@backstage/plugin-auth-backend 0.22.4-next.1 → 0.22.5-next.0

package/dist/index.d.ts

@@ -1,20 +1,23 @@
 import * as _backstage_backend_plugin_api from '@backstage/backend-plugin-api';
 import { LoggerService, AuthService, HttpAuthService, DiscoveryService } from '@backstage/backend-plugin-api';
 import express from 'express';
+import * as _backstage_plugin_auth_node from '@backstage/plugin-auth-node';
+import { TokenParams as TokenParams$1, AuthProviderFactory as AuthProviderFactory$1, AuthOwnershipResolver, ProfileInfo as ProfileInfo$1, BackstageSignInResult, OAuthState as OAuthState$1, AuthResolverCatalogUserQuery as AuthResolverCatalogUserQuery$1, AuthResolverContext as AuthResolverContext$1, CookieConfigurer as CookieConfigurer$1, AuthProviderConfig as AuthProviderConfig$1, AuthProviderRouteHandlers as AuthProviderRouteHandlers$1, ClientAuthResponse, SignInInfo as SignInInfo$1, SignInResolver as SignInResolver$1, OAuthEnvironmentHandler as OAuthEnvironmentHandler$1, decodeOAuthState, encodeOAuthState, prepareBackstageIdentityResponse as prepareBackstageIdentityResponse$1, WebMessageResponse as WebMessageResponse$1 } from '@backstage/plugin-auth-node';
 import { PluginDatabaseManager, PluginEndpointDiscovery, TokenManager } from '@backstage/backend-common';
 import { CatalogApi } from '@backstage/catalog-client';
 import { Config } from '@backstage/config';
-import * as _backstage_plugin_auth_node from '@backstage/plugin-auth-node';
-import { TokenParams as TokenParams$1, AuthProviderFactory as AuthProviderFactory$1, ProfileInfo as ProfileInfo$1, BackstageSignInResult, OAuthState as OAuthState$1, AuthResolverCatalogUserQuery as AuthResolverCatalogUserQuery$1, AuthResolverContext as AuthResolverContext$1, CookieConfigurer as CookieConfigurer$1, AuthProviderConfig as AuthProviderConfig$1, AuthProviderRouteHandlers as AuthProviderRouteHandlers$1, ClientAuthResponse, SignInInfo as SignInInfo$1, SignInResolver as SignInResolver$1, OAuthEnvironmentHandler as OAuthEnvironmentHandler$1, decodeOAuthState, encodeOAuthState, prepareBackstageIdentityResponse as prepareBackstageIdentityResponse$1, WebMessageResponse as WebMessageResponse$1 } from '@backstage/plugin-auth-node';
 import { Profile } from 'passport';
 import * as _backstage_plugin_auth_backend_module_aws_alb_provider from '@backstage/plugin-auth-backend-module-aws-alb-provider';
 import { AwsAlbResult as AwsAlbResult$1 } from '@backstage/plugin-auth-backend-module-aws-alb-provider';
+import * as _backstage_plugin_auth_backend_module_azure_easyauth_provider from '@backstage/plugin-auth-backend-module-azure-easyauth-provider';
+import { AzureEasyAuthResult } from '@backstage/plugin-auth-backend-module-azure-easyauth-provider';
 import * as _backstage_plugin_auth_backend_module_oauth2_proxy_provider from '@backstage/plugin-auth-backend-module-oauth2-proxy-provider';
 import { OAuth2ProxyResult as OAuth2ProxyResult$1 } from '@backstage/plugin-auth-backend-module-oauth2-proxy-provider';
 import * as _backstage_plugin_auth_backend_module_oidc_provider from '@backstage/plugin-auth-backend-module-oidc-provider';
 import { OidcAuthResult as OidcAuthResult$1 } from '@backstage/plugin-auth-backend-module-oidc-provider';
 import * as _backstage_plugin_auth_backend_module_gcp_iap_provider from '@backstage/plugin-auth-backend-module-gcp-iap-provider';
 import { GcpIapTokenInfo as GcpIapTokenInfo$1, GcpIapResult as GcpIapResult$1 } from '@backstage/plugin-auth-backend-module-gcp-iap-provider';
+import * as _backstage_plugin_auth_backend_module_cloudflare_access_provider from '@backstage/plugin-auth-backend-module-cloudflare-access-provider';
 import { UserEntity, Entity } from '@backstage/catalog-model';
 
 /**
@@ -50,6 +53,7 @@ interface RouterOptions {
     providerFactories?: ProviderFactories;
     disableDefaultProviderFactories?: boolean;
     catalogApi?: CatalogApi;
+    ownershipResolver?: AuthOwnershipResolver;
 }
 /** @public */
 declare function createRouter(options: RouterOptions): Promise<express.Router>;
@@ -283,11 +287,11 @@ type StateEncoder = (req: OAuthStartRequest) => Promise<{
  */
 type AwsAlbResult = AwsAlbResult$1;
 
