npm - @backstage/plugin-auth-backend - Versions diffs - 0.18.3-next.1 → 0.18.3-next.2 - Mend

@backstage/plugin-auth-backend 0.18.3-next.1 → 0.18.3-next.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/CHANGELOG.md +8 -0
package/dist/index.cjs.js +85 -24
package/dist/index.cjs.js.map +1 -1
package/migrations/20230428155633_sessions.js +52 -0
package/package.json +2 -1

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,13 @@
 # @backstage/plugin-auth-backend
+## 0.18.3-next.2
+### Patch Changes
+- 3ffcdac7d07: Added a persistent session store through the database
+- Updated dependencies
+  - @backstage/config@1.0.7
 ## 0.18.3-next.1
 ### Patch Changes

package/dist/index.cjs.js CHANGED Viewed

@@ -30,12 +30,14 @@ var catalogClient = require('@backstage/catalog-client');
 var catalogModel = require('@backstage/catalog-model');
 var luxon = require('luxon');
 var uuid = require('uuid');
-var backendCommon = require('@backstage/backend-common');
 var firestore = require('@google-cloud/firestore');
 var lodash = require('lodash');
 var session = require('express-session');
+var connectSessionKnex = require('connect-session-knex');
 var passport = require('passport');
 var minimatch = require('minimatch');
+var backendCommon = require('@backstage/backend-common');
+var config = require('@backstage/config');
 function _interopDefaultLegacy (e) { return e && typeof e === 'object' && 'default' in e ? e : { 'default': e }; }
@@ -69,6 +71,7 @@ var Auth0InternalStrategy__default = /*#__PURE__*/_interopDefaultLegacy(Auth0Int
 var fetch__default = /*#__PURE__*/_interopDefaultLegacy(fetch);
 var NodeCache__default = /*#__PURE__*/_interopDefaultLegacy(NodeCache);
 var session__default = /*#__PURE__*/_interopDefaultLegacy(session);
+var connectSessionKnex__default = /*#__PURE__*/_interopDefaultLegacy(connectSessionKnex);
 var passport__default = /*#__PURE__*/_interopDefaultLegacy(passport);
 const defaultScopes = ["offline_access", "read:me"];
@@ -3212,10 +3215,6 @@ class TokenFactory {
   }
 }
-const migrationsDir = backendCommon.resolvePackagePath(
-  "@backstage/plugin-auth-backend",
-  "migrations"
-);
 const TABLE = "signing_keys";
 const parseDate = (date) => {
   const parsedDate = typeof date === "string" ? luxon.DateTime.fromSQL(date, { zone: "UTC" }) : luxon.DateTime.fromJSDate(date);
@@ -3227,17 +3226,6 @@ const parseDate = (date) => {
   return parsedDate.toJSDate();
 };
 class DatabaseKeyStore {
-  static async create(options) {
-    var _a;
-    const { database } = options;
-    const client = await database.getClient();
-    if (!((_a = database.migrations) == null ? void 0 : _a.skip)) {
-      await client.migrate.latest({
-        directory: migrationsDir
-      });
-    }
-    return new DatabaseKeyStore(client);
-  }
   constructor(client) {
     this.client = client;
   }
@@ -3377,15 +3365,12 @@ class KeyStores {
    */
   static async fromConfig(config, options) {
     var _a;
-    const { logger, database } = options != null ? options : {};
+    const { logger, database } = options;
     const ks = config.getOptionalConfig("auth.keyStore");
     const provider = (_a = ks == null ? void 0 : ks.getOptionalString("provider")) != null ? _a : "database";
-    logger == null ? void 0 : logger.info(`Configuring "${provider}" as KeyStore provider`);
+    logger.info(`Configuring "${provider}" as KeyStore provider`);
     if (provider === "database") {
-      if (!database) {
-        throw new Error("This KeyStore provider requires a database");
-      }
-      return await DatabaseKeyStore.create({ database });
+      return new DatabaseKeyStore(await database.get());
     }
