@backstage/plugin-auth-backend 0.24.4-next.0 → 0.24.4-next.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (26) hide show
  1. package/CHANGELOG.md +88 -0
  2. package/dist/index.d.ts +55 -39
  3. package/dist/lib/catalog/CatalogIdentityClient.cjs.js.map +1 -1
  4. package/dist/lib/resolvers/CatalogAuthResolverContext.cjs.js +10 -8
  5. package/dist/lib/resolvers/CatalogAuthResolverContext.cjs.js.map +1 -1
  6. package/dist/providers/atlassian/provider.cjs.js.map +1 -1
  7. package/dist/providers/auth0/provider.cjs.js.map +1 -1
  8. package/dist/providers/aws-alb/provider.cjs.js.map +1 -1
  9. package/dist/providers/azure-easyauth/provider.cjs.js.map +1 -1
  10. package/dist/providers/bitbucket/provider.cjs.js.map +1 -1
  11. package/dist/providers/cloudflare-access/provider.cjs.js.map +1 -1
  12. package/dist/providers/createAuthProviderIntegration.cjs.js.map +1 -1
  13. package/dist/providers/gcp-iap/provider.cjs.js.map +1 -1
  14. package/dist/providers/github/provider.cjs.js.map +1 -1
  15. package/dist/providers/gitlab/provider.cjs.js.map +1 -1
  16. package/dist/providers/google/provider.cjs.js.map +1 -1
  17. package/dist/providers/microsoft/provider.cjs.js.map +1 -1
  18. package/dist/providers/oauth2/provider.cjs.js.map +1 -1
  19. package/dist/providers/oauth2-proxy/provider.cjs.js.map +1 -1
  20. package/dist/providers/oidc/provider.cjs.js.map +1 -1
  21. package/dist/providers/okta/provider.cjs.js.map +1 -1
  22. package/dist/providers/onelogin/provider.cjs.js.map +1 -1
  23. package/dist/providers/providers.cjs.js.map +1 -1
  24. package/dist/providers/router.cjs.js.map +1 -1
  25. package/dist/providers/saml/provider.cjs.js.map +1 -1
  26. package/package.json +25 -32
package/CHANGELOG.md CHANGED
@@ -1,5 +1,93 @@
1
1
  # @backstage/plugin-auth-backend
2
2
 
3
+ ## 0.24.4-next.2
4
+
5
+ ### Patch Changes
6
+
7
+ - Updated dependencies
8
+ - @backstage/plugin-auth-backend-module-oauth2-provider@0.4.1-next.2
9
+ - @backstage/plugin-auth-backend-module-oidc-provider@0.4.1-next.2
10
+ - @backstage/plugin-auth-backend-module-okta-provider@0.2.1-next.2
11
+ - @backstage/backend-plugin-api@1.2.1-next.1
12
+ - @backstage/catalog-client@1.9.1
13
+ - @backstage/catalog-model@1.7.3
14
+ - @backstage/config@1.3.2
15
+ - @backstage/errors@1.2.7
16
+ - @backstage/types@1.2.1
17
+ - @backstage/plugin-auth-backend-module-atlassian-provider@0.4.1-next.1
18
+ - @backstage/plugin-auth-backend-module-auth0-provider@0.2.1-next.1
19
+ - @backstage/plugin-auth-backend-module-aws-alb-provider@0.4.1-next.2
20
+ - @backstage/plugin-auth-backend-module-azure-easyauth-provider@0.2.6-next.1
21
+ - @backstage/plugin-auth-backend-module-bitbucket-provider@0.3.1-next.1
22
+ - @backstage/plugin-auth-backend-module-bitbucket-server-provider@0.2.1-next.1
23
+ - @backstage/plugin-auth-backend-module-cloudflare-access-provider@0.4.1-next.1
24
+ - @backstage/plugin-auth-backend-module-gcp-iap-provider@0.4.1-next.1
25
+ - @backstage/plugin-auth-backend-module-github-provider@0.3.1-next.1
26
+ - @backstage/plugin-auth-backend-module-gitlab-provider@0.3.1-next.1
27
+ - @backstage/plugin-auth-backend-module-google-provider@0.3.1-next.1
28
+ - @backstage/plugin-auth-backend-module-microsoft-provider@0.3.1-next.1
29
+ - @backstage/plugin-auth-backend-module-oauth2-proxy-provider@0.2.6-next.1
30
+ - @backstage/plugin-auth-backend-module-onelogin-provider@0.3.1-next.1
31
+ - @backstage/plugin-auth-node@0.6.1-next.1
32
+ - @backstage/plugin-catalog-node@1.16.1-next.1
33
+
34
+ ## 0.24.4-next.1
35
+
36
+ ### Patch Changes
37
+
38
+ - 7956beb: Marked the remaining exports related to `createRouter` and the old backend system as deprecated.
39
+
40
+ For more information about migrating to the new backend system, see the [migration guide](https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin).
41
+
42
+ Support for the old backend system will be removed in the next release of this plugin.
43
+
44
+ - b6702ea: Deprecated `getDefaultOwnershipEntityRefs` in favor of the new `.resolveOwnershipEntityRefs(...)` method in the `AuthResolverContext`.
45
+
46
+ The following code in a custom sign-in resolver:
47
+
48
+ ```ts
49
+ import { getDefaultOwnershipEntityRefs } from '@backstage/plugin-auth-backend';
50
+
51
+ // ...
52
+
53
+ const ent = getDefaultOwnershipEntityRefs(entity);
54
+ ```
55
+
56
+ Can be replaced with the following:
57
+
58
+ ```ts
59
+ const { ownershipEntityRefs: ent } = await ctx.resolveOwnershipEntityRefs(
60
+ entity,
61
+ );
62
+ ```
63
+
64
+ - Updated dependencies
65
+ - @backstage/plugin-auth-node@0.6.1-next.1
66
+ - @backstage/backend-plugin-api@1.2.1-next.1
67
+ - @backstage/catalog-client@1.9.1
68
+ - @backstage/catalog-model@1.7.3
69
+ - @backstage/config@1.3.2
70
+ - @backstage/errors@1.2.7
71
+ - @backstage/types@1.2.1
72
+ - @backstage/plugin-auth-backend-module-atlassian-provider@0.4.1-next.1
73
+ - @backstage/plugin-auth-backend-module-auth0-provider@0.2.1-next.1
74
+ - @backstage/plugin-auth-backend-module-aws-alb-provider@0.4.1-next.1
75
+ - @backstage/plugin-auth-backend-module-azure-easyauth-provider@0.2.6-next.1
76
+ - @backstage/plugin-auth-backend-module-bitbucket-provider@0.3.1-next.1
77
+ - @backstage/plugin-auth-backend-module-bitbucket-server-provider@0.2.1-next.1
78
+ - @backstage/plugin-auth-backend-module-cloudflare-access-provider@0.4.1-next.1
79
+ - @backstage/plugin-auth-backend-module-gcp-iap-provider@0.4.1-next.1
80
+ - @backstage/plugin-auth-backend-module-github-provider@0.3.1-next.1
81
+ - @backstage/plugin-auth-backend-module-gitlab-provider@0.3.1-next.1
82
+ - @backstage/plugin-auth-backend-module-google-provider@0.3.1-next.1
83
+ - @backstage/plugin-auth-backend-module-microsoft-provider@0.3.1-next.1
84
+ - @backstage/plugin-auth-backend-module-oauth2-provider@0.4.1-next.1
85
+ - @backstage/plugin-auth-backend-module-oauth2-proxy-provider@0.2.6-next.1
86
+ - @backstage/plugin-auth-backend-module-oidc-provider@0.4.1-next.1
87
+ - @backstage/plugin-auth-backend-module-okta-provider@0.2.1-next.1
88
+ - @backstage/plugin-auth-backend-module-onelogin-provider@0.3.1-next.1
89
+ - @backstage/plugin-catalog-node@1.16.1-next.1
90
+
3
91
  ## 0.24.4-next.0
4
92
 
5
93
  ### Patch Changes
package/dist/index.d.ts CHANGED
@@ -15,7 +15,6 @@ import * as _backstage_plugin_auth_backend_module_oauth2_proxy_provider from '@b
15
15
  import { OAuth2ProxyResult as OAuth2ProxyResult$1 } from '@backstage/plugin-auth-backend-module-oauth2-proxy-provider';
16
16
  import * as _backstage_plugin_auth_backend_module_oidc_provider from '@backstage/plugin-auth-backend-module-oidc-provider';
17
17
  import { OidcAuthResult as OidcAuthResult$1 } from '@backstage/plugin-auth-backend-module-oidc-provider';
18
- import * as _backstage_plugin_auth_backend_module_gcp_iap_provider from '@backstage/plugin-auth-backend-module-gcp-iap-provider';
19
18
  import { GcpIapTokenInfo as GcpIapTokenInfo$1, GcpIapResult as GcpIapResult$1 } from '@backstage/plugin-auth-backend-module-gcp-iap-provider';
20
19
  import * as _backstage_plugin_auth_backend_module_cloudflare_access_provider from '@backstage/plugin-auth-backend-module-cloudflare-access-provider';
21
20
  import { UserEntity, Entity } from '@backstage/catalog-model';
@@ -33,11 +32,17 @@ declare const authPlugin: _backstage_backend_plugin_api.BackendFeature;
33
32
  */
34
33
  type TokenParams = TokenParams$1;
35
34
 
36
- /** @public */
35
+ /**
36
+ * @public
37
+ * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin
38
+ */
37
39
  type ProviderFactories = {
38
40
  [s: string]: AuthProviderFactory$1;
39
41
  };
40
- /** @public */
42
+ /**
43
+ * @public
44
+ * @deprecated this export will be removed
45
+ */
41
46
  declare function createOriginFilter(config: Config): (origin: string) => boolean;
42
47
 
43
48
  /**
@@ -502,7 +507,10 @@ type CloudflareAccessResult = {
502
507
  token: string;
503
508
  };
504
509
 
505
- /** @public */
510
+ /**
511
+ * @public
512
+ * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin
513
+ */
506
514
  type GithubOAuthResult = {
507
515
  fullProfile: Profile;
508
516
  params: {
@@ -526,7 +534,10 @@ type OAuth2ProxyResult = OAuth2ProxyResult$1;
526
534
  */
527
535
  type OidcAuthResult = OidcAuthResult$1;
528
536
 
529
- /** @public */
537
+ /**
538
+ * @public
539
+ * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin
540
+ */
530
541
  type SamlAuthResult = {
531
542
  fullProfile: any;
532
543
  };
@@ -551,29 +562,30 @@ type GcpIapResult = GcpIapResult$1;
551
562
  * All built-in auth provider integrations.
552
563
  *
553
564
  * @public
565
+ * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin
554
566
  */
555
567
  declare const providers: Readonly<{
556
568
  atlassian: Readonly<{
557
569
  create: (options?: {
558
- authHandler?: AuthHandler<OAuthResult> | undefined;
570
+ authHandler?: AuthHandler<OAuthResult>;
559
571
  signIn?: {
560
572
  resolver: _backstage_plugin_auth_node.SignInResolver<OAuthResult>;
561
- } | undefined;
573
+ };
562
574
  } | undefined) => AuthProviderFactory$1;
563
575
  resolvers: never;
564
576
  }>;
565
577
  auth0: Readonly<{
566
578
  create: (options?: {
567
- authHandler?: AuthHandler<OAuthResult> | undefined;
579
+ authHandler?: AuthHandler<OAuthResult>;
568
580
  signIn?: {
569
581
  resolver: _backstage_plugin_auth_node.SignInResolver<OAuthResult>;
570
- } | undefined;
582
+ };
571
583
  } | undefined) => AuthProviderFactory$1;
572
584
  resolvers: never;
573
585
  }>;
574
586
  awsAlb: Readonly<{
575
587
  create: (options?: {
576
- authHandler?: AuthHandler<_backstage_plugin_auth_backend_module_aws_alb_provider.AwsAlbResult> | undefined;
588
+ authHandler?: AuthHandler<_backstage_plugin_auth_backend_module_aws_alb_provider.AwsAlbResult>;
577
589
  signIn: {
578
590
  resolver: _backstage_plugin_auth_node.SignInResolver<_backstage_plugin_auth_backend_module_aws_alb_provider.AwsAlbResult>;
579
591
  };
@@ -582,10 +594,10 @@ declare const providers: Readonly<{
582
594
  }>;
583
595
  bitbucket: Readonly<{
584
596
  create: (options?: {
585
- authHandler?: AuthHandler<OAuthResult> | undefined;
597
+ authHandler?: AuthHandler<OAuthResult>;
586
598
  signIn?: {
587
599
  resolver: _backstage_plugin_auth_node.SignInResolver<OAuthResult>;
588
- } | undefined;
600
+ };
589
601
  } | undefined) => AuthProviderFactory$1;
590
602
  resolvers: Readonly<{
591
603
  userIdMatchingUserEntityAnnotation: () => _backstage_plugin_auth_node.SignInResolver<OAuthResult>;
@@ -594,10 +606,10 @@ declare const providers: Readonly<{
594
606
  }>;
595
607
  bitbucketServer: Readonly<{
596
608
  create: (options?: {
597
- authHandler?: AuthHandler<BitbucketServerOAuthResult> | undefined;
609
+ authHandler?: AuthHandler<BitbucketServerOAuthResult>;
598
610
  signIn?: {
599
611
  resolver: _backstage_plugin_auth_node.SignInResolver<BitbucketServerOAuthResult>;
600
- } | undefined;
612
+ };
601
613
  } | undefined) => AuthProviderFactory$1;
602
614
  resolvers: Readonly<{
603
615
  emailMatchingUserEntityProfileEmail: () => _backstage_plugin_auth_node.SignInResolver<BitbucketServerOAuthResult>;
@@ -605,30 +617,30 @@ declare const providers: Readonly<{
605
617
  }>;
606
618
  cfAccess: Readonly<{
607
619
  create: (options: {
608
- authHandler?: AuthHandler<CloudflareAccessResult> | undefined;
620
+ authHandler?: AuthHandler<CloudflareAccessResult>;
609
621
  signIn: {
610
622
  resolver: _backstage_plugin_auth_node.SignInResolver<CloudflareAccessResult>;
611
623
  };
612
- cache?: _backstage_backend_plugin_api.CacheService | undefined;
624
+ cache?: _backstage_backend_plugin_api.CacheService;
613
625
  }) => AuthProviderFactory$1;
614
626
  resolvers: Readonly<typeof _backstage_plugin_auth_backend_module_cloudflare_access_provider.cloudflareAccessSignInResolvers>;
615
627
  }>;
616
628
  gcpIap: Readonly<{
617
629
  create: (options: {
618
- authHandler?: AuthHandler<_backstage_plugin_auth_backend_module_gcp_iap_provider.GcpIapResult> | undefined;
630
+ authHandler?: AuthHandler<GcpIapResult>;
619
631
  signIn: {
620
- resolver: _backstage_plugin_auth_node.SignInResolver<_backstage_plugin_auth_backend_module_gcp_iap_provider.GcpIapResult>;
632
+ resolver: _backstage_plugin_auth_node.SignInResolver<GcpIapResult>;
621
633
  };
622
634
  }) => AuthProviderFactory$1;
623
635
  resolvers: never;
624
636
  }>;
625
637
  github: Readonly<{
626
638
  create: (options?: {
627
- authHandler?: AuthHandler<GithubOAuthResult> | undefined;
639
+ authHandler?: AuthHandler<GithubOAuthResult>;
628
640
  signIn?: {
629
641
  resolver: _backstage_plugin_auth_node.SignInResolver<GithubOAuthResult>;
630
- } | undefined;
631
- stateEncoder?: StateEncoder | undefined;
642
+ };
643
+ stateEncoder?: StateEncoder;
632
644
  } | undefined) => AuthProviderFactory$1;
633
645
  resolvers: Readonly<{
634
646
  usernameMatchingUserEntityName: () => _backstage_plugin_auth_node.SignInResolver<GithubOAuthResult>;
