@backstage/plugin-auth-backend 0.11.0 → 0.12.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,49 @@
|
|
|
1
1
|
# @backstage/plugin-auth-backend
|
|
2
2
|
|
|
3
|
+
## 0.12.1
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- ab7cd7d70e: Do some groundwork for supporting the `better-sqlite3` driver, to maybe eventually replace `@vscode/sqlite3` (#9912)
|
|
8
|
+
- e0a69ba49f: build(deps): bump `fs-extra` from 9.1.0 to 10.0.1
|
|
9
|
+
- bf95bb806c: Remove usages of now-removed `CatalogApi.getEntityByName`
|
|
10
|
+
- 3c2bc73901: Use `setupRequestMockHandlers` from `@backstage/backend-test-utils`
|
|
11
|
+
- Updated dependencies
|
|
12
|
+
- @backstage/backend-common@0.13.0
|
|
13
|
+
- @backstage/catalog-model@0.13.0
|
|
14
|
+
- @backstage/catalog-client@0.9.0
|
|
15
|
+
- @backstage/plugin-auth-node@0.1.5
|
|
16
|
+
|
|
17
|
+
## 0.12.1-next.0
|
|
18
|
+
|
|
19
|
+
### Patch Changes
|
|
20
|
+
|
|
21
|
+
- ab7cd7d70e: Do some groundwork for supporting the `better-sqlite3` driver, to maybe eventually replace `@vscode/sqlite3` (#9912)
|
|
22
|
+
- e0a69ba49f: build(deps): bump `fs-extra` from 9.1.0 to 10.0.1
|
|
23
|
+
- bf95bb806c: Remove usages of now-removed `CatalogApi.getEntityByName`
|
|
24
|
+
- 3c2bc73901: Use `setupRequestMockHandlers` from `@backstage/backend-test-utils`
|
|
25
|
+
- Updated dependencies
|
|
26
|
+
- @backstage/backend-common@0.13.0-next.0
|
|
27
|
+
- @backstage/catalog-model@0.13.0-next.0
|
|
28
|
+
- @backstage/catalog-client@0.9.0-next.0
|
|
29
|
+
- @backstage/plugin-auth-node@0.1.5-next.0
|
|
30
|
+
|
|
31
|
+
## 0.12.0
|
|
32
|
+
|
|
33
|
+
### Minor Changes
|
|
34
|
+
|
|
35
|
+
- 0c8ba31d72: **BREAKING**: The `TokenFactory.issueToken` used by custom sign-in resolvers now ensures that the sub claim given is a full entity reference of the format `<kind>:<namespace>/<name>`. Any existing custom sign-in resolver functions that do not supply a full entity reference must be updated.
|
|
36
|
+
|
|
37
|
+
### Patch Changes
|
|
38
|
+
|
|
39
|
+
- 899f196af5: Use `getEntityByRef` instead of `getEntityByName` in the catalog client
|
|
40
|
+
- 36aa63022b: Use `CompoundEntityRef` instead of `EntityName`, and `getCompoundEntityRef` instead of `getEntityName`, from `@backstage/catalog-model`.
|
|
41
|
+
- Updated dependencies
|
|
42
|
+
- @backstage/catalog-model@0.12.0
|
|
43
|
+
- @backstage/catalog-client@0.8.0
|
|
44
|
+
- @backstage/backend-common@0.12.0
|
|
45
|
+
- @backstage/plugin-auth-node@0.1.4
|
|
46
|
+
|
|
3
47
|
## 0.11.0
|
|
4
48
|
|
|
5
49
|
### Minor Changes
|
package/dist/index.cjs.js
CHANGED
|
@@ -2786,6 +2786,11 @@ class TokenFactory {
|
|
|
2786
2786
|
const aud = "backstage";
|
|
2787
2787
|
const iat = Math.floor(Date.now() / MS_IN_S);
|
|
2788
2788
|
const exp = iat + this.keyDurationSeconds;
|
|
2789
|
+
try {
|
|
2790
|
+
catalogModel.parseEntityRef(sub);
|
|
2791
|
+
} catch (error) {
|
|
2792
|
+
throw new Error('"sub" claim provided by the auth resolver is not a valid EntityRef.');
|
|
2793
|
+
}
|
|
2789
2794
|
this.logger.info(`Issuing token for ${sub}, with entities ${ent != null ? ent : []}`);
|
|
2790
2795
|
return jose.JWS.sign({ iss, sub, aud, iat, exp, ent }, key, {
|
|
2791
2796
|
alg: key.alg,
|