-/** @public */
-type EasyAuthResult = {
-    fullProfile: Profile;
-    accessToken?: string;
-};
+/**
+ * @public
+ * @deprecated import AzureEasyAuthResult from `@backstage/plugin-auth-backend-module-azure-easyauth-provider` instead
+ */
+type EasyAuthResult = AzureEasyAuthResult;
 
 /**
  * @public
@@ -352,7 +356,10 @@ declare const encodeState: typeof encodeOAuthState;
  */
 declare const verifyNonce: (req: express.Request, providerId: string) => void;
 
-/** @public */
+/**
+ * @public
+ * @deprecated The Bitbucket auth provider was extracted to `@backstage/plugin-auth-backend-module-bitbucket-provider`.
+ */
 type BitbucketOAuthResult = {
     fullProfile: BitbucketPassportProfile;
     params: {
@@ -363,7 +370,10 @@ type BitbucketOAuthResult = {
     accessToken: string;
     refreshToken?: string;
 };
-/** @public */
+/**
+ * @public
+ * @deprecated The Bitbucket auth provider was extracted to `@backstage/plugin-auth-backend-module-bitbucket-provider`.
+ */
 type BitbucketPassportProfile = Profile & {
     id?: string;
     displayName?: string;
@@ -398,6 +408,7 @@ type BitbucketServerOAuthResult = {
  * enrich user profile for sign-in user entity
  *
  * @public
+ * @deprecated import from `@backstage/plugin-auth-backend-module-cloudflare-access-provider` instead
  */
 type CloudflareAccessClaims = {
     /**
@@ -440,6 +451,7 @@ type CloudflareAccessClaims = {
  * CloudflareAccessGroup
  *
  * @public
+ * @deprecated import from `@backstage/plugin-auth-backend-module-cloudflare-access-provider` instead
  */
 type CloudflareAccessGroup = {
     /**
@@ -462,6 +474,7 @@ type CloudflareAccessGroup = {
  * enrich user profile for sign-in user entity
  *
  * @public
+ * @deprecated import from `@backstage/plugin-auth-backend-module-cloudflare-access-provider` instead
  */
 type CloudflareAccessIdentityProfile = {
     id: string;
@@ -471,6 +484,7 @@ type CloudflareAccessIdentityProfile = {
 };
 /**
  * @public
+ * @deprecated import from `@backstage/plugin-auth-backend-module-cloudflare-access-provider` instead
  */
 type CloudflareAccessResult = {
     claims: CloudflareAccessClaims;
@@ -565,8 +579,8 @@ declare const providers: Readonly<{
             } | undefined;
         } | undefined) => AuthProviderFactory$1;
         resolvers: Readonly<{
-            usernameMatchingUserEntityAnnotation(): _backstage_plugin_auth_node.SignInResolver<OAuthResult>;
-            userIdMatchingUserEntityAnnotation(): _backstage_plugin_auth_node.SignInResolver<OAuthResult>;
+            userIdMatchingUserEntityAnnotation: () => _backstage_plugin_auth_node.SignInResolver<OAuthResult>;
+            usernameMatchingUserEntityAnnotation: () => _backstage_plugin_auth_node.SignInResolver<OAuthResult>;
         }>;
     }>;
     bitbucketServer: Readonly<{
@@ -588,9 +602,7 @@ declare const providers: Readonly<{
             };
             cache?: _backstage_backend_plugin_api.CacheService | undefined;
         }) => AuthProviderFactory$1;
-        resolvers: Readonly<{
-            emailMatchingUserEntityProfileEmail: () => _backstage_plugin_auth_node.SignInResolver<unknown>;
-        }>;
+        resolvers: Readonly<typeof _backstage_plugin_auth_backend_module_cloudflare_access_provider.cloudflareAccessSignInResolvers>;
     }>;
     gcpIap: Readonly<{
         create: (options: {
@@ -713,9 +725,9 @@ declare const providers: Readonly<{
     }>;
     easyAuth: Readonly<{
         create: (options?: {
-            authHandler?: AuthHandler<EasyAuthResult> | undefined;
+            authHandler?: AuthHandler<_backstage_plugin_auth_backend_module_azure_easyauth_provider.AzureEasyAuthResult> | undefined;
             signIn: {
-                resolver: _backstage_plugin_auth_node.SignInResolver<EasyAuthResult>;
+                resolver: _backstage_plugin_auth_node.SignInResolver<_backstage_plugin_auth_backend_module_azure_easyauth_provider.AzureEasyAuthResult>;
             };
         } | undefined) => AuthProviderFactory$1;