@@ -636,19 +648,19 @@ declare const providers: Readonly<{
636
648
  }>;
637
649
  gitlab: Readonly<{
638
650
  create: (options?: {
639
- authHandler?: AuthHandler<OAuthResult> | undefined;
651
+ authHandler?: AuthHandler<OAuthResult>;
640
652
  signIn?: {
641
653
  resolver: _backstage_plugin_auth_node.SignInResolver<OAuthResult>;
642
- } | undefined;
654
+ };
643
655
  } | undefined) => AuthProviderFactory$1;
644
656
  resolvers: never;
645
657
  }>;
646
658
  google: Readonly<{
647
659
  create: (options?: {
648
- authHandler?: AuthHandler<OAuthResult> | undefined;
660
+ authHandler?: AuthHandler<OAuthResult>;
649
661
  signIn?: {
650
662
  resolver: _backstage_plugin_auth_node.SignInResolver<OAuthResult>;
651
- } | undefined;
663
+ };
652
664
  } | undefined) => AuthProviderFactory$1;
653
665
  resolvers: Readonly<{
654
666
  emailMatchingUserEntityProfileEmail: () => _backstage_plugin_auth_node.SignInResolver<OAuthResult>;
@@ -658,10 +670,10 @@ declare const providers: Readonly<{
658
670
  }>;
659
671
  microsoft: Readonly<{
660
672
  create: (options?: {
661
- authHandler?: AuthHandler<OAuthResult> | undefined;
673
+ authHandler?: AuthHandler<OAuthResult>;
662
674
  signIn?: {
663
675
  resolver: _backstage_plugin_auth_node.SignInResolver<OAuthResult>;
664
- } | undefined;
676
+ };
665
677
  } | undefined) => AuthProviderFactory$1;
666
678
  resolvers: Readonly<{
667
679
  emailMatchingUserEntityProfileEmail: () => _backstage_plugin_auth_node.SignInResolver<OAuthResult>;
@@ -672,16 +684,16 @@ declare const providers: Readonly<{
672
684
  }>;
673
685
  oauth2: Readonly<{
674
686
  create: (options?: {
675
- authHandler?: AuthHandler<OAuthResult> | undefined;
687
+ authHandler?: AuthHandler<OAuthResult>;
676
688
  signIn?: {
677
689
  resolver: _backstage_plugin_auth_node.SignInResolver<OAuthResult>;
678
- } | undefined;
690
+ };
679
691
  } | undefined) => AuthProviderFactory$1;
680
692
  resolvers: never;
681
693
  }>;
682
694
  oauth2Proxy: Readonly<{
683
695
  create: (options: {
684
- authHandler?: AuthHandler<_backstage_plugin_auth_backend_module_oauth2_proxy_provider.OAuth2ProxyResult> | undefined;
696
+ authHandler?: AuthHandler<_backstage_plugin_auth_backend_module_oauth2_proxy_provider.OAuth2ProxyResult>;
685
697
  signIn: {
686
698
  resolver: _backstage_plugin_auth_node.SignInResolver<_backstage_plugin_auth_backend_module_oauth2_proxy_provider.OAuth2ProxyResult>;
687
699
  };
@@ -690,10 +702,10 @@ declare const providers: Readonly<{
690
702
  }>;
691
703
  oidc: Readonly<{
692
704
  create: (options?: {
693
- authHandler?: AuthHandler<_backstage_plugin_auth_backend_module_oidc_provider.OidcAuthResult> | undefined;
705
+ authHandler?: AuthHandler<_backstage_plugin_auth_backend_module_oidc_provider.OidcAuthResult>;
694
706
  signIn?: {
695
707
  resolver: _backstage_plugin_auth_node.SignInResolver<_backstage_plugin_auth_backend_module_oidc_provider.OidcAuthResult>;
696
- } | undefined;
708
+ };
697
709
  } | undefined) => AuthProviderFactory$1;
698
710
  resolvers: Readonly<{
699
711
  emailLocalPartMatchingUserEntityName: () => _backstage_plugin_auth_node.SignInResolver<unknown>;
@@ -702,10 +714,10 @@ declare const providers: Readonly<{
702
714
  }>;
703
715
  okta: Readonly<{
704
716
  create: (options?: {
705
- authHandler?: AuthHandler<OAuthResult> | undefined;
717
+ authHandler?: AuthHandler<OAuthResult>;
706
718
  signIn?: {
707
719
  resolver: _backstage_plugin_auth_node.SignInResolver<OAuthResult>;
708
- } | undefined;
720
+ };
709
721
  } | undefined) => AuthProviderFactory$1;
710
722
  resolvers: Readonly<{
711
723
  emailLocalPartMatchingUserEntityName: () => _backstage_plugin_auth_node.SignInResolver<unknown>;
@@ -715,19 +727,19 @@ declare const providers: Readonly<{
715
727
  }>;
716
728
  onelogin: Readonly<{
717
729
  create: (options?: {
718
- authHandler?: AuthHandler<OAuthResult> | undefined;
730
+ authHandler?: AuthHandler<OAuthResult>;
719
731
  signIn?: {
720
732
  resolver: _backstage_plugin_auth_node.SignInResolver<OAuthResult>;
721
- } | undefined;
733
+ };
722
734
  } | undefined) => AuthProviderFactory$1;
723
735
  resolvers: never;
724
736
  }>;
725
737
  saml: Readonly<{
726
738
  create: (options?: {
727
- authHandler?: AuthHandler<SamlAuthResult> | undefined;
739
+ authHandler?: AuthHandler<SamlAuthResult>;
728
740
  signIn?: {
729
741
  resolver: _backstage_plugin_auth_node.SignInResolver<SamlAuthResult>;
730
- } | undefined;
742
+ };
731
743
  } | undefined) => AuthProviderFactory$1;
732
744
  resolvers: Readonly<{
733
745
  nameIdMatchingUserEntityName(): _backstage_plugin_auth_node.SignInResolver<SamlAuthResult>;
@@ -735,7 +747,7 @@ declare const providers: Readonly<{
735
747
  }>;
736
748
  easyAuth: Readonly<{
737
749
  create: (options?: {
738
- authHandler?: AuthHandler<_backstage_plugin_auth_backend_module_azure_easyauth_provider.AzureEasyAuthResult> | undefined;
750
+ authHandler?: AuthHandler<_backstage_plugin_auth_backend_module_azure_easyauth_provider.AzureEasyAuthResult>;
739
751
  signIn: {
740
752
  resolver: _backstage_plugin_auth_node.SignInResolver<_backstage_plugin_auth_backend_module_azure_easyauth_provider.AzureEasyAuthResult>;
741
753
  };
@@ -747,6 +759,7 @@ declare const providers: Readonly<{
747
759
  * All auth provider factories that are installed by default.
748
760
  *
749
761
  * @public
762
+ * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin
750
763
  */
751
764
  declare const defaultAuthProviderFactories: {
752
765
  [providerId: string]: AuthProviderFactory$1;
@@ -760,6 +773,7 @@ declare const defaultAuthProviderFactories: {
760
773
  * supplies built-in sign-in resolvers for the specific provider.
761
774
  *
762
775
  * @public
776
+ * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin
763
777
  */
764
778
  declare function createAuthProviderIntegration<TCreateOptions extends unknown[], TResolvers extends {
765
779
  [name in string]: (...args: any[]) => SignInResolver$1<any>;
@@ -798,6 +812,7 @@ declare const ensuresXRequestedWith: (req: express.Request) => boolean;
798
812
  * A catalog client tailored for reading out identity data from the catalog.
799
813
  *
800
814
  * @public
815
+ * @deprecated Use the provided `AuthResolverContext` instead, see https://backstage.io/docs/auth/identity-resolver#building-custom-resolvers
801
816
  */
802
817
  declare class CatalogIdentityClient {
803
818
  private readonly catalogApi;
@@ -837,6 +852,7 @@ declare class CatalogIdentityClient {
837
852
  * A reference to the entity itself will also be included in the returned array.
838
853
  *
839
854
  * @public
855
+ * @deprecated use `ctx.resolveOwnershipEntityRefs(entity)` from the provided `AuthResolverContext` instead.
840
856
  */
841
857
  declare function getDefaultOwnershipEntityRefs(entity: Entity): string[];
842
858
 
package/dist/lib/catalog/CatalogIdentityClient.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"CatalogIdentityClient.cjs.js","sources":["../../../src/lib/catalog/CatalogIdentityClient.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n AuthService,\n DiscoveryService,\n HttpAuthService,\n LoggerService,\n} from '@backstage/backend-plugin-api';\nimport { ConflictError, NotFoundError } from '@backstage/errors';\nimport { CatalogApi } from '@backstage/catalog-client';\nimport {\n CompoundEntityRef,\n parseEntityRef,\n RELATION_MEMBER_OF,\n stringifyEntityRef,\n UserEntity,\n} from '@backstage/catalog-model';\nimport {\n TokenManager,\n createLegacyAuthAdapters,\n} from '@backstage/backend-common';\n\n/**\n * A catalog client tailored for reading out identity data from the catalog.\n *\n * @public\n */\nexport class CatalogIdentityClient {\n private readonly catalogApi: CatalogApi;\n private readonly auth: AuthService;\n\n constructor(options: {\n catalogApi: CatalogApi;\n tokenManager?: TokenManager;\n discovery: DiscoveryService;\n auth?: AuthService;\n httpAuth?: HttpAuthService;\n }) {\n this.catalogApi = options.catalogApi;\n\n const { auth } = createLegacyAuthAdapters({\n auth: options.auth,\n httpAuth: options.httpAuth,\n discovery: options.discovery,\n tokenManager: options.tokenManager,\n });\n\n this.auth = auth;\n }\n\n /**\n * Looks up a single user using a query.\n *\n * Throws a NotFoundError or ConflictError if 0 or multiple users are found.\n */\n async findUser(query: {\n annotations: Record<string, string>;\n }): Promise<UserEntity> {\n const filter: Record<string, string> = {\n kind: 'user',\n };\n for (const [key, value] of Object.entries(query.annotations)) {\n filter[`metadata.annotations.${key}`] = value;\n }\n\n const { token } = await this.auth.getPluginRequestToken({\n onBehalfOf: await this.auth.getOwnServiceCredentials(),\n targetPluginId: 'catalog',\n });\n\n const { items } = await this.catalogApi.getEntities({ filter }, { token });\n\n if (items.length !== 1) {\n if (items.length > 1) {\n throw new ConflictError('User lookup resulted in multiple matches');\n } else {\n throw new NotFoundError('User not found');\n }\n }\n\n return items[0] as UserEntity;\n }\n\n /**\n * Resolve additional entity claims from the catalog, using the passed-in entity names. Designed\n * to be used within a `signInResolver` where additional entity claims might be provided, but\n * group membership and transient group membership lean on imported catalog relations.\n *\n * Returns a superset of the entity names that can be passed directly to `issueToken` as `ent`.\n */\n async resolveCatalogMembership(query: {\n entityRefs: string[];\n logger?: LoggerService;\n }): Promise<string[]> {\n const { entityRefs, logger } = query;\n const resolvedEntityRefs = entityRefs\n .map((ref: string) => {\n try {\n const parsedRef = parseEntityRef(ref.toLocaleLowerCase('en-US'), {\n defaultKind: 'user',\n defaultNamespace: 'default',\n });\n return parsedRef;\n } catch {\n logger?.warn(`Failed to parse entityRef from ${ref}, ignoring`);\n return null;\n }\n })\n .filter((ref): ref is CompoundEntityRef => ref !== null);\n\n const filter = resolvedEntityRefs.map(ref => ({\n kind: ref.kind,\n 'metadata.namespace': ref.namespace,\n 'metadata.name': ref.name,\n }));\n\n const { token } = await this.auth.getPluginRequestToken({\n onBehalfOf: await this.auth.getOwnServiceCredentials(),\n targetPluginId: 'catalog',\n });\n\n const entities = await this.catalogApi\n .getEntities({ filter }, { token })\n .then(r => r.items);\n\n if (entityRefs.length !== entities.length) {\n const foundEntityNames = entities.map(stringifyEntityRef);\n const missingEntityNames = resolvedEntityRefs\n .map(stringifyEntityRef)\n .filter(s => !foundEntityNames.includes(s));\n logger?.debug(`Entities not found for refs ${missingEntityNames.join()}`);\n }\n\n const memberOf = entities.flatMap(\n e =>\n e!.relations\n ?.filter(r => r.type === RELATION_MEMBER_OF)\n .map(r => r.targetRef) ?? [],\n );\n\n const newEntityRefs = [\n ...new Set(resolvedEntityRefs.map(stringifyEntityRef).concat(memberOf)),\n ];\n\n logger?.debug(`Found catalog membership: ${newEntityRefs.join()}`);\n return newEntityRefs;\n }\n}\n"],"names":["createLegacyAuthAdapters","ConflictError","NotFoundError","parseEntityRef","stringifyEntityRef","RELATION_MEMBER_OF"],"mappings":";;;;;;AAyCO,MAAM,qBAAsB,CAAA;AAAA,EAChB,UAAA;AAAA,EACA,IAAA;AAAA,EAEjB,YAAY,OAMT,EAAA;AACD,IAAA,IAAA,CAAK,aAAa,OAAQ,CAAA,UAAA;AAE1B,IAAM,MAAA,EAAE,IAAK,EAAA,GAAIA,sCAAyB,CAAA;AAAA,MACxC,MAAM,OAAQ,CAAA,IAAA;AAAA,MACd,UAAU,OAAQ,CAAA,QAAA;AAAA,MAClB,WAAW,OAAQ,CAAA,SAAA;AAAA,MACnB,cAAc,OAAQ,CAAA;AAAA,KACvB,CAAA;AAED,IAAA,IAAA,CAAK,IAAO,GAAA,IAAA;AAAA;AACd;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,SAAS,KAES,EAAA;AACtB,IAAA,MAAM,MAAiC,GAAA;AAAA,MACrC,IAAM,EAAA;AAAA,KACR;AACA,IAAW,KAAA,MAAA,CAAC,KAAK,KAAK,CAAA,IAAK,OAAO,OAAQ,CAAA,KAAA,CAAM,WAAW,CAAG,EAAA;AAC5D,MAAO,MAAA,CAAA,CAAA,qBAAA,EAAwB,GAAG,CAAA,CAAE,CAAI,GAAA,KAAA;AAAA;AAG1C,IAAA,MAAM,EAAE,KAAM,EAAA,GAAI,MAAM,IAAA,CAAK,KAAK,qBAAsB,CAAA;AAAA,MACtD,UAAY,EAAA,MAAM,IAAK,CAAA,IAAA,CAAK,wBAAyB,EAAA;AAAA,MACrD,cAAgB,EAAA;AAAA,KACjB,CAAA;AAED,IAAA,MAAM,EAAE,KAAA,EAAU,GAAA,MAAM,IAAK,CAAA,UAAA,CAAW,WAAY,CAAA,EAAE,MAAO,EAAA,EAAG,EAAE,KAAA,EAAO,CAAA;AAEzE,IAAI,IAAA,KAAA,CAAM,WAAW,CAAG,EAAA;AACtB,MAAI,IAAA,KAAA,CAAM,SAAS,CAAG,EAAA;AACpB,QAAM,MAAA,IAAIC,qBAAc,0CAA0C,CAAA;AAAA,OAC7D,MAAA;AACL,QAAM,MAAA,IAAIC,qBAAc,gBAAgB,CAAA;AAAA;AAC1C;AAGF,IAAA,OAAO,MAAM,CAAC,CAAA;AAAA;AAChB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,yBAAyB,KAGT,EAAA;AACpB,IAAM,MAAA,EAAE,UAAY,EAAA,MAAA,EAAW,GAAA,KAAA;AAC/B,IAAA,MAAM,kBAAqB,GAAA,UAAA,CACxB,GAAI,CAAA,CAAC,GAAgB,KAAA;AACpB,MAAI,IAAA;AACF,QAAA,MAAM,SAAY,GAAAC,2BAAA,CAAe,GAAI,CAAA,iBAAA,CAAkB,OAAO,CAAG,EAAA;AAAA,UAC/D,WAAa,EAAA,MAAA;AAAA,UACb,gBAAkB,EAAA;AAAA,SACnB,CAAA;AACD,QAAO,OAAA,SAAA;AAAA,OACD,CAAA,MAAA;AACN,QAAQ,MAAA,EAAA,IAAA,CAAK,CAAkC,+BAAA,EAAA,GAAG,CAAY,UAAA,CAAA,CAAA;AAC9D,QAAO,OAAA,IAAA;AAAA;AACT,KACD,CACA,CAAA,MAAA,CAAO,CAAC,GAAA,KAAkC,QAAQ,IAAI,CAAA;AAEzD,IAAM,MAAA,MAAA,GAAS,kBAAmB,CAAA,GAAA,CAAI,CAAQ,GAAA,MAAA;AAAA,MAC5C,MAAM,GAAI,CAAA,IAAA;AAAA,MACV,sBAAsB,GAAI,CAAA,SAAA;AAAA,MAC1B,iBAAiB,GAAI,CAAA;AAAA,KACrB,CAAA,CAAA;AAEF,IAAA,MAAM,EAAE,KAAM,EAAA,GAAI,MAAM,IAAA,CAAK,KAAK,qBAAsB,CAAA;AAAA,MACtD,UAAY,EAAA,MAAM,IAAK,CAAA,IAAA,CAAK,wBAAyB,EAAA;AAAA,MACrD,cAAgB,EAAA;AAAA,KACjB,CAAA;AAED,IAAA,MAAM,QAAW,GAAA,MAAM,IAAK,CAAA,UAAA,CACzB,YAAY,EAAE,MAAA,EAAU,EAAA,EAAE,OAAO,CAAA,CACjC,IAAK,CAAA,CAAA,CAAA,KAAK,EAAE,KAAK,CAAA;AAEpB,IAAI,IAAA,UAAA,CAAW,MAAW,KAAA,QAAA,CAAS,MAAQ,EAAA;AACzC,MAAM,MAAA,gBAAA,GAAmB,QAAS,CAAA,GAAA,CAAIC,+BAAkB,CAAA;AACxD,MAAM,MAAA,kBAAA,GAAqB,kBACxB,CAAA,GAAA,CAAIA,+BAAkB,CAAA,CACtB,MAAO,CAAA,CAAA,CAAA,KAAK,CAAC,gBAAA,CAAiB,QAAS,CAAA,CAAC,CAAC,CAAA;AAC5C,MAAA,MAAA,EAAQ,KAAM,CAAA,CAAA,4BAAA,EAA+B,kBAAmB,CAAA,IAAA,EAAM,CAAE,CAAA,CAAA;AAAA;AAG1E,IAAA,MAAM,WAAW,QAAS,CAAA,OAAA;AAAA,MACxB,CACE,CAAA,KAAA,CAAA,CAAG,SACC,EAAA,MAAA,CAAO,OAAK,CAAE,CAAA,IAAA,KAASC,+BAAkB,CAAA,CAC1C,GAAI,CAAA,CAAA,CAAA,KAAK,CAAE,CAAA,SAAS,KAAK;AAAC,KACjC;AAEA,IAAA,MAAM,aAAgB,GAAA;AAAA,MACpB,GAAG,IAAI,GAAI,CAAA,kBAAA,CAAmB,IAAID,+BAAkB,CAAA,CAAE,MAAO,CAAA,QAAQ,CAAC;AAAA,KACxE;AAEA,IAAA,MAAA,EAAQ,KAAM,CAAA,CAAA,0BAAA,EAA6B,aAAc,CAAA,IAAA,EAAM,CAAE,CAAA,CAAA;AACjE,IAAO,OAAA,aAAA;AAAA;AAEX;;;;"}
