@backstage/plugin-auth-backend 0.19.4 → 0.20.0-next.1

package/CHANGELOG.md

@@ -1,15 +1,50 @@
 # @backstage/plugin-auth-backend
 
-## 0.19.4
+## 0.20.0-next.1
 
 ### Patch Changes
 
-- bbbacb66f8e4: Reverted the Microsoft auth provider to the previous implementation.
+- 243c655a68: JSDoc and Error message updates to handle `Azure Active Directory` re-brand to `Entra ID`
 - Updated dependencies
-  - @backstage/plugin-auth-backend-module-github-provider@0.1.3
-  - @backstage/plugin-auth-backend-module-gitlab-provider@0.1.3
-  - @backstage/plugin-auth-backend-module-google-provider@0.1.3
-  - @backstage/plugin-auth-backend-module-oauth2-provider@0.1.3
+  - @backstage/plugin-catalog-node@1.5.0-next.1
+  - @backstage/backend-common@0.19.9-next.1
+  - @backstage/plugin-auth-backend-module-github-provider@0.1.4-next.1
+  - @backstage/plugin-auth-backend-module-gitlab-provider@0.1.4-next.1
+  - @backstage/plugin-auth-backend-module-google-provider@0.1.4-next.1
+  - @backstage/plugin-auth-backend-module-oauth2-provider@0.1.4-next.1
+  - @backstage/plugin-auth-backend-module-gcp-iap-provider@0.2.1-next.1
+  - @backstage/plugin-auth-node@0.4.1-next.1
+  - @backstage/backend-plugin-api@0.6.7-next.1
+  - @backstage/catalog-client@1.4.5
+  - @backstage/catalog-model@1.4.3
+  - @backstage/config@1.1.1
+  - @backstage/errors@1.2.3
+  - @backstage/types@1.1.1
+
+## 0.20.0-next.0
+
+### Minor Changes
+
+- bdf08ad04a: Adds the StaticTokenIssuer and StaticKeyStore, an alternative token issuer that can be used to sign the Authorization header using a predefined public/private key pair.
+
+### Patch Changes
+
+- 96c4f54bf6: Reverted the Microsoft auth provider to the previous implementation.
+- Updated dependencies
+  - @backstage/backend-common@0.19.9-next.0
+  - @backstage/backend-plugin-api@0.6.7-next.0
+  - @backstage/catalog-client@1.4.5
+  - @backstage/catalog-model@1.4.3
+  - @backstage/config@1.1.1
+  - @backstage/errors@1.2.3
+  - @backstage/types@1.1.1
+  - @backstage/plugin-auth-backend-module-gcp-iap-provider@0.2.1-next.0
+  - @backstage/plugin-auth-backend-module-github-provider@0.1.4-next.0
+  - @backstage/plugin-auth-backend-module-gitlab-provider@0.1.4-next.0
+  - @backstage/plugin-auth-backend-module-google-provider@0.1.4-next.0
+  - @backstage/plugin-auth-backend-module-oauth2-provider@0.1.4-next.0
+  - @backstage/plugin-auth-node@0.4.1-next.0
+  - @backstage/plugin-catalog-node@1.4.8-next.0
 
 ## 0.19.3
 

package/README.md

@@ -158,6 +158,10 @@ To try out SAML, you can use the mock identity provider:
 
 [How to add an auth provider](https://github.com/backstage/backstage/blob/master/docs/auth/add-auth-provider.md)
 
+## Token issuers
+
+[Configuring token issuers](https://github.com/backstage/backstage/blob/master/docs/auth/index.md)
+
 ## Links
 
 - [The Backstage homepage](https://backstage.io)

package/config.d.ts

@@ -43,7 +43,7 @@ export interface Config {
 
     /** To control how to store JWK data in auth-backend */
     keyStore?: {
-      provider?: 'database' | 'memory' | 'firestore';
+      provider?: 'database' | 'memory' | 'firestore' | 'static';
       firestore?: {
         /** The host to connect to */
         host?: string;
@@ -65,6 +65,21 @@ export interface Config {
         /** Timeout used for database operations. Defaults to 10000ms */
         timeout?: number;
       };
+      static?: {
+        /** Must be declared at least once and the first one will be used for signing */
+        keys: Array<{
+          /** Path to the public key file in the SPKI format */
+          publicKeyFile: string;
+          /** Path to the matching private key file in the PKCS#8 format */
+          privateKeyFile: string;
+          /** id to uniquely identify this key within the JWK set */
+          keyId: string;
+          /** JWS "alg" (Algorithm) Header Parameter value. Defaults to ES256.
+           * Must match the algorithm used to generate the keys in the provided files
+           */
+          algorithm?: string;
+        }>;
+      };
     };
 
     /**