@backstage/plugin-auth-backend 0.22.6-next.1 → 0.22.6-next.3

package/CHANGELOG.md

@@ -1,5 +1,66 @@
 # @backstage/plugin-auth-backend
 
+## 0.22.6-next.3
+
+### Patch Changes
+
+- d44a20a: Added additional plugin metadata to `package.json`.
+- 3e1bb15: Updated to use the new `@backstage/plugin-auth-backend-module-onelogin-provider` implementation
+- Updated dependencies
+  - @backstage/plugin-auth-backend-module-onelogin-provider@0.1.0-next.0
+  - @backstage/backend-plugin-api@0.6.19-next.3
+  - @backstage/plugin-auth-node@0.4.14-next.3
+  - @backstage/plugin-auth-backend-module-atlassian-provider@0.2.0-next.2
+  - @backstage/plugin-auth-backend-module-bitbucket-provider@0.1.2-next.2
+  - @backstage/plugin-auth-backend-module-github-provider@0.1.16-next.2
+  - @backstage/plugin-auth-backend-module-gitlab-provider@0.1.16-next.2
+  - @backstage/plugin-auth-backend-module-google-provider@0.1.16-next.2
+  - @backstage/plugin-auth-backend-module-microsoft-provider@0.1.14-next.2
+  - @backstage/plugin-auth-backend-module-oauth2-provider@0.2.0-next.2
+  - @backstage/plugin-auth-backend-module-oidc-provider@0.2.0-next.3
+  - @backstage/plugin-auth-backend-module-okta-provider@0.0.12-next.2
+  - @backstage/plugin-auth-backend-module-cloudflare-access-provider@0.1.2-next.3
+  - @backstage/plugin-auth-backend-module-azure-easyauth-provider@0.1.2-next.2
+  - @backstage/plugin-auth-backend-module-oauth2-proxy-provider@0.1.12-next.2
+  - @backstage/plugin-auth-backend-module-aws-alb-provider@0.1.11-next.3
+  - @backstage/plugin-auth-backend-module-gcp-iap-provider@0.2.14-next.2
+  - @backstage/plugin-catalog-node@1.12.1-next.2
+  - @backstage/backend-common@0.23.0-next.3
+  - @backstage/catalog-client@1.6.5
+  - @backstage/catalog-model@1.5.0
+  - @backstage/config@1.2.0
+  - @backstage/errors@1.2.4
+  - @backstage/types@1.1.1
+
+## 0.22.6-next.2
+
+### Patch Changes
+
+- Updated dependencies
+  - @backstage/backend-plugin-api@0.6.19-next.2
+  - @backstage/plugin-auth-backend-module-oidc-provider@0.1.10-next.2
+  - @backstage/backend-common@0.23.0-next.2
+  - @backstage/plugin-auth-backend-module-atlassian-provider@0.1.11-next.1
+  - @backstage/plugin-auth-backend-module-aws-alb-provider@0.1.11-next.2
+  - @backstage/plugin-auth-backend-module-azure-easyauth-provider@0.1.2-next.1
+  - @backstage/plugin-auth-backend-module-bitbucket-provider@0.1.2-next.1
+  - @backstage/plugin-auth-backend-module-cloudflare-access-provider@0.1.2-next.2
+  - @backstage/plugin-auth-backend-module-gcp-iap-provider@0.2.14-next.1
+  - @backstage/plugin-auth-backend-module-github-provider@0.1.16-next.1
+  - @backstage/plugin-auth-backend-module-gitlab-provider@0.1.16-next.1
+  - @backstage/plugin-auth-backend-module-google-provider@0.1.16-next.1
+  - @backstage/plugin-auth-backend-module-microsoft-provider@0.1.14-next.1
+  - @backstage/plugin-auth-backend-module-oauth2-provider@0.1.16-next.1
+  - @backstage/plugin-auth-backend-module-oauth2-proxy-provider@0.1.12-next.1
+  - @backstage/plugin-auth-backend-module-okta-provider@0.0.12-next.1
+  - @backstage/plugin-auth-node@0.4.14-next.2
+  - @backstage/plugin-catalog-node@1.12.1-next.1
+  - @backstage/catalog-client@1.6.5
+  - @backstage/catalog-model@1.5.0
+  - @backstage/config@1.2.0
+  - @backstage/errors@1.2.4
+  - @backstage/types@1.1.1
+
 ## 0.22.6-next.1
 