1
+ {"version":3,"file":"CatalogIdentityClient.cjs.js","sources":["../../../src/lib/catalog/CatalogIdentityClient.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n AuthService,\n DiscoveryService,\n HttpAuthService,\n LoggerService,\n} from '@backstage/backend-plugin-api';\nimport { ConflictError, NotFoundError } from '@backstage/errors';\nimport { CatalogApi } from '@backstage/catalog-client';\nimport {\n CompoundEntityRef,\n parseEntityRef,\n RELATION_MEMBER_OF,\n stringifyEntityRef,\n UserEntity,\n} from '@backstage/catalog-model';\nimport {\n TokenManager,\n createLegacyAuthAdapters,\n} from '@backstage/backend-common';\n\n/**\n * A catalog client tailored for reading out identity data from the catalog.\n *\n * @public\n * @deprecated Use the provided `AuthResolverContext` instead, see https://backstage.io/docs/auth/identity-resolver#building-custom-resolvers\n */\nexport class CatalogIdentityClient {\n private readonly catalogApi: CatalogApi;\n private readonly auth: AuthService;\n\n constructor(options: {\n catalogApi: CatalogApi;\n tokenManager?: TokenManager;\n discovery: DiscoveryService;\n auth?: AuthService;\n httpAuth?: HttpAuthService;\n }) {\n this.catalogApi = options.catalogApi;\n\n const { auth } = createLegacyAuthAdapters({\n auth: options.auth,\n httpAuth: options.httpAuth,\n discovery: options.discovery,\n tokenManager: options.tokenManager,\n });\n\n this.auth = auth;\n }\n\n /**\n * Looks up a single user using a query.\n *\n * Throws a NotFoundError or ConflictError if 0 or multiple users are found.\n */\n async findUser(query: {\n annotations: Record<string, string>;\n }): Promise<UserEntity> {\n const filter: Record<string, string> = {\n kind: 'user',\n };\n for (const [key, value] of Object.entries(query.annotations)) {\n filter[`metadata.annotations.${key}`] = value;\n }\n\n const { token } = await this.auth.getPluginRequestToken({\n onBehalfOf: await this.auth.getOwnServiceCredentials(),\n targetPluginId: 'catalog',\n });\n\n const { items } = await this.catalogApi.getEntities({ filter }, { token });\n\n if (items.length !== 1) {\n if (items.length > 1) {\n throw new ConflictError('User lookup resulted in multiple matches');\n } else {\n throw new NotFoundError('User not found');\n }\n }\n\n return items[0] as UserEntity;\n }\n\n /**\n * Resolve additional entity claims from the catalog, using the passed-in entity names. Designed\n * to be used within a `signInResolver` where additional entity claims might be provided, but\n * group membership and transient group membership lean on imported catalog relations.\n *\n * Returns a superset of the entity names that can be passed directly to `issueToken` as `ent`.\n */\n async resolveCatalogMembership(query: {\n entityRefs: string[];\n logger?: LoggerService;\n }): Promise<string[]> {\n const { entityRefs, logger } = query;\n const resolvedEntityRefs = entityRefs\n .map((ref: string) => {\n try {\n const parsedRef = parseEntityRef(ref.toLocaleLowerCase('en-US'), {\n defaultKind: 'user',\n defaultNamespace: 'default',\n });\n return parsedRef;\n } catch {\n logger?.warn(`Failed to parse entityRef from ${ref}, ignoring`);\n return null;\n }\n })\n .filter((ref): ref is CompoundEntityRef => ref !== null);\n\n const filter = resolvedEntityRefs.map(ref => ({\n kind: ref.kind,\n 'metadata.namespace': ref.namespace,\n 'metadata.name': ref.name,\n }));\n\n const { token } = await this.auth.getPluginRequestToken({\n onBehalfOf: await this.auth.getOwnServiceCredentials(),\n targetPluginId: 'catalog',\n });\n\n const entities = await this.catalogApi\n .getEntities({ filter }, { token })\n .then(r => r.items);\n\n if (entityRefs.length !== entities.length) {\n const foundEntityNames = entities.map(stringifyEntityRef);\n const missingEntityNames = resolvedEntityRefs\n .map(stringifyEntityRef)\n .filter(s => !foundEntityNames.includes(s));\n logger?.debug(`Entities not found for refs ${missingEntityNames.join()}`);\n }\n\n const memberOf = entities.flatMap(\n e =>\n e!.relations\n ?.filter(r => r.type === RELATION_MEMBER_OF)\n .map(r => r.targetRef) ?? [],\n );\n\n const newEntityRefs = [\n ...new Set(resolvedEntityRefs.map(stringifyEntityRef).concat(memberOf)),\n ];\n\n logger?.debug(`Found catalog membership: ${newEntityRefs.join()}`);\n return newEntityRefs;\n }\n}\n"],"names":["createLegacyAuthAdapters","ConflictError","NotFoundError","parseEntityRef","stringifyEntityRef","RELATION_MEMBER_OF"],"mappings":";;;;;;AA0CO,MAAM,qBAAsB,CAAA;AAAA,EAChB,UAAA;AAAA,EACA,IAAA;AAAA,EAEjB,YAAY,OAMT,EAAA;AACD,IAAA,IAAA,CAAK,aAAa,OAAQ,CAAA,UAAA;AAE1B,IAAM,MAAA,EAAE,IAAK,EAAA,GAAIA,sCAAyB,CAAA;AAAA,MACxC,MAAM,OAAQ,CAAA,IAAA;AAAA,MACd,UAAU,OAAQ,CAAA,QAAA;AAAA,MAClB,WAAW,OAAQ,CAAA,SAAA;AAAA,MACnB,cAAc,OAAQ,CAAA;AAAA,KACvB,CAAA;AAED,IAAA,IAAA,CAAK,IAAO,GAAA,IAAA;AAAA;AACd;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,SAAS,KAES,EAAA;AACtB,IAAA,MAAM,MAAiC,GAAA;AAAA,MACrC,IAAM,EAAA;AAAA,KACR;AACA,IAAW,KAAA,MAAA,CAAC,KAAK,KAAK,CAAA,IAAK,OAAO,OAAQ,CAAA,KAAA,CAAM,WAAW,CAAG,EAAA;AAC5D,MAAO,MAAA,CAAA,CAAA,qBAAA,EAAwB,GAAG,CAAA,CAAE,CAAI,GAAA,KAAA;AAAA;AAG1C,IAAA,MAAM,EAAE,KAAM,EAAA,GAAI,MAAM,IAAA,CAAK,KAAK,qBAAsB,CAAA;AAAA,MACtD,UAAY,EAAA,MAAM,IAAK,CAAA,IAAA,CAAK,wBAAyB,EAAA;AAAA,MACrD,cAAgB,EAAA;AAAA,KACjB,CAAA;AAED,IAAA,MAAM,EAAE,KAAA,EAAU,GAAA,MAAM,IAAK,CAAA,UAAA,CAAW,WAAY,CAAA,EAAE,MAAO,EAAA,EAAG,EAAE,KAAA,EAAO,CAAA;AAEzE,IAAI,IAAA,KAAA,CAAM,WAAW,CAAG,EAAA;AACtB,MAAI,IAAA,KAAA,CAAM,SAAS,CAAG,EAAA;AACpB,QAAM,MAAA,IAAIC,qBAAc,0CAA0C,CAAA;AAAA,OAC7D,MAAA;AACL,QAAM,MAAA,IAAIC,qBAAc,gBAAgB,CAAA;AAAA;AAC1C;AAGF,IAAA,OAAO,MAAM,CAAC,CAAA;AAAA;AAChB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,yBAAyB,KAGT,EAAA;AACpB,IAAM,MAAA,EAAE,UAAY,EAAA,MAAA,EAAW,GAAA,KAAA;AAC/B,IAAA,MAAM,kBAAqB,GAAA,UAAA,CACxB,GAAI,CAAA,CAAC,GAAgB,KAAA;AACpB,MAAI,IAAA;AACF,QAAA,MAAM,SAAY,GAAAC,2BAAA,CAAe,GAAI,CAAA,iBAAA,CAAkB,OAAO,CAAG,EAAA;AAAA,UAC/D,WAAa,EAAA,MAAA;AAAA,UACb,gBAAkB,EAAA;AAAA,SACnB,CAAA;AACD,QAAO,OAAA,SAAA;AAAA,OACD,CAAA,MAAA;AACN,QAAQ,MAAA,EAAA,IAAA,CAAK,CAAkC,+BAAA,EAAA,GAAG,CAAY,UAAA,CAAA,CAAA;AAC9D,QAAO,OAAA,IAAA;AAAA;AACT,KACD,CACA,CAAA,MAAA,CAAO,CAAC,GAAA,KAAkC,QAAQ,IAAI,CAAA;AAEzD,IAAM,MAAA,MAAA,GAAS,kBAAmB,CAAA,GAAA,CAAI,CAAQ,GAAA,MAAA;AAAA,MAC5C,MAAM,GAAI,CAAA,IAAA;AAAA,MACV,sBAAsB,GAAI,CAAA,SAAA;AAAA,MAC1B,iBAAiB,GAAI,CAAA;AAAA,KACrB,CAAA,CAAA;AAEF,IAAA,MAAM,EAAE,KAAM,EAAA,GAAI,MAAM,IAAA,CAAK,KAAK,qBAAsB,CAAA;AAAA,MACtD,UAAY,EAAA,MAAM,IAAK,CAAA,IAAA,CAAK,wBAAyB,EAAA;AAAA,MACrD,cAAgB,EAAA;AAAA,KACjB,CAAA;AAED,IAAA,MAAM,QAAW,GAAA,MAAM,IAAK,CAAA,UAAA,CACzB,YAAY,EAAE,MAAA,EAAU,EAAA,EAAE,OAAO,CAAA,CACjC,IAAK,CAAA,CAAA,CAAA,KAAK,EAAE,KAAK,CAAA;AAEpB,IAAI,IAAA,UAAA,CAAW,MAAW,KAAA,QAAA,CAAS,MAAQ,EAAA;AACzC,MAAM,MAAA,gBAAA,GAAmB,QAAS,CAAA,GAAA,CAAIC,+BAAkB,CAAA;AACxD,MAAM,MAAA,kBAAA,GAAqB,kBACxB,CAAA,GAAA,CAAIA,+BAAkB,CAAA,CACtB,MAAO,CAAA,CAAA,CAAA,KAAK,CAAC,gBAAA,CAAiB,QAAS,CAAA,CAAC,CAAC,CAAA;AAC5C,MAAA,MAAA,EAAQ,KAAM,CAAA,CAAA,4BAAA,EAA+B,kBAAmB,CAAA,IAAA,EAAM,CAAE,CAAA,CAAA;AAAA;AAG1E,IAAA,MAAM,WAAW,QAAS,CAAA,OAAA;AAAA,MACxB,CACE,CAAA,KAAA,CAAA,CAAG,SACC,EAAA,MAAA,CAAO,OAAK,CAAE,CAAA,IAAA,KAASC,+BAAkB,CAAA,CAC1C,GAAI,CAAA,CAAA,CAAA,KAAK,CAAE,CAAA,SAAS,KAAK;AAAC,KACjC;AAEA,IAAA,MAAM,aAAgB,GAAA;AAAA,MACpB,GAAG,IAAI,GAAI,CAAA,kBAAA,CAAmB,IAAID,+BAAkB,CAAA,CAAE,MAAO,CAAA,QAAQ,CAAC;AAAA,KACxE;AAEA,IAAA,MAAA,EAAQ,KAAM,CAAA,CAAA,0BAAA,EAA6B,aAAc,CAAA,IAAA,EAAM,CAAE,CAAA,CAAA;AACjE,IAAO,OAAA,aAAA;AAAA;AAEX;;;;"}
package/dist/lib/resolvers/CatalogAuthResolverContext.cjs.js CHANGED
@@ -94,21 +94,23 @@ class CatalogAuthResolverContext {
94
94
  }
95
95
  async signInWithCatalogUser(query) {
96
96
  const { entity } = await this.findCatalogUser(query);
97
- let ent;
98
- if (this.ownershipResolver) {
99
- const { ownershipEntityRefs } = await this.ownershipResolver.resolveOwnershipEntityRefs(entity);
100
- ent = ownershipEntityRefs;
101
- } else {
102
- ent = getDefaultOwnershipEntityRefs(entity);
103
- }
97
+ const { ownershipEntityRefs } = await this.resolveOwnershipEntityRefs(
98
+ entity
99
+ );
104
100
  const token = await this.tokenIssuer.issueToken({
105
101
  claims: {
106
102
  sub: catalogModel.stringifyEntityRef(entity),
107
- ent
103
+ ent: ownershipEntityRefs
108
104
  }
109
105
  });
110
106
  return { token };
111
107
  }
108
+ async resolveOwnershipEntityRefs(entity) {
109
+ if (this.ownershipResolver) {
110
+ return this.ownershipResolver.resolveOwnershipEntityRefs(entity);
111
+ }
112
+ return { ownershipEntityRefs: getDefaultOwnershipEntityRefs(entity) };
113
+ }
112
114
  }
113
115
 
114
116
  exports.CatalogAuthResolverContext = CatalogAuthResolverContext;
package/dist/lib/resolvers/CatalogAuthResolverContext.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"CatalogAuthResolverContext.cjs.js","sources":["../../../src/lib/resolvers/CatalogAuthResolverContext.ts"],"sourcesContent":["/*\n * Copyright 2022 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { TokenManager } from '@backstage/backend-common';\nimport { CatalogApi } from '@backstage/catalog-client';\nimport {\n DEFAULT_NAMESPACE,\n Entity,\n parseEntityRef,\n RELATION_MEMBER_OF,\n stringifyEntityRef,\n} from '@backstage/catalog-model';\nimport { ConflictError, InputError, NotFoundError } from '@backstage/errors';\nimport {\n AuthService,\n DiscoveryService,\n HttpAuthService,\n LoggerService,\n} from '@backstage/backend-plugin-api';\nimport { TokenIssuer } from '../../identity/types';\nimport {\n AuthOwnershipResolver,\n AuthResolverCatalogUserQuery,\n AuthResolverContext,\n TokenParams,\n} from '@backstage/plugin-auth-node';\nimport { CatalogIdentityClient } from '../catalog';\n\n/**\n * Uses the default ownership resolution logic to return an array\n * of entity refs that the provided entity claims ownership through.\n *\n * A reference to the entity itself will also be included in the returned array.\n *\n * @public\n */\nexport function getDefaultOwnershipEntityRefs(entity: Entity) {\n const membershipRefs =\n entity.relations\n ?.filter(\n r => r.type === RELATION_MEMBER_OF && r.targetRef.startsWith('group:'),\n )\n .map(r => r.targetRef) ?? [];\n\n return Array.from(new Set([stringifyEntityRef(entity), ...membershipRefs]));\n}\n\n/**\n * @internal\n */\nexport class CatalogAuthResolverContext implements AuthResolverContext {\n static create(options: {\n logger: LoggerService;\n catalogApi: CatalogApi;\n tokenIssuer: TokenIssuer;\n tokenManager?: TokenManager;\n discovery: DiscoveryService;\n auth: AuthService;\n httpAuth: HttpAuthService;\n ownershipResolver?: AuthOwnershipResolver;\n }): CatalogAuthResolverContext {\n const catalogIdentityClient = new CatalogIdentityClient({\n catalogApi: options.catalogApi,\n tokenManager: options.tokenManager,\n discovery: options.discovery,\n auth: options.auth,\n httpAuth: options.httpAuth,\n });\n\n return new CatalogAuthResolverContext(\n options.logger,\n options.tokenIssuer,\n catalogIdentityClient,\n options.catalogApi,\n options.auth,\n options.ownershipResolver,\n );\n }\n\n private constructor(\n public readonly logger: LoggerService,\n public readonly tokenIssuer: TokenIssuer,\n public readonly catalogIdentityClient: CatalogIdentityClient,\n private readonly catalogApi: CatalogApi,\n private readonly auth: AuthService,\n private readonly ownershipResolver?: AuthOwnershipResolver,\n ) {}\n\n async issueToken(params: TokenParams) {\n const token = await this.tokenIssuer.issueToken(params);\n return { token };\n }\n\n async findCatalogUser(query: AuthResolverCatalogUserQuery) {\n let result: Entity[] | Entity | undefined = undefined;\n const { token } = await this.auth.getPluginRequestToken({\n onBehalfOf: await this.auth.getOwnServiceCredentials(),\n targetPluginId: 'catalog',\n });\n\n if ('entityRef' in query) {\n const entityRef = parseEntityRef(query.entityRef, {\n defaultKind: 'User',\n defaultNamespace: DEFAULT_NAMESPACE,\n });\n result = await this.catalogApi.getEntityByRef(entityRef, { token });\n } else if ('annotations' in query) {\n const filter: Record<string, string> = {\n kind: 'user',\n };\n for (const [key, value] of Object.entries(query.annotations)) {\n filter[`metadata.annotations.