         resolvers: never;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@backstage/plugin-auth-backend",
-  "version": "0.22.4-next.1",
+  "version": "0.22.5-next.0",
   "description": "A Backstage backend plugin that handles authentication",
   "backstage": {
     "role": "backend-plugin"
@@ -37,25 +37,28 @@
     "test": "backstage-cli package test"
   },
   "dependencies": {
-    "@backstage/backend-common": "^0.21.7-next.1",
-    "@backstage/backend-plugin-api": "^0.6.17-next.1",
-    "@backstage/catalog-client": "^1.6.4-next.0",
-    "@backstage/catalog-model": "^1.4.5",
+    "@backstage/backend-common": "^0.21.8-next.0",
+    "@backstage/backend-plugin-api": "^0.6.18-next.0",
+    "@backstage/catalog-client": "^1.6.5-next.0",
+    "@backstage/catalog-model": "^1.5.0-next.0",
     "@backstage/config": "^1.2.0",
     "@backstage/errors": "^1.2.4",
-    "@backstage/plugin-auth-backend-module-atlassian-provider": "^0.1.9-next.1",
-    "@backstage/plugin-auth-backend-module-aws-alb-provider": "^0.1.9-next.1",
-    "@backstage/plugin-auth-backend-module-gcp-iap-provider": "^0.2.12-next.1",
-    "@backstage/plugin-auth-backend-module-github-provider": "^0.1.14-next.1",
-    "@backstage/plugin-auth-backend-module-gitlab-provider": "^0.1.14-next.1",
-    "@backstage/plugin-auth-backend-module-google-provider": "^0.1.14-next.1",
-    "@backstage/plugin-auth-backend-module-microsoft-provider": "^0.1.12-next.1",
-    "@backstage/plugin-auth-backend-module-oauth2-provider": "^0.1.14-next.1",
-    "@backstage/plugin-auth-backend-module-oauth2-proxy-provider": "^0.1.10-next.1",
-    "@backstage/plugin-auth-backend-module-oidc-provider": "^0.1.8-next.1",
-    "@backstage/plugin-auth-backend-module-okta-provider": "^0.0.10-next.1",
-    "@backstage/plugin-auth-node": "^0.4.12-next.1",
-    "@backstage/plugin-catalog-node": "^1.11.1-next.1",
+    "@backstage/plugin-auth-backend-module-atlassian-provider": "^0.1.10-next.0",
+    "@backstage/plugin-auth-backend-module-aws-alb-provider": "^0.1.10-next.0",
+    "@backstage/plugin-auth-backend-module-azure-easyauth-provider": "^0.1.1-next.0",
+    "@backstage/plugin-auth-backend-module-bitbucket-provider": "^0.1.1-next.0",
+    "@backstage/plugin-auth-backend-module-cloudflare-access-provider": "^0.1.1-next.0",
+    "@backstage/plugin-auth-backend-module-gcp-iap-provider": "^0.2.13-next.0",
+    "@backstage/plugin-auth-backend-module-github-provider": "^0.1.15-next.0",
+    "@backstage/plugin-auth-backend-module-gitlab-provider": "^0.1.15-next.0",
+    "@backstage/plugin-auth-backend-module-google-provider": "^0.1.15-next.0",
+    "@backstage/plugin-auth-backend-module-microsoft-provider": "^0.1.13-next.0",
+    "@backstage/plugin-auth-backend-module-oauth2-provider": "^0.1.15-next.0",
+    "@backstage/plugin-auth-backend-module-oauth2-proxy-provider": "^0.1.11-next.0",
+    "@backstage/plugin-auth-backend-module-oidc-provider": "^0.1.9-next.0",
+    "@backstage/plugin-auth-backend-module-okta-provider": "^0.0.11-next.0",
+    "@backstage/plugin-auth-node": "^0.4.13-next.0",
+    "@backstage/plugin-catalog-node": "^1.11.2-next.0",
     "@backstage/types": "^1.1.1",
     "@google-cloud/firestore": "^7.0.0",
     "@node-saml/passport-saml": "^4.0.4",
@@ -81,7 +84,6 @@
     "openid-client": "^5.2.1",
     "passport": "^0.7.0",
     "passport-auth0": "^1.4.3",
-    "passport-bitbucket-oauth2": "^0.1.2",
     "passport-github2": "^0.1.12",
     "passport-google-oauth20": "^2.0.0",
     "passport-microsoft": "^1.0.0",
@@ -92,9 +94,9 @@
     "yn": "^4.0.0"
   },
   "devDependencies": {
-    "@backstage/backend-defaults": "^0.2.17-next.1",
-    "@backstage/backend-test-utils": "^0.3.7-next.1",
-    "@backstage/cli": "^0.26.3-next.1",
+    "@backstage/backend-defaults": "^0.2.18-next.0",
+    "@backstage/backend-test-utils": "^0.3.8-next.0",
+    "@backstage/cli": "^0.26.5-next.0",
     "@types/body-parser": "^1.19.0",
     "@types/cookie-parser": "^1.4.2",
     "@types/express-session": "^1.17.2",