@backstage/plugin-auth-backend 0.12.2 → 0.13.0-next.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,37 @@
|
|
|
1
1
|
# @backstage/plugin-auth-backend
|
|
2
2
|
|
|
3
|
+
## 0.13.0-next.1
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- a45bce06e3: Handle trailing slashes on GitHub `enterpriseInstanceUrl` settings
|
|
8
|
+
- Updated dependencies
|
|
9
|
+
- @backstage/backend-common@0.13.2-next.1
|
|
10
|
+
|
|
11
|
+
## 0.13.0-next.0
|
|
12
|
+
|
|
13
|
+
### Minor Changes
|
|
14
|
+
|
|
15
|
+
- 15d3a3c39a: **BREAKING**: All sign-in resolvers must now return a `token` in their sign-in result. Returning an `id` is no longer supported.
|
|
16
|
+
|
|
17
|
+
### Patch Changes
|
|
18
|
+
|
|
19
|
+
- 2cc1d1b235: Applied the fix from version 0.12.3 of this package, which is part of the v1.0.1 release of Backstage.
|
|
20
|
+
- 6ee04078e1: **DEPRECATION**: The `tokenIssuer` option for `OAuthAdapter` is no longer needed and has been deprecated.
|
|
21
|
+
- Updated dependencies
|
|
22
|
+
- @backstage/catalog-model@1.0.1-next.0
|
|
23
|
+
- @backstage/plugin-auth-node@0.2.0-next.0
|
|
24
|
+
- @backstage/backend-common@0.13.2-next.0
|
|
25
|
+
- @backstage/catalog-client@1.0.1-next.0
|
|
26
|
+
|
|
27
|
+
## 0.12.3
|
|
28
|
+
|
|
29
|
+
### Patch Changes
|
|
30
|
+
|
|
31
|
+
- Fix migrations to do the right thing on sqlite databases, and reapply the column type fix for those who are _not_ on sqlite databases.
|
|
32
|
+
|
|
33
|
+
Reconstruction of #10317 in the form of a patch release instead.
|
|
34
|
+
|
|
3
35
|
## 0.12.2
|
|
4
36
|
|
|
5
37
|
### Patch Changes
|
package/dist/index.cjs.js
CHANGED
|
@@ -10,8 +10,8 @@ var errors = require('@backstage/errors');
|
|
|
10
10
|
var pickBy = require('lodash/pickBy');
|
|
11
11
|
var crypto = require('crypto');
|
|
12
12
|
var url = require('url');
|
|
13
|
-
var catalogModel = require('@backstage/catalog-model');
|
|
14
13
|
var jwtDecoder = require('jwt-decode');
|
|
14
|
+
var catalogModel = require('@backstage/catalog-model');
|
|
15
15
|
var fetch = require('node-fetch');
|
|
16
16
|
var NodeCache = require('node-cache');
|
|
17
17
|
var jose = require('jose');
|
|
@@ -255,18 +255,11 @@ function parseJwtPayload(token) {
|
|
|
255
255
|
}
|
|
256
256
|
function prepareBackstageIdentityResponse(result) {
|
|
257
257
|
const { sub, ent } = parseJwtPayload(result.token);
|
|
258
|
-
const userEntityRef = catalogModel.stringifyEntityRef(catalogModel.parseEntityRef(sub, {
|
|
259
|
-
defaultKind: "user",
|
|
260
|
-
defaultNamespace: catalogModel.DEFAULT_NAMESPACE
|
|
261
|
-
}));
|
|
262
258
|
return {
|
|
263
|
-
...
|
|
264
|
-
idToken: result.token,
|
|
265
|
-
...result
|
|
266
|
-
},
|
|
259
|
+
...result,
|
|
267
260
|
identity: {
|
|
268
261
|
type: "user",
|
|
269
|
-
userEntityRef,
|
|
262
|
+
userEntityRef: sub,
|
|
270
263
|
ownershipEntityRefs: ent != null ? ent : []
|
|
271
264
|
}
|
|
272
265
|
};
|
|
@@ -429,17 +422,10 @@ class OAuthAdapter {
|
|
|
429
422
|
if (!identity) {
|
|
430
423
|
return void 0;
|
|
431
424
|
}
|
|
432
|
-
if (identity.token) {
|
|
433
|
-
return
|
|
425
|
+
if (!identity.token) {
|
|
426
|
+
throw new errors.InputError(`Identity response must return a token`);
|
|
434
427
|
}
|
|
435
|
-
|
|
436
|
-
defaultKind: "user",
|
|
437
|
-
defaultNamespace: catalogModel.DEFAULT_NAMESPACE
|
|
438
|
-
}));
|
|
439
|
-
const token = await this.options.tokenIssuer.issueToken({
|
|
440
|
-
claims: { sub: userEntityRef }
|
|
441
|
-
});
|
|
442
|
-
return prepareBackstageIdentityResponse({ ...identity, token });
|
|
428
|
+
return prepareBackstageIdentityResponse(identity);
|
|
443
429
|
}
|
|
444
430
|
}
|
|
445
431
|
|
|
@@ -1284,10 +1270,10 @@ const createGithubProvider = (options) => {
|
|
|
1284
1270
|
catalogApi,
|
|
1285
1271
|
logger
|
|
1286
1272
|
}) => OAuthEnvironmentHandler.mapConfig(config, (envConfig) => {
|
|
1287
|
-
var _a, _b, _c;
|
|
1273
|
+
var _a, _b, _c, _d;
|
|
1288
1274
|
const clientId = envConfig.getString("clientId");
|
|
1289
1275
|
const clientSecret = envConfig.getString("clientSecret");
|
|
1290
|
-
const enterpriseInstanceUrl = envConfig.getOptionalString("enterpriseInstanceUrl");
|
|
1276
|
+
const enterpriseInstanceUrl = (_a = envConfig.getOptionalString("enterpriseInstanceUrl")) == null ? void 0 : _a.replace(/\/$/, "");
|
|
1291
1277
|
const customCallbackUrl = envConfig.getOptionalString("callbackUrl");
|
|
1292
1278
|
const authorizationUrl = enterpriseInstanceUrl ? `${enterpriseInstanceUrl}/login/oauth/authorize` : void 0;
|
|
1293
1279
|
const tokenUrl = enterpriseInstanceUrl ? `${enterpriseInstanceUrl}/login/oauth/access_token` : void 0;
|
|
@@ -1300,13 +1286,13 @@ const createGithubProvider = (options) => {
|
|
|
1300
1286
|
const authHandler = (options == null ? void 0 : options.authHandler) ? options.authHandler : async ({ fullProfile }) => ({
|
|
1301
1287
|
profile: makeProfileInfo(fullProfile)
|
|
1302
1288
|
});
|
|
1303
|
-
const signInResolverFn = (
|
|
1289
|
+
const signInResolverFn = (_c = (_b = options == null ? void 0 : options.signIn) == null ? void 0 : _b.resolver) != null ? _c : githubDefaultSignInResolver;
|
|
1304
1290
|
const signInResolver = (info) => signInResolverFn(info, {
|
|
1305
1291
|
catalogIdentityClient,
|
|
1306
1292
|
tokenIssuer,
|
|
1307
1293
|
logger
|
|
1308
1294
|
});
|
|
1309
|
-
const stateEncoder = (
|
|
1295
|
+
const stateEncoder = (_d = options == null ? void 0 : options.stateEncoder) != null ? _d : async (req) => {
|
|
1310
1296
|
return { encodedState: encodeState(req.state) };
|
|
1311
1297
|
};
|
|
1312
1298
|
const provider = new GithubAuthProvider({
|