthAuthenticator({\n defaultProfileTransform:\n PassportOAuthAuthenticatorHelper.defaultProfileTransform,\n scopes: {\n required: ['openid', 'email', 'profile', 'offline_access'],\n },\n initialize({ callbackUrl, config }) {\n const clientId = config.getString('clientId');\n const clientSecret = config.getString('clientSecret');\n const audience = config.getOptionalString('audience') || 'https://okta.com';\n if (!audience.match(/^https?:\\/\\//)) {\n throw new Error(\n `The provided audience \"${audience}\" is not a valid URL. It must start with \"https://\" or \"http://\".`,\n );\n }\n const authServerId = config.getOptionalString('authServerId');\n const idp = config.getOptionalString('idp');\n\n return PassportOAuthAuthenticatorHelper.from(\n new OktaStrategy(\n {\n clientID: clientId,\n clientSecret: clientSecret,\n callbackURL: callbackUrl,\n audience: audience,\n authServerID: authServerId,\n idp: idp,\n passReqToCallback: false,\n response_type: 'code',\n },\n (\n accessToken: string,\n refreshToken: string,\n params: any,\n fullProfile: PassportProfile,\n done: PassportOAuthDoneCallback,\n ) => {\n done(\n undefined,\n { fullProfile, params, accessToken },\n { refreshToken },\n );\n },\n ),\n );\n },\n\n async start(input, helper) {\n return helper.start(input, {\n accessType: 'offline',\n prompt: 'consent',\n });\n },\n\n async authenticate(input, helper) {\n return helper.authenticate(input);\n },\n\n async refresh(input, helper) {\n return helper.refresh(input);\n },\n});\n"],"names":["createOAuthAuthenticator","PassportOAuthAuthenticatorHelper","OktaStrategy"],"mappings":";;;;;AAyBO,MAAM,oBAAoBA,uCAAA,CAAyB;AAAA,EACxD,yBACEC,+CAAA,CAAiC,uBAAA;AAAA,EACnC,MAAA,EAAQ;AAAA,IACN,QAAA,EAAU,CAAC,QAAA,EAAU,OAAA,EAAS,WAAW,gBAAgB;AAAA,GAC3D;AAAA,EACA,UAAA,CAAW,EAAE,WAAA,EAAa,MAAA,EAAO,EAAG;AAClC,IAAA,MAAM,QAAA,GAAW,MAAA,CAAO,SAAA,CAAU,UAAU,CAAA;AAC5C,IAAA,MAAM,YAAA,GAAe,MAAA,CAAO,SAAA,CAAU,cAAc,CAAA;AACpD,IAAA,MAAM,QAAA,GAAW,MAAA,CAAO,iBAAA,CAAkB,UAAU,CAAA,IAAK,kBAAA;AACzD,IAAA,IAAI,CAAC,QAAA,CAAS,KAAA,CAAM,cAAc,CAAA,EAAG;AACnC,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,0BAA0B,QAAQ,CAAA,iEAAA;AAAA,OACpC;AAAA,IACF;AACA,IAAA,MAAM,YAAA,GAAe,MAAA,CAAO,iBAAA,CAAkB,cAAc,CAAA;AAC5D,IAAA,MAAM,GAAA,GAAM,MAAA,CAAO,iBAAA,CAAkB,KAAK,CAAA;AAE1C,IAAA,OAAOA,+CAAA,CAAiC,IAAA;AAAA,MACtC,IAAIC,0BAAA;AAAA,QACF;AAAA,UACE,QAAA,EAAU,QAAA;AAAA,UACV,YAAA;AAAA,UACA,WAAA,EAAa,WAAA;AAAA,UACb,QAAA;AAAA,UACA,YAAA,EAAc,YAAA;AAAA,UACd,GAAA;AAAA,UACA,iBAAA,EAAmB,KAAA;AAAA,UACnB,aAAA,EAAe;AAAA,SACjB;AAAA,QACA,CACE,WAAA,EACA,YAAA,EACA,MAAA,EACA,aACA,IAAA,KACG;AACH,UAAA,IAAA;AAAA,YACE,MAAA;AAAA,YACA,EAAE,WAAA,EAAa,MAAA,EAAQ,WAAA,EAAY;AAAA,YACnC,EAAE,YAAA;AAAa,WACjB;AAAA,QACF;AAAA;AACF,KACF;AAAA,EACF,CAAA;AAAA,EAEA,MAAM,KAAA,CAAM,KAAA,EAAO,MAAA,EAAQ;AACzB,IAAA,OAAO,MAAA,CAAO,MAAM,KAAA,EAAO;AAAA,MACzB,UAAA,EAAY,SAAA;AAAA,MACZ,MAAA,EAAQ;AAAA,KACT,CAAA;AAAA,EACH,CAAA;AAAA,EAEA,MAAM,YAAA,CAAa,KAAA,EAAO,MAAA,EAAQ;AAChC,IAAA,OAAO,MAAA,CAAO,aAAa,KAAK,CAAA;AAAA,EAClC,CAAA;AAAA,EAEA,MAAM,OAAA,CAAQ,KAAA,EAAO,MAAA,EAAQ;AAC3B,IAAA,OAAO,MAAA,CAAO,QAAQ,KAAK,CAAA;AAAA,EAC7B;AACF,CAAC;;;;"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@backstage/plugin-auth-backend-module-okta-provider",
3
- "version": "0.2.12-next.0",
3
+ "version": "0.2.12",
4
4
  "description": "The okta-provider backend module for the auth plugin.",
5
5
  "backstage": {
6
6
  "role": "backend-plugin-module",
@@ -37,19 +37,19 @@
37
37
  "test": "backstage-cli package test"
38
38
  },
39
39
  "dependencies": {
40
- "@backstage/backend-plugin-api": "1.7.0-next.1",
41
- "@backstage/plugin-auth-node": "0.6.13-next.0",
40
+ "@backstage/backend-plugin-api": "^1.7.0",
41
+ "@backstage/plugin-auth-node": "^0.6.13",
42
42
  "@davidzemon/passport-okta-oauth": "^0.0.7",
43
43
  "express": "^4.22.0",
44
44
  "passport": "^0.7.0",
45
45
  "zod": "^3.25.76"
46
46
  },
47
47
  "devDependencies": {
48
- "@backstage/backend-defaults": "0.15.2-next.1",
49
- "@backstage/backend-test-utils": "1.10.5-next.0",
50
- "@backstage/cli": "0.35.4-next.1",
51
- "@backstage/plugin-auth-backend": "0.26.1-next.0",
52
- "@backstage/types": "1.2.2",
48
+ "@backstage/backend-defaults": "^0.15.2",
49
+ "@backstage/backend-test-utils": "^1.11.0",
50
+ "@backstage/cli": "^0.35.4",
51
+ "@backstage/plugin-auth-backend": "^0.27.0",
52
+ "@backstage/types": "^1.2.2",
53
53
  "supertest": "^7.0.0"
54
54
  },
55
55
  "configSchema": "config.d.ts",