@backstage/plugin-auth-backend 0.0.0-nightly-20221114024528 → 0.0.0-nightly-20221118024208
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +22 -8
- package/dist/index.cjs.js +8 -7
- package/dist/index.cjs.js.map +1 -1
- package/package.json +10 -10
package/CHANGELOG.md
CHANGED
|
@@ -1,21 +1,35 @@
|
|
|
1
1
|
# @backstage/plugin-auth-backend
|
|
2
2
|
|
|
3
|
-
## 0.0.0-nightly-
|
|
3
|
+
## 0.0.0-nightly-20221118024208
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- Updated dependencies
|
|
8
|
+
- @backstage/types@0.0.0-nightly-20221118024208
|
|
9
|
+
- @backstage/backend-common@0.0.0-nightly-20221118024208
|
|
10
|
+
- @backstage/catalog-client@0.0.0-nightly-20221118024208
|
|
11
|
+
- @backstage/catalog-model@0.0.0-nightly-20221118024208
|
|
12
|
+
- @backstage/config@0.0.0-nightly-20221118024208
|
|
13
|
+
- @backstage/errors@0.0.0-nightly-20221118024208
|
|
14
|
+
- @backstage/plugin-auth-node@0.0.0-nightly-20221118024208
|
|
15
|
+
|
|
16
|
+
## 0.17.1
|
|
4
17
|
|
|
5
18
|
### Patch Changes
|
|
6
19
|
|
|
7
20
|
- 0d6837ca4e: Fix wrong GitHub callback URL documentation
|
|
8
21
|
- cbe11d1e23: Tweak README
|
|
22
|
+
- 89d705e806: Add support for custom JWT header name in GCP IAP auth.
|
|
9
23
|
- abaed9770e: Improve logging
|
|
10
24
|
- d80833fe0c: Inject optional `CatalogApi` into auth-backend `createRouter` function. This will enable developers to use customized `CatalogApi` when creating the router.
|
|
11
25
|
- Updated dependencies
|
|
12
|
-
- @backstage/backend-common@0.
|
|
13
|
-
- @backstage/catalog-model@
|
|
14
|
-
- @backstage/plugin-auth-node@0.
|
|
15
|
-
- @backstage/types@
|
|
16
|
-
- @backstage/catalog-client@
|
|
17
|
-
- @backstage/config@
|
|
18
|
-
- @backstage/errors@
|
|
26
|
+
- @backstage/backend-common@0.16.0
|
|
27
|
+
- @backstage/catalog-model@1.1.3
|
|
28
|
+
- @backstage/plugin-auth-node@0.2.7
|
|
29
|
+
- @backstage/types@1.0.1
|
|
30
|
+
- @backstage/catalog-client@1.1.2
|
|
31
|
+
- @backstage/config@1.0.4
|
|
32
|
+
- @backstage/errors@1.1.3
|
|
19
33
|
|
|
20
34
|
## 0.17.1-next.1
|
|
21
35
|
|
package/dist/index.cjs.js
CHANGED
|
@@ -1316,8 +1316,6 @@ const cfAccess = createAuthProviderIntegration({
|
|
|
1316
1316
|
}
|
|
1317
1317
|
});
|
|
1318
1318
|
|
|
1319
|
-
const IAP_JWT_HEADER = "x-goog-iap-jwt-assertion";
|
|
1320
|
-
|
|
1321
1319
|
function createTokenValidator(audience, mockClient) {
|
|
1322
1320
|
const client = mockClient != null ? mockClient : new googleAuthLibrary.OAuth2Client();
|
|
1323
1321
|
return async function tokenValidator(token) {
|
|
@@ -1337,9 +1335,7 @@ function createTokenValidator(audience, mockClient) {
|
|
|
1337
1335
|
}
|
|
1338
1336
|
async function parseRequestToken(jwtToken, tokenValidator) {
|
|
1339
1337
|
if (typeof jwtToken !== "string" || !jwtToken) {
|
|
1340
|
-
throw new errors.AuthenticationError(
|
|
1341
|
-
`Missing Google IAP header: ${IAP_JWT_HEADER}`
|
|
1342
|
-
);
|
|
1338
|
+
throw new errors.AuthenticationError("Missing Google IAP header");
|
|
1343
1339
|
}
|
|
1344
1340
|
let payload;
|
|
1345
1341
|
try {
|
|
@@ -1364,12 +1360,15 @@ const defaultAuthHandler$1 = async ({
|
|
|
1364
1360
|
iapToken
|
|
1365
1361
|
}) => ({ profile: { email: iapToken.email } });
|
|
1366
1362
|
|
|
1363
|
+
const DEFAULT_IAP_JWT_HEADER = "x-goog-iap-jwt-assertion";
|
|
1364
|
+
|
|
1367
1365
|
class GcpIapProvider {
|
|
1368
1366
|
constructor(options) {
|
|
1369
1367
|
this.authHandler = options.authHandler;
|
|
1370
1368
|
this.signInResolver = options.signInResolver;
|
|
1371
1369
|
this.tokenValidator = options.tokenValidator;
|
|
1372
1370
|
this.resolverContext = options.resolverContext;
|
|
1371
|
+
this.jwtHeader = (options == null ? void 0 : options.jwtHeader) || DEFAULT_IAP_JWT_HEADER;
|
|
1373
1372
|
}
|
|
1374
1373
|
async start() {
|
|
1375
1374
|
}
|
|
@@ -1377,7 +1376,7 @@ class GcpIapProvider {
|
|
|
1377
1376
|
}
|
|
1378
1377
|
async refresh(req, res) {
|
|
1379
1378
|
const result = await parseRequestToken(
|
|
1380
|
-
req.header(
|
|
1379
|
+
req.header(this.jwtHeader),
|
|
1381
1380
|
this.tokenValidator
|
|
1382
1381
|
);
|
|
1383
1382
|
const { profile } = await this.authHandler(result, this.resolverContext);
|
|
@@ -1398,6 +1397,7 @@ const gcpIap = createAuthProviderIntegration({
|
|
|
1398
1397
|
return ({ config, resolverContext }) => {
|
|
1399
1398
|
var _a;
|
|
1400
1399
|
const audience = config.getString("audience");
|
|
1400
|
+
const jwtHeader = config.getOptionalString("jwtHeader");
|
|
1401
1401
|
const authHandler = (_a = options.authHandler) != null ? _a : defaultAuthHandler$1;
|
|
1402
1402
|
const signInResolver = options.signIn.resolver;
|
|
1403
1403
|
const tokenValidator = createTokenValidator(audience);
|
|
@@ -1405,7 +1405,8 @@ const gcpIap = createAuthProviderIntegration({
|
|
|
1405
1405
|
authHandler,
|
|
1406
1406
|
signInResolver,
|
|
1407
1407
|
tokenValidator,
|
|
1408
|
-
resolverContext
|
|
1408
|
+
resolverContext,
|
|
1409
|
+
jwtHeader
|
|
1409
1410
|
});
|
|
1410
1411
|
};
|
|
1411
1412
|
}
|