${key}`] = value;\n }\n const res = await this.catalogApi.getEntities({ filter }, { token });\n result = res.items;\n } else if ('filter' in query) {\n const filter = [query.filter].flat().map(value => {\n if (\n !Object.keys(value).some(\n key => key.toLocaleLowerCase('en-US') === 'kind',\n )\n ) {\n return {\n ...value,\n kind: 'user',\n };\n }\n return value;\n });\n const res = await this.catalogApi.getEntities(\n { filter: filter },\n { token },\n );\n result = res.items;\n } else {\n throw new InputError('Invalid user lookup query');\n }\n\n if (Array.isArray(result)) {\n if (result.length > 1) {\n throw new ConflictError('User lookup resulted in multiple matches');\n }\n result = result[0];\n }\n if (!result) {\n throw new NotFoundError('User not found');\n }\n\n return { entity: result };\n }\n\n async signInWithCatalogUser(query: AuthResolverCatalogUserQuery) {\n const { entity } = await this.findCatalogUser(query);\n let ent: string[];\n if (this.ownershipResolver) {\n const { ownershipEntityRefs } =\n await this.ownershipResolver.resolveOwnershipEntityRefs(entity);\n ent = ownershipEntityRefs;\n } else {\n ent = getDefaultOwnershipEntityRefs(entity);\n }\n\n const token = await this.tokenIssuer.issueToken({\n claims: {\n sub: stringifyEntityRef(entity),\n ent,\n },\n });\n return { token };\n }\n}\n"],"names":["RELATION_MEMBER_OF","stringifyEntityRef","CatalogIdentityClient","parseEntityRef","DEFAULT_NAMESPACE","InputError","ConflictError","NotFoundError"],"mappings":";;;;;;AAiDO,SAAS,8BAA8B,MAAgB,EAAA;AAC5D,EAAM,MAAA,cAAA,GACJ,OAAO,SACH,EAAA,MAAA;AAAA,IACA,OAAK,CAAE,CAAA,IAAA,KAASA,mCAAsB,CAAE,CAAA,SAAA,CAAU,WAAW,QAAQ;AAAA,IAEtE,GAAI,CAAA,CAAA,CAAA,KAAK,CAAE,CAAA,SAAS,KAAK,EAAC;AAE/B,EAAO,OAAA,KAAA,CAAM,IAAK,iBAAA,IAAI,GAAI,CAAA,CAACC,+BAAmB,CAAA,MAAM,CAAG,EAAA,GAAG,cAAc,CAAC,CAAC,CAAA;AAC5E;AAKO,MAAM,0BAA0D,CAAA;AAAA,EA6B7D,YACU,MACA,EAAA,WAAA,EACA,qBACC,EAAA,UAAA,EACA,MACA,iBACjB,EAAA;AANgB,IAAA,IAAA,CAAA,MAAA,GAAA,MAAA;AACA,IAAA,IAAA,CAAA,WAAA,GAAA,WAAA;AACA,IAAA,IAAA,CAAA,qBAAA,GAAA,qBAAA;AACC,IAAA,IAAA,CAAA,UAAA,GAAA,UAAA;AACA,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AACA,IAAA,IAAA,CAAA,iBAAA,GAAA,iBAAA;AAAA;AAChB,EAnCH,OAAO,OAAO,OASiB,EAAA;AAC7B,IAAM,MAAA,qBAAA,GAAwB,IAAIC,2CAAsB,CAAA;AAAA,MACtD,YAAY,OAAQ,CAAA,UAAA;AAAA,MACpB,cAAc,OAAQ,CAAA,YAAA;AAAA,MACtB,WAAW,OAAQ,CAAA,SAAA;AAAA,MACnB,MAAM,OAAQ,CAAA,IAAA;AAAA,MACd,UAAU,OAAQ,CAAA;AAAA,KACnB,CAAA;AAED,IAAA,OAAO,IAAI,0BAAA;AAAA,MACT,OAAQ,CAAA,MAAA;AAAA,MACR,OAAQ,CAAA,WAAA;AAAA,MACR,qBAAA;AAAA,MACA,OAAQ,CAAA,UAAA;AAAA,MACR,OAAQ,CAAA,IAAA;AAAA,MACR,OAAQ,CAAA;AAAA,KACV;AAAA;AACF,EAWA,MAAM,WAAW,MAAqB,EAAA;AACpC,IAAA,MAAM,KAAQ,GAAA,MAAM,IAAK,CAAA,WAAA,CAAY,WAAW,MAAM,CAAA;AACtD,IAAA,OAAO,EAAE,KAAM,EAAA;AAAA;AACjB,EAEA,MAAM,gBAAgB,KAAqC,EAAA;AACzD,IAAA,IAAI,MAAwC,GAAA,KAAA,CAAA;AAC5C,IAAA,MAAM,EAAE,KAAM,EAAA,GAAI,MAAM,IAAA,CAAK,KAAK,qBAAsB,CAAA;AAAA,MACtD,UAAY,EAAA,MAAM,IAAK,CAAA,IAAA,CAAK,wBAAyB,EAAA;AAAA,MACrD,cAAgB,EAAA;AAAA,KACjB,CAAA;AAED,IAAA,IAAI,eAAe,KAAO,EAAA;AACxB,MAAM,MAAA,SAAA,GAAYC,2BAAe,CAAA,KAAA,CAAM,SAAW,EAAA;AAAA,QAChD,WAAa,EAAA,MAAA;AAAA,QACb,gBAAkB,EAAAC;AAAA,OACnB,CAAA;AACD,MAAA,MAAA,GAAS,MAAM,IAAK,CAAA,UAAA,CAAW,eAAe,SAAW,EAAA,EAAE,OAAO,CAAA;AAAA,KACpE,MAAA,IAAW,iBAAiB,KAAO,EAAA;AACjC,MAAA,MAAM,MAAiC,GAAA;AAAA,QACrC,IAAM,EAAA;AAAA,OACR;AACA,MAAW,KAAA,MAAA,CAAC,KAAK,KAAK,CAAA,IAAK,OAAO,OAAQ,CAAA,KAAA,CAAM,WAAW,CAAG,EAAA;AAC5D,QAAO,MAAA,CAAA,CAAA,qBAAA,EAAwB,GAAG,CAAA,CAAE,CAAI,GAAA,KAAA;AAAA;AAE1C,MAAM,MAAA,GAAA,GAAM,MAAM,IAAA,CAAK,UAAW,CAAA,WAAA,CAAY,EAAE,MAAO,EAAA,EAAG,EAAE,KAAA,EAAO,CAAA;AACnE,MAAA,MAAA,GAAS,GAAI,CAAA,KAAA;AAAA,KACf,MAAA,IAAW,YAAY,KAAO,EAAA;AAC5B,MAAM,MAAA,MAAA,GAAS,CAAC,KAAM,CAAA,MAAM,EAAE,IAAK,EAAA,CAAE,IAAI,CAAS,KAAA,KAAA;AAChD,QAAA,IACE,CAAC,MAAA,CAAO,IAAK,CAAA,KAAK,CAAE,CAAA,IAAA;AAAA,UAClB,CAAO,GAAA,KAAA,GAAA,CAAI,iBAAkB,CAAA,OAAO,CAAM,KAAA;AAAA,SAE5C,EAAA;AACA,UAAO,OAAA;AAAA,YACL,GAAG,KAAA;AAAA,YACH,IAAM,EAAA;AAAA,WACR;AAAA;AAEF,QAAO,OAAA,KAAA;AAAA,OACR,CAAA;AACD,MAAM,MAAA,GAAA,GAAM,MAAM,IAAA,CAAK,UAAW,CAAA,WAAA;AAAA,QAChC,EAAE,MAAe,EAAA;AAAA,QACjB,EAAE,KAAM;AAAA,OACV;AACA,MAAA,MAAA,GAAS,GAAI,CAAA,KAAA;AAAA,KACR,MAAA;AACL,MAAM,MAAA,IAAIC,kBAAW,2BAA2B,CAAA;AAAA;AAGlD,IAAI,IAAA,KAAA,CAAM,OAAQ,CAAA,MAAM,CAAG,EAAA;AACzB,MAAI,IAAA,MAAA,CAAO,SAAS,CAAG,EAAA;AACrB,QAAM,MAAA,IAAIC,qBAAc,0CAA0C,CAAA;AAAA;AAEpE,MAAA,MAAA,GAAS,OAAO,CAAC,CAAA;AAAA;AAEnB,IAAA,IAAI,CAAC,MAAQ,EAAA;AACX,MAAM,MAAA,IAAIC,qBAAc,gBAAgB,CAAA;AAAA;AAG1C,IAAO,OAAA,EAAE,QAAQ,MAAO,EAAA;AAAA;AAC1B,EAEA,MAAM,sBAAsB,KAAqC,EAAA;AAC/D,IAAA,MAAM,EAAE,MAAO,EAAA,GAAI,MAAM,IAAA,CAAK,gBAAgB,KAAK,CAAA;AACnD,IAAI,IAAA,GAAA;AACJ,IAAA,IAAI,KAAK,iBAAmB,EAAA;AAC1B,MAAA,MAAM,EAAE,mBAAoB,EAAA,GAC1B,MAAM,IAAK,CAAA,iBAAA,CAAkB,2BAA2B,MAAM,CAAA;AAChE,MAAM,GAAA,GAAA,mBAAA;AAAA,KACD,MAAA;AACL,MAAA,GAAA,GAAM,8BAA8B,MAAM,CAAA;AAAA;AAG5C,IAAA,MAAM,KAAQ,GAAA,MAAM,IAAK,CAAA,WAAA,CAAY,UAAW,CAAA;AAAA,MAC9C,MAAQ,EAAA;AAAA,QACN,GAAA,EAAKN,gCAAmB,MAAM,CAAA;AAAA,QAC9B;AAAA;AACF,KACD,CAAA;AACD,IAAA,OAAO,EAAE,KAAM,EAAA;AAAA;AAEnB;;;;;"}
1
+ {"version":3,"file":"CatalogAuthResolverContext.cjs.js","sources":["../../../src/lib/resolvers/CatalogAuthResolverContext.ts"],"sourcesContent":["/*\n * Copyright 2022 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { TokenManager } from '@backstage/backend-common';\nimport { CatalogApi } from '@backstage/catalog-client';\nimport {\n DEFAULT_NAMESPACE,\n Entity,\n parseEntityRef,\n RELATION_MEMBER_OF,\n stringifyEntityRef,\n} from '@backstage/catalog-model';\nimport { ConflictError, InputError, NotFoundError } from '@backstage/errors';\nimport {\n AuthService,\n DiscoveryService,\n HttpAuthService,\n LoggerService,\n} from '@backstage/backend-plugin-api';\nimport { TokenIssuer } from '../../identity/types';\nimport {\n AuthOwnershipResolver,\n AuthResolverCatalogUserQuery,\n AuthResolverContext,\n TokenParams,\n} from '@backstage/plugin-auth-node';\nimport { CatalogIdentityClient } from '../catalog';\n\n/**\n * Uses the default ownership resolution logic to return an array\n * of entity refs that the provided entity claims ownership through.\n *\n * A reference to the entity itself will also be included in the returned array.\n *\n * @public\n * @deprecated use `ctx.resolveOwnershipEntityRefs(entity)` from the provided `AuthResolverContext` instead.\n */\nexport function getDefaultOwnershipEntityRefs(entity: Entity) {\n const membershipRefs =\n entity.relations\n ?.filter(\n r => r.type === RELATION_MEMBER_OF && r.targetRef.startsWith('group:'),\n )\n .map(r => r.targetRef) ?? [];\n\n return Array.from(new Set([stringifyEntityRef(entity), ...membershipRefs]));\n}\n\n/**\n * @internal\n */\nexport class CatalogAuthResolverContext implements AuthResolverContext {\n static create(options: {\n logger: LoggerService;\n catalogApi: CatalogApi;\n tokenIssuer: TokenIssuer;\n tokenManager?: TokenManager;\n discovery: DiscoveryService;\n auth: AuthService;\n httpAuth: HttpAuthService;\n ownershipResolver?: AuthOwnershipResolver;\n }): CatalogAuthResolverContext {\n const catalogIdentityClient = new CatalogIdentityClient({\n catalogApi: options.catalogApi,\n tokenManager: options.tokenManager,\n discovery: options.discovery,\n auth: options.auth,\n httpAuth: options.httpAuth,\n });\n\n return new CatalogAuthResolverContext(\n options.logger,\n options.tokenIssuer,\n catalogIdentityClient,\n options.catalogApi,\n options.auth,\n options.ownershipResolver,\n );\n }\n\n private constructor(\n public readonly logger: LoggerService,\n public readonly tokenIssuer: TokenIssuer,\n public readonly catalogIdentityClient: CatalogIdentityClient,\n private readonly catalogApi: CatalogApi,\n private readonly auth: AuthService,\n private readonly ownershipResolver?: AuthOwnershipResolver,\n ) {}\n\n async issueToken(params: TokenParams) {\n const token = await this.tokenIssuer.issueToken(params);\n return { token };\n }\n\n async findCatalogUser(query: AuthResolverCatalogUserQuery) {\n let result: Entity[] | Entity | undefined = undefined;\n const { token } = await this.auth.getPluginRequestToken({\n onBehalfOf: await this.auth.getOwnServiceCredentials(),\n targetPluginId: 'catalog',\n });\n\n if ('entityRef' in query) {\n const entityRef = parseEntityRef(query.entityRef, {\n defaultKind: 'User',\n defaultNamespace: DEFAULT_NAMESPACE,\n });\n result = await this.catalogApi.getEntityByRef(entityRef, { token });\n } else if ('annotations' in query) {\n const filter: Record<string, string> = {\n kind: 'user',\n };\n for (const [key, value] of Object.entries(query.annotations)) {\n filter[`metadata.annotations.${key}`] = value;\n }\n const res = await this.catalogApi.getEntities({ filter }, { token });\n result = res.items;\n } else if ('filter' in query) {\n const filter = [query.filter].flat().map(value => {\n if (\n !Object.keys(value).some(\n key => key.toLocaleLowerCase('en-US') === 'kind',\n )\n ) {\n return {\n ...value,\n kind: 'user',\n };\n }\n return value;\n });\n const res = await this.catalogApi.getEntities(\n { filter: filter },\n { token },\n );\n result = res.items;\n } else {\n throw new InputError('Invalid user lookup query');\n }\n\n if (Array.isArray(result)) {\n if (result.length > 1) {\n throw new ConflictError('User lookup resulted in multiple matches');\n }\n result = result[0];\n }\n if (!result) {\n throw new NotFoundError('User not found');\n }\n\n return { entity: result };\n }\n\n async signInWithCatalogUser(query: AuthResolverCatalogUserQuery) {\n const { entity } = await this.findCatalogUser(query);\n\n const { ownershipEntityRefs } = await this.resolveOwnershipEntityRefs(\n entity,\n );\n\n const token = await this.tokenIssuer.issueToken({\n claims: {\n sub: stringifyEntityRef(entity),\n ent: ownershipEntityRefs,\n },\n });\n return { token };\n }\n\n async resolveOwnershipEntityRefs(\n entity: Entity,\n ): Promise<{ ownershipEntityRefs: string[] }> {\n if (this.ownershipResolver) {\n return this.ownershipResolver.resolveOwnershipEntityRefs(entity);\n }\n return { ownershipEntityRefs: getDefaultOwnershipEntityRefs(entity) };\n }\n}\n"],"names":["RELATION_MEMBER_OF","stringifyEntityRef","CatalogIdentityClient","parseEntityRef","DEFAULT_NAMESPACE","InputError","ConflictError","NotFoundError"],"mappings":";;;;;;AAkDO,SAAS,8BAA8B,MAAgB,EAAA;AAC5D,EAAM,MAAA,cAAA,GACJ,OAAO,SACH,EAAA,MAAA;AAAA,IACA,OAAK,CAAE,CAAA,IAAA,KAASA,mCAAsB,CAAE,CAAA,SAAA,CAAU,WAAW,QAAQ;AAAA,IAEtE,GAAI,CAAA,CAAA,CAAA,KAAK,CAAE,CAAA,SAAS,KAAK,EAAC;AAE/B,EAAO,OAAA,KAAA,CAAM,IAAK,iBAAA,IAAI,GAAI,CAAA,CAACC,+BAAmB,CAAA,MAAM,CAAG,EAAA,GAAG,cAAc,CAAC,CAAC,CAAA;AAC5E;AAKO,MAAM,0BAA0D,CAAA;AAAA,EA6B7D,YACU,MACA,EAAA,WAAA,EACA,qBACC,EAAA,UAAA,EACA,MACA,iBACjB,EAAA;AANgB,IAAA,IAAA,CAAA,MAAA,GAAA,MAAA;AACA,IAAA,IAAA,CAAA,WAAA,GAAA,WAAA;AACA,IAAA,IAAA,CAAA,qBAAA,GAAA,qBAAA;AACC,IAAA,IAAA,CAAA,UAAA,GAAA,UAAA;AACA,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AACA,IAAA,IAAA,CAAA,iBAAA,GAAA,iBAAA;AAAA;AAChB,EAnCH,OAAO,OAAO,OASiB,EAAA;AAC7B,IAAM,MAAA,qBAAA,GAAwB,IAAIC,2CAAsB,CAAA;AAAA,MACtD,YAAY,OAAQ,CAAA,UAAA;AAAA,MACpB,cAAc,OAAQ,CAAA,YAAA;AAAA,MACtB,WAAW,OAAQ,CAAA,SAAA;AAAA,MACnB,MAAM,OAAQ,CAAA,IAAA;AAAA,MACd,UAAU,OAAQ,CAAA;AAAA,KACnB,CAAA;AAED,IAAA,OAAO,IAAI,0BAAA;AAAA,MACT,OAAQ,CAAA,MAAA;AAAA,MACR,OAAQ,CAAA,WAAA;AAAA,MACR,qBAAA;AAAA,MACA,OAAQ,CAAA,UAAA;AAAA,MACR,OAAQ,CAAA,IAAA;AAAA,MACR,OAAQ,CAAA;AAAA,KACV;AAAA;AACF,EAWA,MAAM,WAAW,MAAqB,EAAA;AACpC,IAAA,MAAM,KAAQ,GAAA,MAAM,IAAK,CAAA,WAAA,CAAY,WAAW,MAAM,CAAA;AACtD,IAAA,OAAO,EAAE,KAAM,EAAA;AAAA;AACjB,EAEA,MAAM,gBAAgB,KAAqC,EAAA;AACzD,IAAA,IAAI,MAAwC,GAAA,KAAA,CAAA;AAC5C,IAAA,MAAM,EAAE,KAAM,EAAA,GAAI,MAAM,IAAA,CAAK,KAAK,qBAAsB,CAAA;AAAA,MACtD,UAAY,EAAA,MAAM,IAAK,CAAA,IAAA,CAAK,wBAAyB,EAAA;AAAA,MACrD,cAAgB,EAAA;AAAA,KACjB,CAAA;AAED,IAAA,IAAI,eAAe,KAAO,EAAA;AACxB,MAAM,MAAA,SAAA,GAAYC,2BAAe,CAAA,KAAA,CAAM,SAAW,EAAA;AAAA,QAChD,WAAa,EAAA,MAAA;AAAA,QACb,gBAAkB,EAAAC;AAAA,OACnB,CAAA;AACD,MAAA,MAAA,GAAS,MAAM,IAAK,CAAA,UAAA,CAAW,eAAe,SAAW,EAAA,EAAE,OAAO,CAAA;AAAA,KACpE,MAAA,IAAW,iBAAiB,KAAO,EAAA;AACjC,MAAA,MAAM,MAAiC,GAAA;AAAA,QACrC,IAAM,EAAA;AAAA,OACR;AACA,MAAW,KAAA,MAAA,CAAC,KAAK,KAAK,CAAA,IAAK,OAAO,OAAQ,CAAA,KAAA,CAAM,WAAW,CAAG,EAAA;AAC5D,QAAO,MAAA,CAAA,CAAA,qBAAA,EAAwB,GAAG,CAAA,CAAE,CAAI,GAAA,KAAA;AAAA;AAE1C,MAAM,MAAA,GAAA,GAAM,MAAM,IAAA,CAAK,UAAW,CAAA,WAAA,CAAY,EAAE,MAAO,EAAA,EAAG,EAAE,KAAA,EAAO,CAAA;AACnE,MAAA,MAAA,GAAS,GAAI,CAAA,KAAA;AAAA,KACf,MAAA,IAAW,YAAY,KAAO,EAAA;AAC5B,MAAM,MAAA,MAAA,GAAS,CAAC,KAAM,CAAA,MAAM,EAAE,IAAK,EAAA,CAAE,IAAI,CAAS,KAAA,KAAA;AAChD,QAAA,IACE,CAAC,MAAA,CAAO,IAAK,CAAA,KAAK,CAAE,CAAA,IAAA;AAAA,UAClB,CAAO,GAAA,KAAA,GAAA,CAAI,iBAAkB,CAAA,OAAO,CAAM,KAAA;AAAA,SAE5C,EAAA;AACA,UAAO,OAAA;AAAA,YACL,GAAG,KAAA;AAAA,YACH,IAAM,EAAA;AAAA,WACR;AAAA;AAEF,QAAO,OAAA,KAAA;AAAA,OACR,CAAA;AACD,MAAM,MAAA,GAAA,GAAM,MAAM,IAAA,CAAK,UAAW,CAAA,WAAA;AAAA,QAChC,EAAE,MAAe,EAAA;AAAA,QACjB,EAAE,KAAM;AAAA,OACV;AACA,MAAA,MAAA,GAAS,GAAI,CAAA,KAAA;AAAA,KACR,MAAA;AACL,MAAM,MAAA,IAAIC,kBAAW,2BAA2B,CAAA;AAAA;AAGlD,IAAI,IAAA,KAAA,CAAM,OAAQ,CAAA,MAAM,CAAG,EAAA;AACzB,MAAI,IAAA,MAAA,CAAO,SAAS,CAAG,EAAA;AACrB,QAAM,MAAA,IAAIC,qBAAc,0CAA0C,CAAA;AAAA;AAEpE,MAAA,MAAA,GAAS,OAAO,CAAC,CAAA;AAAA;AAEnB,IAAA,IAAI,CAAC,MAAQ,EAAA;AACX,MAAM,MAAA,IAAIC,qBAAc,gBAAgB,CAAA;AAAA;AAG1C,IAAO,OAAA,EAAE,QAAQ,MAAO,EAAA;AAAA;AAC1B,EAEA,MAAM,sBAAsB,KAAqC,EAAA;AAC/D,IAAA,MAAM,EAAE,MAAO,EAAA,GAAI,MAAM,IAAA,CAAK,gBAAgB,KAAK,CAAA;AAEnD,IAAA,MAAM,EAAE,mBAAA,EAAwB,GAAA,MAAM,IAAK,CAAA,0BAAA;AAAA,MACzC;AAAA,KACF;AAEA,IAAA,MAAM,KAAQ,GAAA,MAAM,IAAK,CAAA,WAAA,CAAY,UAAW,CAAA;AAAA,MAC9C,MAAQ,EAAA;AAAA,QACN,GAAA,EAAKN,gCAAmB,MAAM,CAAA;AAAA,QAC9B,GAAK,EAAA;AAAA;AACP,KACD,CAAA;AACD,IAAA,OAAO,EAAE,KAAM,EAAA;AAAA;AACjB,EAEA,MAAM,2BACJ,MAC4C,EAAA;AAC5C,IAAA,IAAI,KAAK,iBAAmB,EAAA;AAC1B,MAAO,OAAA,IAAA,CAAK,iBAAkB,CAAA,0BAAA,CAA2B,MAAM,CAAA;AAAA;AAEjE,IAAA,OAAO,EAAE,mBAAA,EAAqB,6BAA8B,CAAA,MAAM,CAAE,EAAA;AAAA;AAExE;;;;;"}
