@backstage/plugin-auth-backend 0.0.0-nightly-20220920030005 → 0.0.0-nightly-20220921030342
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +19 -7
- package/dist/index.cjs.js +46 -32
- package/dist/index.cjs.js.map +1 -1
- package/dist/index.d.ts +16 -6
- package/package.json +9 -9
package/dist/index.d.ts
CHANGED
|
@@ -5,12 +5,12 @@ import { GetEntitiesRequest, CatalogApi } from '@backstage/catalog-client';
|
|
|
5
5
|
import { Entity, UserEntity } from '@backstage/catalog-model';
|
|
6
6
|
import { Config } from '@backstage/config';
|
|
7
7
|
import { BackstageSignInResult, BackstageIdentityResponse } from '@backstage/plugin-auth-node';
|
|
8
|
+
import { JsonValue } from '@backstage/types';
|
|
8
9
|
import { Profile } from 'passport';
|
|
9
10
|
import * as _backstage_backend_common from '@backstage/backend-common';
|
|
10
11
|
import { PluginDatabaseManager, PluginEndpointDiscovery, TokenManager } from '@backstage/backend-common';
|
|
11
12
|
import { IncomingHttpHeaders } from 'http';
|
|
12
13
|
import { TokenSet, UserinfoResponse } from 'openid-client';
|
|
13
|
-
import { JsonValue } from '@backstage/types';
|
|
14
14
|
|
|
15
15
|
/**
|
|
16
16
|
* Parameters used to issue new ID Tokens
|
|
@@ -18,13 +18,20 @@ import { JsonValue } from '@backstage/types';
|
|
|
18
18
|
* @public
|
|
19
19
|
*/
|
|
20
20
|
declare type TokenParams = {
|
|
21
|
-
/**
|
|
21
|
+
/**
|
|
22
|
+
* The claims that will be embedded within the token. At a minimum, this should include
|
|
23
|
+
* the subject claim, `sub`. It is common to also list entity ownership relations in the
|
|
24
|
+
* `ent` list. Additional claims may also be added at the developer's discretion except
|
|
25
|
+
* for the following list, which will be overwritten by the TokenIssuer: `iss`, `aud`,
|
|
26
|
+
* `iat`, and `exp`. The Backstage team also maintains the right add new claims in the future
|
|
27
|
+
* without listing the change as a "breaking change".
|
|
28
|
+
*/
|
|
22
29
|
claims: {
|
|
23
30
|
/** The token subject, i.e. User ID */
|
|
24
31
|
sub: string;
|
|
25
32
|
/** A list of entity references that the user claims ownership through */
|
|
26
33
|
ent?: string[];
|
|
27
|
-
}
|
|
34
|
+
} & Record<string, JsonValue>;
|
|
28
35
|
};
|
|
29
36
|
|
|
30
37
|
/**
|
|
@@ -200,10 +207,13 @@ declare type CookieConfigurer = (ctx: {
|
|
|
200
207
|
baseUrl: string;
|
|
201
208
|
/** The configured callback URL of the auth provider */
|
|
202
209
|
callbackUrl: string;
|
|
210
|
+
/** The origin URL of the app */
|
|
211
|
+
appOrigin: string;
|
|
203
212
|
}) => {
|
|
204
213
|
domain: string;
|
|
205
214
|
path: string;
|
|
206
215
|
secure: boolean;
|
|
216
|
+
sameSite?: 'none' | 'lax' | 'strict';
|
|
207
217
|
};
|
|
208
218
|
/** @public */
|
|
209
219
|
declare type AuthProviderConfig = {
|
|
@@ -402,11 +412,10 @@ declare class OAuthEnvironmentHandler implements AuthProviderRouteHandlers {
|
|
|
402
412
|
/** @public */
|
|
403
413
|
declare type OAuthAdapterOptions = {
|
|
404
414
|
providerId: string;
|
|
405
|
-
secure: boolean;
|
|
406
415
|
persistScopes?: boolean;
|
|
407
|
-
cookieDomain: string;
|
|
408
|
-
cookiePath: string;
|
|
409
416
|
appOrigin: string;
|
|
417
|
+
baseUrl: string;
|
|
418
|
+
cookieConfigurer: CookieConfigurer;
|
|
410
419
|
isOriginAllowed: (origin: string) => boolean;
|
|
411
420
|
callbackUrl: string;
|
|
412
421
|
};
|
|
@@ -431,6 +440,7 @@ declare class OAuthAdapter implements AuthProviderRouteHandlers {
|
|
|
431
440
|
private getGrantedScopeFromCookie;
|
|
432
441
|
private setRefreshTokenCookie;
|
|
433
442
|
private removeRefreshTokenCookie;
|
|
443
|
+
private getCookieConfig;
|
|
434
444
|
}
|
|
435
445
|
|
|
436
446
|
/** @public */
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@backstage/plugin-auth-backend",
|
|
3
3
|
"description": "A Backstage backend plugin that handles authentication",
|
|
4
|
-
"version": "0.0.0-nightly-
|
|
4
|
+
"version": "0.0.0-nightly-20220921030342",
|
|
5
5
|
"main": "dist/index.cjs.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
7
7
|
"license": "Apache-2.0",
|
|
@@ -32,12 +32,12 @@
|
|
|
32
32
|
"clean": "backstage-cli package clean"
|
|
33
33
|
},
|
|
34
34
|
"dependencies": {
|
|
35
|
-
"@backstage/backend-common": "0.
|
|
36
|
-
"@backstage/catalog-client": "
|
|
37
|
-
"@backstage/catalog-model": "
|
|
38
|
-
"@backstage/config": "
|
|
39
|
-
"@backstage/errors": "
|
|
40
|
-
"@backstage/plugin-auth-node": "0.
|
|
35
|
+
"@backstage/backend-common": "^0.15.1",
|
|
36
|
+
"@backstage/catalog-client": "^1.1.0",
|
|
37
|
+
"@backstage/catalog-model": "^1.1.1",
|
|
38
|
+
"@backstage/config": "^1.0.2",
|
|
39
|
+
"@backstage/errors": "^1.1.1",
|
|
40
|
+
"@backstage/plugin-auth-node": "^0.2.5",
|
|
41
41
|
"@backstage/types": "^1.0.0",
|
|
42
42
|
"@davidzemon/passport-okta-oauth": "^0.0.5",
|
|
43
43
|
"@google-cloud/firestore": "^6.0.0",
|
|
@@ -76,8 +76,8 @@
|
|
|
76
76
|
"yn": "^4.0.0"
|
|
77
77
|
},
|
|
78
78
|
"devDependencies": {
|
|
79
|
-
"@backstage/backend-test-utils": "0.0.0-nightly-
|
|
80
|
-
"@backstage/cli": "0.0.0-nightly-
|
|
79
|
+
"@backstage/backend-test-utils": "0.0.0-nightly-20220921030342",
|
|
80
|
+
"@backstage/cli": "0.0.0-nightly-20220921030342",
|
|
81
81
|
"@types/body-parser": "^1.19.0",
|
|
82
82
|
"@types/cookie-parser": "^1.4.2",
|
|
83
83
|
"@types/express-session": "^1.17.2",
|