@backstage/plugin-auth-backend 0.22.6-next.2 → 0.22.6-next.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +32 -0
- package/dist/index.cjs.js +5 -113
- package/dist/index.cjs.js.map +1 -1
- package/package.json +30 -23
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,37 @@
|
|
|
1
1
|
# @backstage/plugin-auth-backend
|
|
2
2
|
|
|
3
|
+
## 0.22.6-next.3
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- d44a20a: Added additional plugin metadata to `package.json`.
|
|
8
|
+
- 3e1bb15: Updated to use the new `@backstage/plugin-auth-backend-module-onelogin-provider` implementation
|
|
9
|
+
- Updated dependencies
|
|
10
|
+
- @backstage/plugin-auth-backend-module-onelogin-provider@0.1.0-next.0
|
|
11
|
+
- @backstage/backend-plugin-api@0.6.19-next.3
|
|
12
|
+
- @backstage/plugin-auth-node@0.4.14-next.3
|
|
13
|
+
- @backstage/plugin-auth-backend-module-atlassian-provider@0.2.0-next.2
|
|
14
|
+
- @backstage/plugin-auth-backend-module-bitbucket-provider@0.1.2-next.2
|
|
15
|
+
- @backstage/plugin-auth-backend-module-github-provider@0.1.16-next.2
|
|
16
|
+
- @backstage/plugin-auth-backend-module-gitlab-provider@0.1.16-next.2
|
|
17
|
+
- @backstage/plugin-auth-backend-module-google-provider@0.1.16-next.2
|
|
18
|
+
- @backstage/plugin-auth-backend-module-microsoft-provider@0.1.14-next.2
|
|
19
|
+
- @backstage/plugin-auth-backend-module-oauth2-provider@0.2.0-next.2
|
|
20
|
+
- @backstage/plugin-auth-backend-module-oidc-provider@0.2.0-next.3
|
|
21
|
+
- @backstage/plugin-auth-backend-module-okta-provider@0.0.12-next.2
|
|
22
|
+
- @backstage/plugin-auth-backend-module-cloudflare-access-provider@0.1.2-next.3
|
|
23
|
+
- @backstage/plugin-auth-backend-module-azure-easyauth-provider@0.1.2-next.2
|
|
24
|
+
- @backstage/plugin-auth-backend-module-oauth2-proxy-provider@0.1.12-next.2
|
|
25
|
+
- @backstage/plugin-auth-backend-module-aws-alb-provider@0.1.11-next.3
|
|
26
|
+
- @backstage/plugin-auth-backend-module-gcp-iap-provider@0.2.14-next.2
|
|
27
|
+
- @backstage/plugin-catalog-node@1.12.1-next.2
|
|
28
|
+
- @backstage/backend-common@0.23.0-next.3
|
|
29
|
+
- @backstage/catalog-client@1.6.5
|
|
30
|
+
- @backstage/catalog-model@1.5.0
|
|
31
|
+
- @backstage/config@1.2.0
|
|
32
|
+
- @backstage/errors@1.2.4
|
|
33
|
+
- @backstage/types@1.1.1
|
|
34
|
+
|
|
3
35
|
## 0.22.6-next.2
|
|
4
36
|
|
|
5
37
|
### Patch Changes
|
package/dist/index.cjs.js
CHANGED
|
@@ -26,7 +26,7 @@ var pluginAuthBackendModuleOauth2Provider = require('@backstage/plugin-auth-back
|
|
|
26
26
|
var pluginAuthBackendModuleOauth2ProxyProvider = require('@backstage/plugin-auth-backend-module-oauth2-proxy-provider');
|
|
27
27
|
var pluginAuthBackendModuleOidcProvider = require('@backstage/plugin-auth-backend-module-oidc-provider');
|
|
28
28
|
var pluginAuthBackendModuleOktaProvider = require('@backstage/plugin-auth-backend-module-okta-provider');
|
|
29
|
-
var
|
|
29
|
+
var pluginAuthBackendModuleOneloginProvider = require('@backstage/plugin-auth-backend-module-onelogin-provider');
|
|
30
30
|
var passportSaml = require('@node-saml/passport-saml');
|
|
31
31
|
var passportOauth2 = require('passport-oauth2');
|
|
32
32
|
var fetch = require('node-fetch');
|
|
@@ -952,120 +952,12 @@ const okta = createAuthProviderIntegration({
|
|
|
952
952
|
}
|
|
953
953
|
});
|
|
954
954
|
|
|
955
|
-
class OneLoginProvider {
|
|
956
|
-
_strategy;
|
|
957
|
-
signInResolver;
|
|
958
|
-
authHandler;
|
|
959
|
-
resolverContext;
|
|
960
|
-
constructor(options) {
|
|
961
|
-
this.signInResolver = options.signInResolver;
|
|
962
|
-
this.authHandler = options.authHandler;
|
|
963
|
-
this.resolverContext = options.resolverContext;
|
|
964
|
-
this._strategy = new passportOneloginOauth.Strategy(
|
|
965
|
-
{
|
|
966
|
-