package/dist/providers/atlassian/provider.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/atlassian/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { atlassianAuthenticator } from '@backstage/plugin-auth-backend-module-atlassian-provider';\nimport {\n SignInResolver,\n createOAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport {\n adaptLegacyOAuthHandler,\n adaptLegacyOAuthSignInResolver,\n} from '../../lib/legacy';\nimport { OAuthResult } from '../../lib/oauth';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport { AuthHandler } from '../types';\n\n/**\n * Auth provider integration for Atlassian auth\n *\n * @public\n */\nexport const atlassian = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<OAuthResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn?: {\n resolver: SignInResolver<OAuthResult>;\n };\n }) {\n return createOAuthProviderFactory({\n authenticator: atlassianAuthenticator,\n profileTransform: adaptLegacyOAuthHandler(options?.authHandler),\n signInResolver: adaptLegacyOAuthSignInResolver(options?.signIn?.resolver),\n });\n },\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","atlassianAuthenticator","adaptLegacyOAuthHandler","adaptLegacyOAuthSignInResolver"],"mappings":";;;;;;;;AAkCO,MAAM,YAAYA,2DAA8B,CAAA;AAAA,EACrD,OAAO,OAaJ,EAAA;AACD,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,+DAAA;AAAA,MACf,gBAAA,EAAkBC,+CAAwB,CAAA,OAAA,EAAS,WAAW,CAAA;AAAA,MAC9D,cAAgB,EAAAC,6DAAA,CAA+B,OAAS,EAAA,MAAA,EAAQ,QAAQ;AAAA,KACzE,CAAA;AAAA;AAEL,CAAC;;;;"}
1
+ {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/atlassian/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { atlassianAuthenticator } from '@backstage/plugin-auth-backend-module-atlassian-provider';\nimport {\n SignInResolver,\n createOAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport {\n adaptLegacyOAuthHandler,\n adaptLegacyOAuthSignInResolver,\n} from '../../lib/legacy';\nimport { OAuthResult } from '../../lib/oauth';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport { AuthHandler } from '../types';\n\n/**\n * Auth provider integration for Atlassian auth\n *\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport const atlassian = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<OAuthResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn?: {\n resolver: SignInResolver<OAuthResult>;\n };\n }) {\n return createOAuthProviderFactory({\n authenticator: atlassianAuthenticator,\n profileTransform: adaptLegacyOAuthHandler(options?.authHandler),\n signInResolver: adaptLegacyOAuthSignInResolver(options?.signIn?.resolver),\n });\n },\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","atlassianAuthenticator","adaptLegacyOAuthHandler","adaptLegacyOAuthSignInResolver"],"mappings":";;;;;;;;AAmCO,MAAM,YAAYA,2DAA8B,CAAA;AAAA,EACrD,OAAO,OAaJ,EAAA;AACD,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,+DAAA;AAAA,MACf,gBAAA,EAAkBC,+CAAwB,CAAA,OAAA,EAAS,WAAW,CAAA;AAAA,MAC9D,cAAgB,EAAAC,6DAAA,CAA+B,OAAS,EAAA,MAAA,EAAQ,QAAQ;AAAA,KACzE,CAAA;AAAA;AAEL,CAAC;;;;"}
package/dist/providers/auth0/provider.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/auth0/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { OAuthProviderOptions, OAuthResult } from '../../lib/oauth';\n\nimport { AuthHandler } from '../types';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport {\n AuthResolverContext,\n createOAuthProviderFactory,\n SignInResolver,\n} from '@backstage/plugin-auth-node';\nimport {\n adaptLegacyOAuthHandler,\n adaptLegacyOAuthSignInResolver,\n} from '../../lib/legacy';\nimport { auth0Authenticator } from '@backstage/plugin-auth-backend-module-auth0-provider';\n\n/**\n * @public\n * @deprecated The Auth0 auth provider was extracted to `@backstage/plugin-auth-backend-module-auth0-provider`.\n */\nexport type Auth0AuthProviderOptions = OAuthProviderOptions & {\n domain: string;\n signInResolver?: SignInResolver<OAuthResult>;\n authHandler: AuthHandler<OAuthResult>;\n resolverContext: AuthResolverContext;\n audience?: string;\n connection?: string;\n connectionScope?: string;\n};\n\n/**\n * Auth provider integration for auth0 auth\n *\n * @public\n */\nexport const auth0 = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<OAuthResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn?: {\n /**\n * Maps an auth result to a Backstage identity for the user.\n */\n resolver: SignInResolver<OAuthResult>;\n };\n }) {\n return createOAuthProviderFactory({\n authenticator: auth0Authenticator,\n profileTransform: adaptLegacyOAuthHandler(options?.authHandler),\n signInResolver: adaptLegacyOAuthSignInResolver(options?.signIn?.resolver),\n });\n },\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","auth0Authenticator","adaptLegacyOAuthHandler","adaptLegacyOAuthSignInResolver"],"mappings":";;;;;;;;AAkDO,MAAM,QAAQA,2DAA8B,CAAA;AAAA,EACjD,OAAO,OAgBJ,EAAA;AACD,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,uDAAA;AAAA,MACf,gBAAA,EAAkBC,+CAAwB,CAAA,OAAA,EAAS,WAAW,CAAA;AAAA,MAC9D,cAAgB,EAAAC,6DAAA,CAA+B,OAAS,EAAA,MAAA,EAAQ,QAAQ;AAAA,KACzE,CAAA;AAAA;AAEL,CAAC;;;;"}
1
+ {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/auth0/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { OAuthProviderOptions, OAuthResult } from '../../lib/oauth';\n\nimport { AuthHandler } from '../types';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport {\n AuthResolverContext,\n createOAuthProviderFactory,\n SignInResolver,\n} from '@backstage/plugin-auth-node';\nimport {\n adaptLegacyOAuthHandler,\n adaptLegacyOAuthSignInResolver,\n} from '../../lib/legacy';\nimport { auth0Authenticator } from '@backstage/plugin-auth-backend-module-auth0-provider';\n\n/**\n * @public\n * @deprecated The Auth0 auth provider was extracted to `@backstage/plugin-auth-backend-module-auth0-provider`.\n */\nexport type Auth0AuthProviderOptions = OAuthProviderOptions & {\n domain: string;\n signInResolver?: SignInResolver<OAuthResult>;\n authHandler: AuthHandler<OAuthResult>;\n resolverContext: AuthResolverContext;\n audience?: string;\n connection?: string;\n connectionScope?: string;\n};\n\n/**\n * Auth provider integration for auth0 auth\n *\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport const auth0 = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<OAuthResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn?: {\n /**\n * Maps an auth result to a Backstage identity for the user.\n */\n resolver: SignInResolver<OAuthResult>;\n };\n }) {\n return createOAuthProviderFactory({\n authenticator: auth0Authenticator,\n profileTransform: adaptLegacyOAuthHandler(options?.authHandler),\n signInResolver: adaptLegacyOAuthSignInResolver(options?.signIn?.resolver),\n });\n },\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","auth0Authenticator","adaptLegacyOAuthHandler","adaptLegacyOAuthSignInResolver"],"mappings":";;;;;;;;AAmDO,MAAM,QAAQA,2DAA8B,CAAA;AAAA,EACjD,OAAO,OAgBJ,EAAA;AACD,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,uDAAA;AAAA,MACf,gBAAA,EAAkBC,+CAAwB,CAAA,OAAA,EAAS,WAAW,CAAA;AAAA,MAC9D,cAAgB,EAAAC,6DAAA,CAA+B,OAAS,EAAA,MAAA,EAAQ,QAAQ;AAAA,KACzE,CAAA;AAAA;AAEL,CAAC;;;;"}
package/dist/providers/aws-alb/provider.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/aws-alb/provider.ts"],"sourcesContent":["/*\n * Copyright 2021 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n AwsAlbResult,\n awsAlbAuthenticator,\n} from '@backstage/plugin-auth-backend-module-aws-alb-provider';\nimport {\n SignInResolver,\n createProxyAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport { AuthHandler } from '../types';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\n\n/**\n * Auth provider integration for AWS ALB auth\n *\n * @public\n */\nexport const awsAlb = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth\n * response into the profile that will be presented to the user. The default\n * implementation just provides the authenticated email that the IAP\n * presented.\n */\n authHandler?: AuthHandler<AwsAlbResult>;\n /**\n * Configures sign-in for this provider.\n */\n signIn: {\n /**\n * Maps an auth result to a Backstage identity for the user.\n */\n resolver: SignInResolver<AwsAlbResult>;\n };\n }) {\n return createProxyAuthProviderFactory({\n authenticator: awsAlbAuthenticator,\n profileTransform: options?.authHandler,\n signInResolver: options?.signIn?.resolver,\n });\n },\n});\n"],"names":["createAuthProviderIntegration","createProxyAuthProviderFactory","awsAlbAuthenticator"],"mappings":";;;;;;AAgCO,MAAM,SAASA,2DAA8B,CAAA;AAAA,EAClD,OAAO,OAiBJ,EAAA;AACD,IAAA,OAAOC,6CAA+B,CAAA;AAAA,MACpC,aAAe,EAAAC,yDAAA;AAAA,MACf,kBAAkB,OAAS,EAAA,WAAA;AAAA,MAC3B,cAAA,EAAgB,SAAS,MAAQ,EAAA;AAAA,KAClC,CAAA;AAAA;AAEL,CAAC;;;;"}
1
+ {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/aws-alb/provider.ts"],"sourcesContent":["/*\n * Copyright 2021 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n AwsAlbResult,\n awsAlbAuthenticator,\n} from '@backstage/plugin-auth-backend-module-aws-alb-provider';\nimport {\n SignInResolver,\n createProxyAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport { AuthHandler } from '../types';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\n\n/**\n * Auth provider integration for AWS ALB auth\n *\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport const awsAlb = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth\n * response into the profile that will be presented to the user. The default\n * implementation just provides the authenticated email that the IAP\n * presented.\n */\n authHandler?: AuthHandler<AwsAlbResult>;\n /**\n * Configures sign-in for this provider.\n */\n signIn: {\n /**\n * Maps an auth result to a Backstage identity for the user.\n */\n resolver: SignInResolver<AwsAlbResult>;\n };\n }) {\n return createProxyAuthProviderFactory({\n authenticator: awsAlbAuthenticator,\n profileTransform: options?.authHandler,\n signInResolver: options?.signIn?.resolver,\n });\n },\n});\n"],"names":["createAuthProviderIntegration","createProxyAuthProviderFactory","awsAlbAuthenticator"],"mappings":";;;;;;AAiCO,MAAM,SAASA,2DAA8B,CAAA;AAAA,EAClD,OAAO,OAiBJ,EAAA;AACD,IAAA,OAAOC,6CAA+B,CAAA;AAAA,MACpC,aAAe,EAAAC,yDAAA;AAAA,MACf,kBAAkB,OAAS,EAAA,WAAA;AAAA,MAC3B,cAAA,EAAgB,SAAS,MAAQ,EAAA;AAAA,KAClC,CAAA;AAAA;AAEL,CAAC;;;;"}
package/dist/providers/azure-easyauth/provider.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/azure-easyauth/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n SignInResolver,\n createProxyAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport { AuthHandler } from '../types';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport {\n AzureEasyAuthResult,\n azureEasyAuthAuthenticator,\n} from '@backstage/plugin-auth-backend-module-azure-easyauth-provider';\n\nexport type EasyAuthResult = AzureEasyAuthResult;\n\n/**\n * Auth provider integration for Azure EasyAuth\n *\n * @public\n */\nexport const easyAuth = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<EasyAuthResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn: {\n /**\n * Maps an auth result to a Backstage identity for the user.\n */\n resolver: SignInResolver<EasyAuthResult>;\n };\n }) {\n return createProxyAuthProviderFactory({\n authenticator: azureEasyAuthAuthenticator,\n profileTransform: options?.authHandler,\n signInResolver: options?.signIn?.resolver,\n });\n },\n});\n"],"names":["createAuthProviderIntegration","createProxyAuthProviderFactory","azureEasyAuthAuthenticator"],"mappings":";;;;;;AAkCO,MAAM,WAAWA,2DAA8B,CAAA;AAAA,EACpD,OAAO,OAgBJ,EAAA;AACD,IAAA,OAAOC,6CAA+B,CAAA;AAAA,MACpC,aAAe,EAAAC,uEAAA;AAAA,MACf,kBAAkB,OAAS,EAAA,WAAA;AAAA,MAC3B,cAAA,EAAgB,SAAS,MAAQ,EAAA;AAAA,KAClC,CAAA;AAAA;AAEL,CAAC;;;;"}