     if (provider === "memory") {
       return new MemoryKeyStore();
@@ -3571,6 +3556,73 @@ class CatalogAuthResolverContext {
   }
 }
+var __accessCheck = (obj, member, msg) => {
+  if (!member.has(obj))
+    throw TypeError("Cannot " + msg);
+};
+var __privateGet = (obj, member, getter) => {
+  __accessCheck(obj, member, "read from private field");
+  return getter ? getter.call(obj) : member.get(obj);
+};
+var __privateAdd = (obj, member, value) => {
+  if (member.has(obj))
+    throw TypeError("Cannot add the same private member more than once");
+  member instanceof WeakSet ? member.add(obj) : member.set(obj, value);
+};
+var __privateSet = (obj, member, value, setter) => {
+  __accessCheck(obj, member, "write to private field");
+  setter ? setter.call(obj, value) : member.set(obj, value);
+  return value;
+};
+var _database, _promise;
+const migrationsDir = backendCommon.resolvePackagePath(
+  "@backstage/plugin-auth-backend",
+  "migrations"
+);
+const _AuthDatabase = class {
+  constructor(database) {
+    __privateAdd(this, _database, void 0);
+    __privateAdd(this, _promise, void 0);
+    __privateSet(this, _database, database);
+  }
+  static create(database) {
+    return new _AuthDatabase(database);
+  }
+  /** @internal */
+  static forTesting() {
+    const config$1 = new config.ConfigReader({
+      backend: {
+        database: {
+          client: "better-sqlite3",
+          connection: ":memory:",
+          useNullAsDefault: true
+        }
+      }
+    });
+    const database = backendCommon.DatabaseManager.fromConfig(config$1).forPlugin("auth");
+    return new _AuthDatabase(database);
+  }
+  static async runMigrations(knex) {
+    await knex.migrate.latest({
+      directory: migrationsDir
+    });
+  }
+  get() {
+    var _a;
+    (_a = __privateGet(this, _promise)) != null ? _a : __privateSet(this, _promise, __privateGet(this, _database).getClient().then(async (client) => {
+      var _a2;
+      if (!((_a2 = __privateGet(this, _database).migrations) == null ? void 0 : _a2.skip)) {
+        await _AuthDatabase.runMigrations(client);
+      }
+      return client;
+    }));
+    return __privateGet(this, _promise);
+  }
+};
+let AuthDatabase = _AuthDatabase;
+_database = new WeakMap();
+_promise = new WeakMap();
 async function createRouter(options) {
   const {
     logger,
@@ -3585,7 +3637,11 @@ async function createRouter(options) {
   const router = Router__default["default"]();
   const appUrl = config.getString("app.baseUrl");
   const authUrl = await discovery.getExternalBaseUrl("auth");
-  const keyStore = await KeyStores.fromConfig(config, { logger, database });
+  const authDb = AuthDatabase.create(database);
+  const keyStore = await KeyStores.fromConfig(config, {
+    logger,
+    database: authDb
+  });
   const keyDurationSeconds = 3600;
   const tokenIssuer = new TokenFactory({
     issuer: authUrl,
@@ -3598,12 +3654,17 @@ async function createRouter(options) {
   if (secret) {
     router.use(cookieParser__default["default"](secret));
     const enforceCookieSSL = authUrl.startsWith("https");
+    const KnexSessionStore = connectSessionKnex__default["default"](session__default["default"]);
     router.use(
       session__default["default"]({
         secret,
         saveUninitialized: false,
         resave: false,
-        cookie: { secure: enforceCookieSSL ? "auto" : false }
+        cookie: { secure: enforceCookieSSL ? "auto" : false },
+        store: new KnexSessionStore({
+          createtable: false,
+          knex: await authDb.get()
+        })
       })
     );
     router.use(passport__default["default"].initialize());