 ### Patch Changes

package/dist/index.cjs.js

@@ -26,7 +26,7 @@ var pluginAuthBackendModuleOauth2Provider = require('@backstage/plugin-auth-back
 var pluginAuthBackendModuleOauth2ProxyProvider = require('@backstage/plugin-auth-backend-module-oauth2-proxy-provider');
 var pluginAuthBackendModuleOidcProvider = require('@backstage/plugin-auth-backend-module-oidc-provider');
 var pluginAuthBackendModuleOktaProvider = require('@backstage/plugin-auth-backend-module-okta-provider');
-var passportOneloginOauth = require('passport-onelogin-oauth');
+var pluginAuthBackendModuleOneloginProvider = require('@backstage/plugin-auth-backend-module-onelogin-provider');
 var passportSaml = require('@node-saml/passport-saml');
 var passportOauth2 = require('passport-oauth2');
 var fetch = require('node-fetch');
@@ -952,120 +952,12 @@ const okta = createAuthProviderIntegration({
   }
 });
 
-class OneLoginProvider {
-  _strategy;
-  signInResolver;
-  authHandler;
-  resolverContext;
-  constructor(options) {
-    this.signInResolver = options.signInResolver;
-    this.authHandler = options.authHandler;
-    this.resolverContext = options.resolverContext;
-    this._strategy = new passportOneloginOauth.Strategy(
-      {
-        issuer: options.issuer,
-        clientID: options.clientId,
-        clientSecret: options.clientSecret,
-        callbackURL: options.callbackUrl,
-        passReqToCallback: false
-      },
-      (accessToken, refreshToken, params, fullProfile, done) => {
-        done(
-          void 0,
-          {
-            accessToken,
-            refreshToken,
-            params,
-            fullProfile
-          },
-          {
-            refreshToken
-          }
-        );
-      }
-    );
-  }
-  async start(req) {
-    return await executeRedirectStrategy(req, this._strategy, {
-      accessType: "offline",
-      prompt: "consent",
-      scope: "openid",
-      state: encodeState(req.state)
-    });
-  }
-  async handler(req) {
-    const { result, privateInfo } = await executeFrameHandlerStrategy(req, this._strategy);
-    return {
-      response: await this.handleResult(result),
-      refreshToken: privateInfo.refreshToken
-    };
-  }
-  async refresh(req) {
-    const { accessToken, refreshToken, params } = await executeRefreshTokenStrategy(
-      this._strategy,
-      req.refreshToken,
-      "openid"
-    );
-    const fullProfile = await executeFetchUserProfileStrategy(
-      this._strategy,
-      accessToken
-    );
-    return {
-      response: await this.handleResult({
-        fullProfile,
-        params,
-        accessToken
-      }),
-      refreshToken
-    };
-  }
-  async handleResult(result) {
-    const { profile } = await this.authHandler(result, this.resolverContext);
-    const response = {
-      providerInfo: {
-        idToken: result.params.id_token,
-        accessToken: result.accessToken,
-        scope: result.params.scope,
-        expiresInSeconds: result.params.expires_in
-      },
-      profile
-    };
-    if (this.signInResolver) {
-      response.backstageIdentity = await this.signInResolver(
-        {
-          result,
-          profile
-        },
-        this.resolverContext
-      );
-    }
-    return response;
-  }
-}
 const onelogin = createAuthProviderIntegration({
   create(options) {
-    return ({ providerId, globalConfig, config, resolverContext }) => OAuthEnvironmentHandler.mapConfig(config, (envConfig) => {
-      const clientId = envConfig.getString("clientId");
-      const clientSecret = envConfig.getString("clientSecret");
-      const issuer = envConfig.getString("issuer");
-      const customCallbackUrl = envConfig.getOptionalString("callbackUrl");
-      const callbackUrl = customCallbackUrl || `${globalConfig.baseUrl}/${providerId}/handler/frame`;
-      const authHandler = options?.authHandler ? options.authHandler : async ({ fullProfile, params }) => ({
-        profile: makeProfileInfo(fullProfile, params.id_token)
-      });
-      const provider = new OneLoginProvider({
-        clientId,
-        clientSecret,
-        callbackUrl,
-        issuer,
-        authHandler,
-        signInResolver: options?.signIn?.resolver,
-        resolverContext
-      });
-      return OAuthAdapter.fromConfig(globalConfig, provider, {
-        providerId,
-        callbackUrl
-      });
+    return pluginAuthNode.createOAuthProviderFactory({
+      authenticator: pluginAuthBackendModuleOneloginProvider.oneLoginAuthenticator,
+      profileTransform: adaptLegacyOAuthHandler(options?.authHandler),
+      signInResolver: adaptLegacyOAuthSignInResolver(options?.signIn?.resolver)
     });
   }
 });