1
+ {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/azure-easyauth/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n SignInResolver,\n createProxyAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport { AuthHandler } from '../types';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport {\n AzureEasyAuthResult,\n azureEasyAuthAuthenticator,\n} from '@backstage/plugin-auth-backend-module-azure-easyauth-provider';\n\n/**\n * Auth provider integration for Azure EasyAuth\n *\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport const easyAuth = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<AzureEasyAuthResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn: {\n /**\n * Maps an auth result to a Backstage identity for the user.\n */\n resolver: SignInResolver<AzureEasyAuthResult>;\n };\n }) {\n return createProxyAuthProviderFactory({\n authenticator: azureEasyAuthAuthenticator,\n profileTransform: options?.authHandler,\n signInResolver: options?.signIn?.resolver,\n });\n },\n});\n"],"names":["createAuthProviderIntegration","createProxyAuthProviderFactory","azureEasyAuthAuthenticator"],"mappings":";;;;;;AAiCO,MAAM,WAAWA,2DAA8B,CAAA;AAAA,EACpD,OAAO,OAgBJ,EAAA;AACD,IAAA,OAAOC,6CAA+B,CAAA;AAAA,MACpC,aAAe,EAAAC,uEAAA;AAAA,MACf,kBAAkB,OAAS,EAAA,WAAA;AAAA,MAC3B,cAAA,EAAgB,SAAS,MAAQ,EAAA;AAAA,KAClC,CAAA;AAAA;AAEL,CAAC;;;;"}
package/dist/providers/bitbucket/provider.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/bitbucket/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n bitbucketAuthenticator,\n bitbucketSignInResolvers,\n} from '@backstage/plugin-auth-backend-module-bitbucket-provider';\nimport {\n SignInResolver,\n createOAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport { Profile as PassportProfile } from 'passport';\nimport {\n adaptLegacyOAuthHandler,\n adaptLegacyOAuthSignInResolver,\n adaptOAuthSignInResolverToLegacy,\n} from '../../lib/legacy';\nimport { OAuthResult } from '../../lib/oauth';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport { AuthHandler } from '../types';\n\n/**\n * @public\n * @deprecated The Bitbucket auth provider was extracted to `@backstage/plugin-auth-backend-module-bitbucket-provider`.\n */\nexport type BitbucketOAuthResult = {\n fullProfile: BitbucketPassportProfile;\n params: {\n id_token?: string;\n scope: string;\n expires_in: number;\n };\n accessToken: string;\n refreshToken?: string;\n};\n\n/**\n * @public\n * @deprecated The Bitbucket auth provider was extracted to `@backstage/plugin-auth-backend-module-bitbucket-provider`.\n */\nexport type BitbucketPassportProfile = PassportProfile & {\n id?: string;\n displayName?: string;\n username?: string;\n avatarUrl?: string;\n _json?: {\n links?: {\n avatar?: {\n href?: string;\n };\n };\n };\n};\n\n/**\n * Auth provider integration for Bitbucket auth\n *\n * @public\n */\nexport const bitbucket = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<OAuthResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn?: {\n resolver: SignInResolver<OAuthResult>;\n };\n }) {\n return createOAuthProviderFactory({\n authenticator: bitbucketAuthenticator,\n profileTransform: adaptLegacyOAuthHandler(options?.authHandler),\n signInResolver: adaptLegacyOAuthSignInResolver(options?.signIn?.resolver),\n });\n },\n resolvers: adaptOAuthSignInResolverToLegacy({\n userIdMatchingUserEntityAnnotation:\n bitbucketSignInResolvers.userIdMatchingUserEntityAnnotation(),\n usernameMatchingUserEntityAnnotation:\n bitbucketSignInResolvers.usernameMatchingUserEntityAnnotation(),\n }),\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","bitbucketAuthenticator","adaptLegacyOAuthHandler","adaptLegacyOAuthSignInResolver","adaptOAuthSignInResolverToLegacy","bitbucketSignInResolvers"],"mappings":";;;;;;;;;AAwEO,MAAM,YAAYA,2DAA8B,CAAA;AAAA,EACrD,OAAO,OAaJ,EAAA;AACD,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,+DAAA;AAAA,MACf,gBAAA,EAAkBC,+CAAwB,CAAA,OAAA,EAAS,WAAW,CAAA;AAAA,MAC9D,cAAgB,EAAAC,6DAAA,CAA+B,OAAS,EAAA,MAAA,EAAQ,QAAQ;AAAA,KACzE,CAAA;AAAA,GACH;AAAA,EACA,WAAWC,iEAAiC,CAAA;AAAA,IAC1C,kCAAA,EACEC,kEAAyB,kCAAmC,EAAA;AAAA,IAC9D,oCAAA,EACEA,kEAAyB,oCAAqC;AAAA,GACjE;AACH,CAAC;;;;"}
1
+ {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/bitbucket/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n bitbucketAuthenticator,\n bitbucketSignInResolvers,\n} from '@backstage/plugin-auth-backend-module-bitbucket-provider';\nimport {\n SignInResolver,\n createOAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport { Profile as PassportProfile } from 'passport';\nimport {\n adaptLegacyOAuthHandler,\n adaptLegacyOAuthSignInResolver,\n adaptOAuthSignInResolverToLegacy,\n} from '../../lib/legacy';\nimport { OAuthResult } from '../../lib/oauth';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport { AuthHandler } from '../types';\n\n/**\n * @public\n * @deprecated The Bitbucket auth provider was extracted to `@backstage/plugin-auth-backend-module-bitbucket-provider`.\n */\nexport type BitbucketOAuthResult = {\n fullProfile: BitbucketPassportProfile;\n params: {\n id_token?: string;\n scope: string;\n expires_in: number;\n };\n accessToken: string;\n refreshToken?: string;\n};\n\n/**\n * @public\n * @deprecated The Bitbucket auth provider was extracted to `@backstage/plugin-auth-backend-module-bitbucket-provider`.\n */\nexport type BitbucketPassportProfile = PassportProfile & {\n id?: string;\n displayName?: string;\n username?: string;\n avatarUrl?: string;\n _json?: {\n links?: {\n avatar?: {\n href?: string;\n };\n };\n };\n};\n\n/**\n * Auth provider integration for Bitbucket auth\n *\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport const bitbucket = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<OAuthResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn?: {\n resolver: SignInResolver<OAuthResult>;\n };\n }) {\n return createOAuthProviderFactory({\n authenticator: bitbucketAuthenticator,\n profileTransform: adaptLegacyOAuthHandler(options?.authHandler),\n signInResolver: adaptLegacyOAuthSignInResolver(options?.signIn?.resolver),\n });\n },\n resolvers: adaptOAuthSignInResolverToLegacy({\n userIdMatchingUserEntityAnnotation:\n bitbucketSignInResolvers.userIdMatchingUserEntityAnnotation(),\n usernameMatchingUserEntityAnnotation:\n bitbucketSignInResolvers.usernameMatchingUserEntityAnnotation(),\n }),\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","bitbucketAuthenticator","adaptLegacyOAuthHandler","adaptLegacyOAuthSignInResolver","adaptOAuthSignInResolverToLegacy","bitbucketSignInResolvers"],"mappings":";;;;;;;;;AAyEO,MAAM,YAAYA,2DAA8B,CAAA;AAAA,EACrD,OAAO,OAaJ,EAAA;AACD,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,+DAAA;AAAA,MACf,gBAAA,EAAkBC,+CAAwB,CAAA,OAAA,EAAS,WAAW,CAAA;AAAA,MAC9D,cAAgB,EAAAC,6DAAA,CAA+B,OAAS,EAAA,MAAA,EAAQ,QAAQ;AAAA,KACzE,CAAA;AAAA,GACH;AAAA,EACA,WAAWC,iEAAiC,CAAA;AAAA,IAC1C,kCAAA,EACEC,kEAAyB,kCAAmC,EAAA;AAAA,IAC9D,oCAAA,EACEA,kEAAyB,oCAAqC;AAAA,GACjE;AACH,CAAC;;;;"}
package/dist/providers/cloudflare-access/provider.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/cloudflare-access/provider.ts"],"sourcesContent":["/*\n * Copyright 2022 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n cloudflareAccessSignInResolvers,\n createCloudflareAccessAuthenticator,\n} from '@backstage/plugin-auth-backend-module-cloudflare-access-provider';\nimport {\n SignInResolver,\n createProxyAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport { AuthHandler } from '../types';\nimport { CacheService } from '@backstage/backend-plugin-api';\n\n/**\n * CloudflareAccessClaims\n *\n * Can be used in externally provided auth handler or sign in resolver to\n * enrich user profile for sign-in user entity\n *\n * @public\n * @deprecated import from `@backstage/plugin-auth-backend-module-cloudflare-access-provider` instead\n */\nexport type CloudflareAccessClaims = {\n /**\n * `aud` identifies the application to which the JWT is issued.\n */\n aud: string[];\n /**\n * `email` contains the email address of the authenticated user.\n */\n email: string;\n /**\n * iat and exp are the issuance and expiration timestamps.\n */\n exp: number;\n iat: number;\n /**\n * `nonce` is the session identifier.\n */\n nonce: string;\n /**\n * `identity_nonce` is available in the Application Token and can be used to\n * query all group membership for a given user.\n */\n identity_nonce: string;\n /**\n * `sub` contains the identifier of the authenticated user.\n */\n sub: string;\n /**\n * `iss` the issuer is the application’s Cloudflare Access Domain URL.\n */\n iss: string;\n /**\n * `custom` contains SAML attributes in the Application Token specified by an\n * administrator in the identity provider configuration.\n */\n custom: string;\n};\n\n/**\n * CloudflareAccessGroup\n *\n * @public\n * @deprecated import from `@backstage/plugin-auth-backend-module-cloudflare-access-provider` instead\n */\nexport type CloudflareAccessGroup = {\n /**\n * Group id\n */\n id: string;\n /**\n * Name of group as defined in Cloudflare zero trust dashboard\n */\n name: string;\n /**\n * Access group email address\n */\n email: string;\n};\n\n/**\n * CloudflareAccessIdentityProfile\n *\n * Can be used in externally provided auth handler or sign in resolver to\n * enrich user profile for sign-in user entity\n *\n * @public\n * @deprecated import from `@backstage/plugin-auth-backend-module-cloudflare-access-provider` instead\n */\nexport type CloudflareAccessIdentityProfile = {\n id: string;\n name: string;\n email: string;\n groups: CloudflareAccessGroup[];\n};\n\n/**\n * @public\n * @deprecated import from `@backstage/plugin-auth-backend-module-cloudflare-access-provider` instead\n */\nexport type CloudflareAccessResult = {\n claims: CloudflareAccessClaims;\n cfIdentity: CloudflareAccessIdentityProfile;\n expiresInSeconds?: number;\n token: string;\n};\n\n/**\n * Auth provider integration for Cloudflare Access auth\n *\n * @public\n */\nexport const cfAccess = createAuthProviderIntegration({\n create(options: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<CloudflareAccessResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn: {\n /**\n * Maps an auth result to a Backstage identity for the user.\n */\n resolver: SignInResolver<CloudflareAccessResult>;\n };\n\n /**\n * Cache service object that was configured for the Backstage backend,\n * should be provided via the backend auth plugin.\n */\n cache?: CacheService;\n }) {\n return createProxyAuthProviderFactory({\n authenticator: createCloudflareAccessAuthenticator({\n cache: options.cache,\n }),\n profileTransform: options?.authHandler,\n signInResolver: options?.signIn?.resolver,\n signInResolverFactories: cloudflareAccessSignInResolvers,\n });\n },\n resolvers: cloudflareAccessSignInResolvers,\n});\n"],"names":["createAuthProviderIntegration","createProxyAuthProviderFactory","createCloudflareAccessAuthenticator","cloudflareAccessSignInResolvers"],"mappings":";;;;;;AAgIO,MAAM,WAAWA,2DAA8B,CAAA;AAAA,EACpD,OAAO,OAsBJ,EAAA;AACD,IAAA,OAAOC,6CAA+B,CAAA;AAAA,MACpC,eAAeC,mFAAoC,CAAA;AAAA,QACjD,OAAO,OAAQ,CAAA;AAAA,OAChB,CAAA;AAAA,MACD,kBAAkB,OAAS,EAAA,WAAA;AAAA,MAC3B,cAAA,EAAgB,SAAS,MAAQ,EAAA,QAAA;AAAA,MACjC,uBAAyB,EAAAC;AAAA,KAC1B,CAAA;AAAA,GACH;AAAA,EACA,SAAW,EAAAA;AACb,CAAC;;;;"}
1
