@backstage/plugin-auth-backend 0.18.2-next.3 → 0.18.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +31 -0
- package/package.json +7 -7
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,36 @@
|
|
|
1
1
|
# @backstage/plugin-auth-backend
|
|
2
2
|
|
|
3
|
+
## 0.18.2
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- d8f774c30df: Enforce the secret visibility of certificates and client secrets in the auth backend. Also, document all known options for each auth plugin.
|
|
8
|
+
- 7908d72e033: Introduce a new global config parameter, `auth.enableExperimentalRedirectFlow`. When enabled, auth will happen with an in-window redirect flow rather than through a popup window.
|
|
9
|
+
- 475abd1dc3f: The `microsoft` (i.e. Azure) auth provider now supports negotiating tokens for
|
|
10
|
+
Azure resources besides Microsoft Graph (e.g. AKS, Virtual Machines, Machine
|
|
11
|
+
Learning Services, etc.). When the `/frame/handler` endpoint is called with an
|
|
12
|
+
authorization code for a non-Microsoft Graph scope, the user profile will not be
|
|
13
|
+
fetched. Similarly no user profile or photo data will be fetched by the backend
|
|
14
|
+
if the `/refresh` endpoint is called with the `scope` query parameter strictly
|
|
15
|
+
containing scopes for resources besides Microsoft Graph.
|
|
16
|
+
|
|
17
|
+
Furthermore, the `offline_access` scope will be requested by default, even when
|
|
18
|
+
it is not mentioned in the argument to `getAccessToken`. This means that any
|
|
19
|
+
Azure access token can be automatically refreshed, even if the user has not
|
|
20
|
+
signed in via Azure.
|
|
21
|
+
|
|
22
|
+
- 6a900951336: Add common identify resolvers for `oidc` auth provider.
|
|
23
|
+
- a0ef1ec7349: Export Azure Easy Auth provider so it can actually be used.
|
|
24
|
+
- e0c6e8b9c3c: Update peer dependencies
|
|
25
|
+
- Updated dependencies
|
|
26
|
+
- @backstage/backend-common@0.18.4
|
|
27
|
+
- @backstage/catalog-client@1.4.1
|
|
28
|
+
- @backstage/catalog-model@1.3.0
|
|
29
|
+
- @backstage/plugin-auth-node@0.2.13
|
|
30
|
+
- @backstage/config@1.0.7
|
|
31
|
+
- @backstage/errors@1.1.5
|
|
32
|
+
- @backstage/types@1.0.2
|
|
33
|
+
|
|
3
34
|
## 0.18.2-next.3
|
|
4
35
|
|
|
5
36
|
### Patch Changes
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@backstage/plugin-auth-backend",
|
|
3
3
|
"description": "A Backstage backend plugin that handles authentication",
|
|
4
|
-
"version": "0.18.2
|
|
4
|
+
"version": "0.18.2",
|
|
5
5
|
"main": "dist/index.cjs.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
7
7
|
"license": "Apache-2.0",
|
|
@@ -32,12 +32,12 @@
|
|
|
32
32
|
"clean": "backstage-cli package clean"
|
|
33
33
|
},
|
|
34
34
|
"dependencies": {
|
|
35
|
-
"@backstage/backend-common": "^0.18.4
|
|
36
|
-
"@backstage/catalog-client": "^1.4.1
|
|
37
|
-
"@backstage/catalog-model": "^1.3.0
|
|
35
|
+
"@backstage/backend-common": "^0.18.4",
|
|
36
|
+
"@backstage/catalog-client": "^1.4.1",
|
|
37
|
+
"@backstage/catalog-model": "^1.3.0",
|
|
38
38
|
"@backstage/config": "^1.0.7",
|
|
39
39
|
"@backstage/errors": "^1.1.5",
|
|
40
|
-
"@backstage/plugin-auth-node": "^0.2.13
|
|
40
|
+
"@backstage/plugin-auth-node": "^0.2.13",
|
|
41
41
|
"@backstage/types": "^1.0.2",
|
|
42
42
|
"@davidzemon/passport-okta-oauth": "^0.0.5",
|
|
43
43
|
"@google-cloud/firestore": "^6.0.0",
|
|
@@ -76,8 +76,8 @@
|
|
|
76
76
|
"yn": "^4.0.0"
|
|
77
77
|
},
|
|
78
78
|
"devDependencies": {
|
|
79
|
-
"@backstage/backend-test-utils": "^0.1.36
|
|
80
|
-
"@backstage/cli": "^0.22.6
|
|
79
|
+
"@backstage/backend-test-utils": "^0.1.36",
|
|
80
|
+
"@backstage/cli": "^0.22.6",
|
|
81
81
|
"@types/body-parser": "^1.19.0",
|
|
82
82
|
"@types/cookie-parser": "^1.4.2",
|
|
83
83
|
"@types/express-session": "^1.17.2",
|