issuer: options.issuer,
|
|
967
|
-
clientID: options.clientId,
|
|
968
|
-
clientSecret: options.clientSecret,
|
|
969
|
-
callbackURL: options.callbackUrl,
|
|
970
|
-
passReqToCallback: false
|
|
971
|
-
},
|
|
972
|
-
(accessToken, refreshToken, params, fullProfile, done) => {
|
|
973
|
-
done(
|
|
974
|
-
void 0,
|
|
975
|
-
{
|
|
976
|
-
accessToken,
|
|
977
|
-
refreshToken,
|
|
978
|
-
params,
|
|
979
|
-
fullProfile
|
|
980
|
-
},
|
|
981
|
-
{
|
|
982
|
-
refreshToken
|
|
983
|
-
}
|
|
984
|
-
);
|
|
985
|
-
}
|
|
986
|
-
);
|
|
987
|
-
}
|
|
988
|
-
async start(req) {
|
|
989
|
-
return await executeRedirectStrategy(req, this._strategy, {
|
|
990
|
-
accessType: "offline",
|
|
991
|
-
prompt: "consent",
|
|
992
|
-
scope: "openid",
|
|
993
|
-
state: encodeState(req.state)
|
|
994
|
-
});
|
|
995
|
-
}
|
|
996
|
-
async handler(req) {
|
|
997
|
-
const { result, privateInfo } = await executeFrameHandlerStrategy(req, this._strategy);
|
|
998
|
-
return {
|
|
999
|
-
response: await this.handleResult(result),
|
|
1000
|
-
refreshToken: privateInfo.refreshToken
|
|
1001
|
-
};
|
|
1002
|
-
}
|
|
1003
|
-
async refresh(req) {
|
|
1004
|
-
const { accessToken, refreshToken, params } = await executeRefreshTokenStrategy(
|
|
1005
|
-
this._strategy,
|
|
1006
|
-
req.refreshToken,
|
|
1007
|
-
"openid"
|
|
1008
|
-
);
|
|
1009
|
-
const fullProfile = await executeFetchUserProfileStrategy(
|
|
1010
|
-
this._strategy,
|
|
1011
|
-
accessToken
|
|
1012
|
-
);
|
|
1013
|
-
return {
|
|
1014
|
-
response: await this.handleResult({
|
|
1015
|
-
fullProfile,
|
|
1016
|
-
params,
|
|
1017
|
-
accessToken
|
|
1018
|
-
}),
|
|
1019
|
-
refreshToken
|
|
1020
|
-
};
|
|
1021
|
-
}
|
|
1022
|
-
async handleResult(result) {
|
|
1023
|
-
const { profile } = await this.authHandler(result, this.resolverContext);
|
|
1024
|
-
const response = {
|
|
1025
|
-
providerInfo: {
|
|
1026
|
-
idToken: result.params.id_token,
|
|
1027
|
-
accessToken: result.accessToken,
|
|
1028
|
-
scope: result.params.scope,
|
|
1029
|
-
expiresInSeconds: result.params.expires_in
|
|
1030
|
-
},
|
|
1031
|
-
profile
|
|
1032
|
-
};
|
|
1033
|
-
if (this.signInResolver) {
|
|
1034
|
-
response.backstageIdentity = await this.signInResolver(
|
|
1035
|
-
{
|
|
1036
|
-
result,
|
|
1037
|
-
profile
|
|
1038
|
-
},
|
|
1039
|
-
this.resolverContext
|
|
1040
|
-
);
|
|
1041
|
-
}
|
|
1042
|
-
return response;
|
|
1043
|
-
}
|
|
1044
|
-
}
|
|
1045
955
|
const onelogin = createAuthProviderIntegration({
|
|
1046
956
|
create(options) {
|
|
1047
|
-
return
|
|
1048
|
-
|
|
1049
|
-
|
|
1050
|
-
|
|
1051
|
-
const customCallbackUrl = envConfig.getOptionalString("callbackUrl");
|
|
1052
|
-
const callbackUrl = customCallbackUrl || `${globalConfig.baseUrl}/${providerId}/handler/frame`;
|
|
1053
|
-
const authHandler = options?.authHandler ? options.authHandler : async ({ fullProfile, params }) => ({
|
|
1054
|
-
profile: makeProfileInfo(fullProfile, params.id_token)
|
|
1055
|
-
});
|
|
1056
|
-
const provider = new OneLoginProvider({
|
|
1057
|
-
clientId,
|
|
1058
|
-
clientSecret,
|
|
1059
|
-
callbackUrl,
|
|
1060
|
-
issuer,
|
|
1061
|
-
authHandler,
|
|
1062
|
-
signInResolver: options?.signIn?.resolver,
|
|
1063
|
-
resolverContext
|
|
1064
|
-
});
|
|
1065
|
-
return OAuthAdapter.fromConfig(globalConfig, provider, {
|
|
1066
|
-
providerId,
|
|
1067
|
-
callbackUrl
|
|
1068
|
-
});
|
|
957
|
+
return pluginAuthNode.createOAuthProviderFactory({
|
|
958
|
+
authenticator: pluginAuthBackendModuleOneloginProvider.oneLoginAuthenticator,
|
|
959
|
+
profileTransform: adaptLegacyOAuthHandler(options?.authHandler),
|
|
960
|
+
signInResolver: adaptLegacyOAuthSignInResolver(options?.signIn?.resolver)
|
|
1069
961
|
});
|
|
1070
962
|
}
|
|
1071
963
|
});
|