+ {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/cloudflare-access/provider.ts"],"sourcesContent":["/*\n * Copyright 2022 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n cloudflareAccessSignInResolvers,\n createCloudflareAccessAuthenticator,\n} from '@backstage/plugin-auth-backend-module-cloudflare-access-provider';\nimport {\n SignInResolver,\n createProxyAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport { AuthHandler } from '../types';\nimport { CacheService } from '@backstage/backend-plugin-api';\n\n/**\n * CloudflareAccessClaims\n *\n * Can be used in externally provided auth handler or sign in resolver to\n * enrich user profile for sign-in user entity\n *\n * @public\n * @deprecated import from `@backstage/plugin-auth-backend-module-cloudflare-access-provider` instead\n */\nexport type CloudflareAccessClaims = {\n /**\n * `aud` identifies the application to which the JWT is issued.\n */\n aud: string[];\n /**\n * `email` contains the email address of the authenticated user.\n */\n email: string;\n /**\n * iat and exp are the issuance and expiration timestamps.\n */\n exp: number;\n iat: number;\n /**\n * `nonce` is the session identifier.\n */\n nonce: string;\n /**\n * `identity_nonce` is available in the Application Token and can be used to\n * query all group membership for a given user.\n */\n identity_nonce: string;\n /**\n * `sub` contains the identifier of the authenticated user.\n */\n sub: string;\n /**\n * `iss` the issuer is the application’s Cloudflare Access Domain URL.\n */\n iss: string;\n /**\n * `custom` contains SAML attributes in the Application Token specified by an\n * administrator in the identity provider configuration.\n */\n custom: string;\n};\n\n/**\n * CloudflareAccessGroup\n *\n * @public\n * @deprecated import from `@backstage/plugin-auth-backend-module-cloudflare-access-provider` instead\n */\nexport type CloudflareAccessGroup = {\n /**\n * Group id\n */\n id: string;\n /**\n * Name of group as defined in Cloudflare zero trust dashboard\n */\n name: string;\n /**\n * Access group email address\n */\n email: string;\n};\n\n/**\n * CloudflareAccessIdentityProfile\n *\n * Can be used in externally provided auth handler or sign in resolver to\n * enrich user profile for sign-in user entity\n *\n * @public\n * @deprecated import from `@backstage/plugin-auth-backend-module-cloudflare-access-provider` instead\n */\nexport type CloudflareAccessIdentityProfile = {\n id: string;\n name: string;\n email: string;\n groups: CloudflareAccessGroup[];\n};\n\n/**\n * @public\n * @deprecated import from `@backstage/plugin-auth-backend-module-cloudflare-access-provider` instead\n */\nexport type CloudflareAccessResult = {\n claims: CloudflareAccessClaims;\n cfIdentity: CloudflareAccessIdentityProfile;\n expiresInSeconds?: number;\n token: string;\n};\n\n/**\n * Auth provider integration for Cloudflare Access auth\n *\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport const cfAccess = createAuthProviderIntegration({\n create(options: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<CloudflareAccessResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn: {\n /**\n * Maps an auth result to a Backstage identity for the user.\n */\n resolver: SignInResolver<CloudflareAccessResult>;\n };\n\n /**\n * Cache service object that was configured for the Backstage backend,\n * should be provided via the backend auth plugin.\n */\n cache?: CacheService;\n }) {\n return createProxyAuthProviderFactory({\n authenticator: createCloudflareAccessAuthenticator({\n cache: options.cache,\n }),\n profileTransform: options?.authHandler,\n signInResolver: options?.signIn?.resolver,\n signInResolverFactories: cloudflareAccessSignInResolvers,\n });\n },\n resolvers: cloudflareAccessSignInResolvers,\n});\n"],"names":["createAuthProviderIntegration","createProxyAuthProviderFactory","createCloudflareAccessAuthenticator","cloudflareAccessSignInResolvers"],"mappings":";;;;;;AAiIO,MAAM,WAAWA,2DAA8B,CAAA;AAAA,EACpD,OAAO,OAsBJ,EAAA;AACD,IAAA,OAAOC,6CAA+B,CAAA;AAAA,MACpC,eAAeC,mFAAoC,CAAA;AAAA,QACjD,OAAO,OAAQ,CAAA;AAAA,OAChB,CAAA;AAAA,MACD,kBAAkB,OAAS,EAAA,WAAA;AAAA,MAC3B,cAAA,EAAgB,SAAS,MAAQ,EAAA,QAAA;AAAA,MACjC,uBAAyB,EAAAC;AAAA,KAC1B,CAAA;AAAA,GACH;AAAA,EACA,SAAW,EAAAA;AACb,CAAC;;;;"}
package/dist/providers/createAuthProviderIntegration.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"createAuthProviderIntegration.cjs.js","sources":["../../src/providers/createAuthProviderIntegration.ts"],"sourcesContent":["/*\n * Copyright 2022 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n AuthProviderFactory,\n SignInResolver,\n} from '@backstage/plugin-auth-node';\n\n/**\n * Creates a standardized representation of an integration with a third-party\n * auth provider.\n *\n * The returned object facilitates the creation of provider instances, and\n * supplies built-in sign-in resolvers for the specific provider.\n *\n * @public\n */\nexport function createAuthProviderIntegration<\n TCreateOptions extends unknown[],\n TResolvers extends\n | {\n [name in string]: (...args: any[]) => SignInResolver<any>;\n },\n>(config: {\n create: (...args: TCreateOptions) => AuthProviderFactory;\n resolvers?: TResolvers;\n}): Readonly<{\n create: (...args: TCreateOptions) => AuthProviderFactory;\n // If no resolvers are defined, this receives the type `never`\n resolvers: Readonly<string extends keyof TResolvers ? never : TResolvers>;\n}> {\n return Object.freeze({\n ...config,\n resolvers: Object.freeze(config.resolvers ?? ({} as any)),\n });\n}\n"],"names":[],"mappings":";;AA8BO,SAAS,8BAMd,MAOC,EAAA;AACD,EAAA,OAAO,OAAO,MAAO,CAAA;AAAA,IACnB,GAAG,MAAA;AAAA,IACH,WAAW,MAAO,CAAA,MAAA,CAAO,MAAO,CAAA,SAAA,IAAc,EAAU;AAAA,GACzD,CAAA;AACH;;;;"}
1
+ {"version":3,"file":"createAuthProviderIntegration.cjs.js","sources":["../../src/providers/createAuthProviderIntegration.ts"],"sourcesContent":["/*\n * Copyright 2022 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n AuthProviderFactory,\n SignInResolver,\n} from '@backstage/plugin-auth-node';\n\n/**\n * Creates a standardized representation of an integration with a third-party\n * auth provider.\n *\n * The returned object facilitates the creation of provider instances, and\n * supplies built-in sign-in resolvers for the specific provider.\n *\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport function createAuthProviderIntegration<\n TCreateOptions extends unknown[],\n TResolvers extends\n | {\n [name in string]: (...args: any[]) => SignInResolver<any>;\n },\n>(config: {\n create: (...args: TCreateOptions) => AuthProviderFactory;\n resolvers?: TResolvers;\n}): Readonly<{\n create: (...args: TCreateOptions) => AuthProviderFactory;\n // If no resolvers are defined, this receives the type `never`\n resolvers: Readonly<string extends keyof TResolvers ? never : TResolvers>;\n}> {\n return Object.freeze({\n ...config,\n resolvers: Object.freeze(config.resolvers ?? ({} as any)),\n });\n}\n"],"names":[],"mappings":";;AA+BO,SAAS,8BAMd,MAOC,EAAA;AACD,EAAA,OAAO,OAAO,MAAO,CAAA;AAAA,IACnB,GAAG,MAAA;AAAA,IACH,WAAW,MAAO,CAAA,MAAA,CAAO,MAAO,CAAA,SAAA,IAAc,EAAU;AAAA,GACzD,CAAA;AACH;;;;"}
package/dist/providers/gcp-iap/provider.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/gcp-iap/provider.ts"],"sourcesContent":["/*\n * Copyright 2021 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { gcpIapAuthenticator } from '@backstage/plugin-auth-backend-module-gcp-iap-provider';\nimport {\n SignInResolver,\n createProxyAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport { AuthHandler } from '../types';\nimport { GcpIapResult } from './types';\n\n/**\n * Auth provider integration for Google Identity-Aware Proxy auth\n *\n * @public\n */\nexport const gcpIap = createAuthProviderIntegration({\n create(options: {\n /**\n * The profile transformation function used to verify and convert the auth\n * response into the profile that will be presented to the user. The default\n * implementation just provides the authenticated email that the IAP\n * presented.\n */\n authHandler?: AuthHandler<GcpIapResult>;\n\n /**\n * Configures sign-in for this provider.\n */\n signIn: {\n /**\n * Maps an auth result to a Backstage identity for the user.\n */\n resolver: SignInResolver<GcpIapResult>;\n };\n }) {\n return createProxyAuthProviderFactory({\n authenticator: gcpIapAuthenticator,\n profileTransform: options?.authHandler,\n signInResolver: options?.signIn?.resolver,\n });\n },\n});\n"],"names":["createAuthProviderIntegration","createProxyAuthProviderFactory","gcpIapAuthenticator"],"mappings":";;;;;;AA8BO,MAAM,SAASA,2DAA8B,CAAA;AAAA,EAClD,OAAO,OAkBJ,EAAA;AACD,IAAA,OAAOC,6CAA+B,CAAA;AAAA,MACpC,aAAe,EAAAC,yDAAA;AAAA,MACf,kBAAkB,OAAS,EAAA,WAAA;AAAA,MAC3B,cAAA,EAAgB,SAAS,MAAQ,EAAA;AAAA,KAClC,CAAA;AAAA;AAEL,CAAC;;;;"}
1
+ {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/gcp-iap/provider.ts"],"sourcesContent":["/*\n * Copyright 2021 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { gcpIapAuthenticator } from '@backstage/plugin-auth-backend-module-gcp-iap-provider';\nimport {\n SignInResolver,\n createProxyAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport { AuthHandler } from '../types';\nimport { GcpIapResult } from './types';\n\n/**\n * Auth provider integration for Google Identity-Aware Proxy auth\n *\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport const gcpIap = createAuthProviderIntegration({\n create(options: {\n /**\n * The profile transformation function used to verify and convert the auth\n * response into the profile that will be presented to the user. The default\n * implementation just provides the authenticated email that the IAP\n * presented.\n */\n authHandler?: AuthHandler<GcpIapResult>;\n\n /**\n * Configures sign-in for this provider.\n */\n signIn: {\n /**\n * Maps an auth result to a Backstage identity for the user.\n */\n resolver: SignInResolver<GcpIapResult>;\n };\n }) {\n return createProxyAuthProviderFactory({\n authenticator: gcpIapAuthenticator,\n profileTransform: options?.authHandler,\n signInResolver: options?.signIn?.resolver,\n });\n },\n});\n"],"names":["createAuthProviderIntegration","createProxyAuthProviderFactory","gcpIapAuthenticator"],"mappings":";;;;;;AA+BO,MAAM,SAASA,2DAA8B,CAAA;AAAA,EAClD,OAAO,OAkBJ,EAAA;AACD,IAAA,OAAOC,6CAA+B,CAAA;AAAA,MACpC,aAAe,EAAAC,yDAAA;AAAA,MACf,kBAAkB,OAAS,EAAA,WAAA;AAAA,MAC3B,cAAA,EAAgB,SAAS,MAAQ,EAAA;AAAA,KAClC,CAAA;AAAA;AAEL,CAAC;;;;"}
package/dist/providers/github/provider.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/github/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Profile as PassportProfile } from 'passport';\nimport { AuthHandler, StateEncoder } from '../types';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport {\n createOAuthProviderFactory,\n OAuthAuthenticatorResult,\n ProfileTransform,\n SignInResolver,\n} from '@backstage/plugin-auth-node';\nimport { githubAuthenticator } from '@backstage/plugin-auth-backend-module-github-provider';\n\n/** @public */\nexport type GithubOAuthResult = {\n fullProfile: PassportProfile;\n params: {\n scope: string;\n expires_in?: string;\n refresh_token_expires_in?: string;\n };\n accessToken: string;\n refreshToken?: string;\n};\n\n/**\n * Auth provider integration for GitHub auth\n *\n * @public\n */\nexport const github = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<GithubOAuthResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn?: {\n /**\n * Maps an auth result to a Backstage identity for the user.\n */\n resolver: SignInResolver<GithubOAuthResult>;\n };\n\n /**\n * The state encoder used to encode the 'state' parameter on the OAuth request.\n *\n * It should return a string that takes the state params (from the request), url encodes the params\n * and finally base64 encodes them.\n *\n * Providing your own stateEncoder will allow you to add addition parameters to the state field.\n *\n * It is typed as follows:\n * `export type StateEncoder = (input: OAuthState) => Promise<{encodedState: string}>;`\n *\n * Note: the stateEncoder must encode a 'nonce' value and an 'env' value. Without this, the OAuth flow will fail\n * (These two values will be set by the req.state by default)\n *\n * For more information, please see the helper module in ../../oauth/helpers #readState\n */\n stateEncoder?: StateEncoder;\n }) {\n const authHandler = options?.authHandler;\n const signInResolver = options?.signIn?.resolver;\n return createOAuthProviderFactory({\n authenticator: githubAuthenticator,\n profileTransform:\n authHandler &&\n ((async (result, ctx) =>\n authHandler!(\n {\n fullProfile: result.fullProfile,\n accessToken: result.session.accessToken,\n params: {\n scope: result.session.scope,\n expires_in: result.session.expiresInSeconds\n ? String(result.session.expiresInSeconds)\n : '',\n refresh_token_expires_in: result.session\n .refreshTokenExpiresInSeconds\n ? String(result.session.refreshTokenExpiresInSeconds)\n : '',\n },\n },\n ctx,\n )) as ProfileTransform<OAuthAuthenticatorResult<PassportProfile>>),\n signInResolver:\n signInResolver &&\n ((async ({ profile, result }, ctx) =>\n signInResolver(\n {\n profile: profile,\n result: {\n fullProfile: result.fullProfile,\n accessToken: result.session.accessToken,\n refreshToken: result.session.refreshToken,\n params: {\n scope: result.session.scope,\n expires_in: result.session.expiresInSeconds\n ? String(result.session.expiresInSeconds)\n : '',\n refresh_token_expires_in: result.session\n .refreshTokenExpiresInSeconds\n ? String(result.session.refreshTokenExpiresInSeconds)\n : '',\n },\n },\n },\n ctx,\n )) as SignInResolver<OAuthAuthenticatorResult<PassportProfile>>),\n });\n },\n resolvers: {\n /**\n * Looks up the user by matching their GitHub username to the entity name.\n */\n usernameMatchingUserEntityName: (): SignInResolver<GithubOAuthResult> => {\n return async (info, ctx) => {\n const { fullProfile } = info.result;\n\n const userId = fullProfile.username;\n if (!userId) {\n throw new Error(`GitHub user profile does not contain a username`);\n }\n\n return ctx.signInWithCatalogUser({ entityRef: { name: userId } });\n };\n },\n },\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","githubAuthenticator"],"mappings":";;;;;;AA4CO,MAAM,SAASA,2DAA8B,CAAA;AAAA,EAClD,OAAO,OAkCJ,EAAA;AACD,IAAA,MAAM,cAAc,OAAS,EAAA,WAAA;AAC7B,IAAM,MAAA,cAAA,GAAiB,SAAS,MAAQ,EAAA,QAAA;AACxC,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,yDAAA;AAAA,MACf,gBACE,EAAA,WAAA,KACE,OAAO,MAAA,EAAQ,GACf,KAAA,WAAA;AAAA,QACE;AAAA,UACE,aAAa,MAAO,CAAA,WAAA;AAAA,UACpB,WAAA,EAAa,OAAO,OAAQ,CAAA,WAAA;AAAA,UAC5B,MAAQ,EAAA;AAAA,YACN,KAAA,EAAO,OAAO,OAAQ,CAAA,KAAA;AAAA,YACtB,UAAA,EAAY,OAAO,OAAQ,CAAA,gBAAA,GACvB,OAAO,MAAO,CAAA,OAAA,CAAQ,gBAAgB,CACtC,GAAA,EAAA;AAAA,YACJ,wBAAA,EAA0B,OAAO,OAC9B,CAAA,4BAAA,GACC,OAAO,MAAO,CAAA,OAAA,CAAQ,4BAA4B,CAClD,GAAA;AAAA;AACN,SACF;AAAA,QACA;AAAA,OACF,CAAA;AAAA,MACJ,gBACE,cACE,KAAA,OAAO,EAAE,OAAS,EAAA,MAAA,IAAU,GAC5B,KAAA,cAAA;AAAA,QACE;AAAA,UACE,OAAA;AAAA,UACA,MAAQ,EAAA;AAAA,YACN,aAAa,MAAO,CAAA,WAAA;AAAA,YACpB,WAAA,EAAa,OAAO,OAAQ,CAAA,WAAA;AAAA,YAC5B,YAAA,EAAc,OAAO,OAAQ,CAAA,YAAA;AAAA,YAC7B,MAAQ,EAAA;AAAA,cACN,KAAA,EAAO,OAAO,OAAQ,CAAA,KAAA;AAAA,cACtB,UAAA,EAAY,OAAO,OAAQ,CAAA,gBAAA,GACvB,OAAO,MAAO,CAAA,OAAA,CAAQ,gBAAgB,CACtC,GAAA,EAAA;AAAA,cACJ,wBAAA,EAA0B,OAAO,OAC9B,CAAA,4BAAA,GACC,OAAO,MAAO,CAAA,OAAA,CAAQ,4BAA4B,CAClD,GAAA;AAAA;AACN;AACF,SACF;AAAA,QACA;AAAA,OACF;AAAA,KACL,CAAA;AAAA,GACH;AAAA,EACA,SAAW,EAAA;AAAA;AAAA;AAAA;AAAA,IAIT,gCAAgC,MAAyC;AACvE,MAAO,OAAA,OAAO,MAAM,GAAQ,KAAA;AAC1B,QAAM,MAAA,EAAE,WAAY,EAAA,GAAI,IAAK,CAAA,MAAA;AAE7B,QAAA,MAAM,SAAS,WAAY,CAAA,QAAA;AAC3B,QAAA,IAAI,CAAC,MAAQ,EAAA;AACX,UAAM,MAAA,IAAI,MAAM,CAAiD,+CAAA,CAAA,CAAA;AAAA;AAGnE,QAAO,OAAA,GAAA,CAAI,sBAAsB,EAAE,SAAA,EAAW,EAAE,IAAM,EAAA,MAAA,IAAU,CAAA;AAAA,OAClE;AAAA;AACF;AAEJ,CAAC;;;;"}
1
+ {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/github/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Profile as PassportProfile } from 'passport';\nimport { AuthHandler, StateEncoder } from '../types';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport {\n createOAuthProviderFactory,\n OAuthAuthenticatorResult,\n ProfileTransform,\n SignInResolver,\n} from '@backstage/plugin-auth-node';\nimport { githubAuthenticator } from '@backstage/plugin-auth-backend-module-github-provider';\n\n/**\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport type GithubOAuthResult = {\n fullProfile: PassportProfile;\n params: {\n scope: string;\n expires_in?: string;\n refresh_token_expires_in?: string;\n };\n accessToken: string;\n refreshToken?: string;\n};\n\n/**\n * Auth provider integration for GitHub auth\n *\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport const github = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<GithubOAuthResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn?: {\n /**\n * Maps an auth result to a Backstage identity for the user.\n */\n resolver: SignInResolver<GithubOAuthResult>;\n };\n\n /**\n * The state encoder used to encode the 'state' parameter on the OAuth request.\n *\n * It should return a string that takes the state params (from the request), url encodes the params\n * and finally base64 encodes them.\n *\n * Providing your own stateEncoder will allow you to add addition parameters to the state field.\n *\n * It is typed as follows:\n * `export type StateEncoder = (input: OAuthState) => Promise<{encodedState: string}>;`\n *\n * Note: the stateEncoder must encode a 'nonce' value and an 'env' value. Without this, the OAuth flow will fail\n * (These two values will be set by the req.state by default)\n *\n * For more information, please see the helper module in ../../oauth/helpers #readState\n */\n stateEncoder?: StateEncoder;\n }) {\n const authHandler = options?.authHandler;\n const signInResolver = options?.signIn?.resolver;\n return createOAuthProviderFactory({\n authenticator: githubAuthenticator,\n profileTransform:\n authHandler &&\n ((async (result, ctx) =>\n authHandler!(\n {\n fullProfile: result.fullProfile,\n accessToken: result.session.accessToken,\n params: {\n scope: result.session.scope,\n expires_in: result.session.expiresInSeconds\n ? String(result.session.expiresInSeconds)\n : '',\n refresh_token_expires_in: result.session\n .refreshTokenExpiresInSeconds\n ? String(result.session.refreshTokenExpiresInSeconds)\n : '',\n },\n },\n ctx,\n )) as ProfileTransform<OAuthAuthenticatorResult<PassportProfile>>),\n signInResolver:\n signInResolver &&\n ((async ({ profile, result }, ctx) =>\n signInResolver(\n {\n profile: profile,\n result: {\n fullProfile: result.fullProfile,\n accessToken: result.session.accessToken,\n refreshToken: result.session.refreshToken,\n params: {\n scope: result.session.scope,\n expires_in: result.session.expiresInSeconds\n ? String(result.session.expiresInSeconds)\n : '',\n refresh_token_expires_in: result.session\n .refreshTokenExpiresInSeconds\n ? String(result.session.refreshTokenExpiresInSeconds)\n : '',\n },\n },\n },\n ctx,\n )) as SignInResolver<OAuthAuthenticatorResult<PassportProfile>>),\n });\n },\n resolvers: {\n /**\n * Looks up the user by matching their GitHub username to the entity name.\n */\n usernameMatchingUserEntityName: (): SignInResolver<GithubOAuthResult> => {\n return async (info, ctx) => {\n const { fullProfile } = info.result;\n\n const userId = fullProfile.username;\n if (!userId) {\n throw new Error(`GitHub user profile does not contain a username`);\n }\n\n return ctx.signInWithCatalogUser({ entityRef: { name: userId } });\n };\n },\n },\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","githubAuthenticator"],"mappings":";;;;;;AAgDO,MAAM,SAASA,2DAA8B,CAAA;AAAA,EAClD,OAAO,OAkCJ,EAAA;AACD,IAAA,MAAM,cAAc,OAAS,EAAA,WAAA;AAC7B,IAAM,MAAA,cAAA,GAAiB,SAAS,MAAQ,EAAA,QAAA;AACxC,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,yDAAA;AAAA,MACf,gBACE,EAAA,WAAA,KACE,OAAO,MAAA,EAAQ,GACf,KAAA,WAAA;AAAA,QACE;AAAA,UACE,aAAa,MAAO,CAAA,WAAA;AAAA,UACpB,WAAA,EAAa,OAAO,OAAQ,CAAA,WAAA;AAAA,UAC5B,MAAQ,EAAA;AAAA,YACN,KAAA,EAAO,OAAO,OAAQ,CAAA,KAAA;AAAA,YACtB,UAAA,EAAY,OAAO,OAAQ,CAAA,gBAAA,GACvB,OAAO,MAAO,CAAA,OAAA,CAAQ,gBAAgB,CACtC,GAAA,EAAA;AAAA,YACJ,wBAAA,EAA0B,OAAO,OAC9B,CAAA,4BAAA,GACC,OAAO,MAAO,CAAA,OAAA,CAAQ,4BAA4B,CAClD,GAAA;AAAA;AACN,SACF;AAAA,QACA;AAAA,OACF,CAAA;AAAA,MACJ,gBACE,cACE,KAAA,OAAO,EAAE,OAAS,EAAA,MAAA,IAAU,GAC5B,KAAA,cAAA;AAAA,QACE;AAAA,UACE,OAAA;AAAA,UACA,MAAQ,EAAA;AAAA,YACN,aAAa,MAAO,CAAA,WAAA;AAAA,YACpB,WAAA,EAAa,OAAO,OAAQ,CAAA,WAAA;AAAA,YAC5B,YAAA,EAAc,OAAO,OAAQ,CAAA,YAAA;AAAA,YAC7B,MAAQ,EAAA;AAAA,cACN,KAAA,EAAO,OAAO,OAAQ,CAAA,KAAA;AAAA,cACtB,UAAA,EAAY,OAAO,OAAQ,CAAA,gBAAA,GACvB,OAAO,MAAO,CAAA,OAAA,CAAQ,gBAAgB,CACtC,GAAA,EAAA;AAAA,cACJ,wBAAA,EAA0B,OAAO,OAC9B,CAAA,4BAAA,GACC,OAAO,MAAO,CAAA,OAAA,CAAQ,4BAA4B,CAClD,GAAA;AAAA;AACN;AACF,SACF;AAAA,QACA;AAAA,OACF;AAAA,KACL,CAAA;AAAA,GACH;AAAA,EACA,SAAW,EAAA;AAAA;AAAA;AAAA;AAAA,IAIT,gCAAgC,MAAyC;AACvE,MAAO,OAAA,OAAO,MAAM,GAAQ,KAAA;AAC1B,QAAM,MAAA,EAAE,WAAY,EAAA,GAAI,IAAK,CAAA,MAAA;AAE7B,QAAA,MAAM,SAAS,WAAY,CAAA,QAAA;AAC3B,QAAA,IAAI,CAAC,MAAQ,EAAA;AACX,UAAM,MAAA,IAAI,MAAM,CAAiD,+CAAA,CAAA,CAAA;AAAA;AAGnE,QAAO,OAAA,GAAA,CAAI,sBAAsB,EAAE,SAAA,EAAW,EAAE,IAAM,EAAA,MAAA,IAAU,CAAA;AAAA,OAClE;AAAA;AACF;AAEJ,CAAC;;;;"}
package/dist/providers/gitlab/provider.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/gitlab/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthHandler } from '../types';\nimport { OAuthResult } from '../../lib/oauth';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport {\n SignInResolver,\n createOAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport {\n adaptLegacyOAuthHandler,\n adaptLegacyOAuthSignInResolver,\n} from '../../lib/legacy';\nimport { gitlabAuthenticator } from '@backstage/plugin-auth-backend-module-gitlab-provider';\n\n/**\n * Auth provider integration for GitLab auth\n *\n * @public\n */\nexport const gitlab = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<OAuthResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn?: {\n resolver: SignInResolver<OAuthResult>;\n };\n }) {\n return createOAuthProviderFactory({\n authenticator: gitlabAuthenticator,\n profileTransform: adaptLegacyOAuthHandler(options?.authHandler),\n signInResolver: adaptLegacyOAuthSignInResolver(options?.signIn?.resolver),\n });\n },\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","gitlabAuthenticator","adaptLegacyOAuthHandler","adaptLegacyOAuthSignInResolver"],"mappings":";;;;;;;;AAkCO,MAAM,SAASA,2DAA8B,CAAA;AAAA,EAClD,OAAO,OAaJ,EAAA;AACD,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,yDAAA;AAAA,MACf,gBAAA,EAAkBC,+CAAwB,CAAA,OAAA,EAAS,WAAW,CAAA;AAAA,MAC9D,cAAgB,EAAAC,6DAAA,CAA+B,OAAS,EAAA,MAAA,EAAQ,QAAQ;AAAA,KACzE,CAAA;AAAA;AAEL,CAAC;;;;"}
1
+ {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/gitlab/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthHandler } from '../types';\nimport { OAuthResult } from '../../lib/oauth';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport {\n SignInResolver,\n createOAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport {\n adaptLegacyOAuthHandler,\n adaptLegacyOAuthSignInResolver,\n} from '../../lib/legacy';\nimport { gitlabAuthenticator } from '@backstage/plugin-auth-backend-module-gitlab-provider';\n\n/**\n * Auth provider integration for GitLab auth\n *\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport const gitlab = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<OAuthResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn?: {\n resolver: SignInResolver<OAuthResult>;\n };\n }) {\n return createOAuthProviderFactory({\n authenticator: gitlabAuthenticator,\n profileTransform: adaptLegacyOAuthHandler(options?.authHandler),\n signInResolver: adaptLegacyOAuthSignInResolver(options?.signIn?.resolver),\n });\n },\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","gitlabAuthenticator","adaptLegacyOAuthHandler","adaptLegacyOAuthSignInResolver"],"mappings":";;;;;;;;AAmCO,MAAM,SAASA,2DAA8B,CAAA;AAAA,EAClD,OAAO,OAaJ,EAAA;AACD,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,yDAAA;AAAA,MACf,gBAAA,EAAkBC,+CAAwB,CAAA,OAAA,EAAS,WAAW,CAAA;AAAA,MAC9D,cAAgB,EAAAC,6DAAA,CAA+B,OAAS,EAAA,MAAA,EAAQ,QAAQ;AAAA,KACzE,CAAA;AAAA;AAEL,CAAC;;;;"}
package/dist/providers/google/provider.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/google/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n googleAuthenticator,\n googleSignInResolvers,\n} from '@backstage/plugin-auth-backend-module-google-provider';\nimport {\n SignInResolver,\n commonSignInResolvers,\n createOAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport {\n adaptLegacyOAuthHandler,\n adaptLegacyOAuthSignInResolver,\n adaptOAuthSignInResolverToLegacy,\n} from '../../lib/legacy';\nimport { OAuthResult } from '../../lib/oauth';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport { AuthHandler } from '../types';\n\n/**\n * Auth provider integration for Google auth\n *\n * @public\n */\nexport const google = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<OAuthResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn?: {\n /**\n * Maps an auth result to a Backstage identity for the user.\n */\n resolver: SignInResolver<OAuthResult>;\n };\n }) {\n return createOAuthProviderFactory({\n authenticator: googleAuthenticator,\n profileTransform: adaptLegacyOAuthHandler(options?.authHandler),\n signInResolver: adaptLegacyOAuthSignInResolver(options?.signIn?.resolver),\n });\n },\n resolvers: adaptOAuthSignInResolverToLegacy({\n emailLocalPartMatchingUserEntityName:\n commonSignInResolvers.emailLocalPartMatchingUserEntityName(),\n emailMatchingUserEntityProfileEmail:\n commonSignInResolvers.emailMatchingUserEntityProfileEmail(),\n emailMatchingUserEntityAnnotation:\n googleSignInResolvers.emailMatchingUserEntityAnnotation(),\n }),\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","googleAuthenticator","adaptLegacyOAuthHandler","adaptLegacyOAuthSignInResolver","adaptOAuthSignInResolverToLegacy","commonSignInResolvers","googleSignInResolvers"],"mappings":";;;;;;;;;AAuCO,MAAM,SAASA,2DAA8B,CAAA;AAAA,EAClD,OAAO,OAgBJ,EAAA;AACD,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,yDAAA;AAAA,MACf,gBAAA,EAAkBC,+CAAwB,CAAA,OAAA,EAAS,WAAW,CAAA;AAAA,MAC9D,cAAgB,EAAAC,6DAAA,CAA+B,OAAS,EAAA,MAAA,EAAQ,QAAQ;AAAA,KACzE,CAAA;AAAA,GACH;AAAA,EACA,WAAWC,iEAAiC,CAAA;AAAA,IAC1C,oCAAA,EACEC,qCAAsB,oCAAqC,EAAA;AAAA,IAC7D,mCAAA,EACEA,qCAAsB,mCAAoC,EAAA;AAAA,IAC5D,iCAAA,EACEC,4DAAsB,iCAAkC;AAAA,GAC3D;AACH,CAAC;;;;"}
1
+ {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/google/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n googleAuthenticator,\n googleSignInResolvers,\n} from '@backstage/plugin-auth-backend-module-google-provider';\nimport {\n SignInResolver,\n commonSignInResolvers,\n createOAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport {\n adaptLegacyOAuthHandler,\n adaptLegacyOAuthSignInResolver,\n adaptOAuthSignInResolverToLegacy,\n} from '../../lib/legacy';\nimport { OAuthResult } from '../../lib/oauth';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport { AuthHandler } from '../types';\n\n/**\n * Auth provider integration for Google auth\n *\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport const google = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<OAuthResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn?: {\n /**\n * Maps an auth result to a Backstage identity for the user.\n */\n resolver: SignInResolver<OAuthResult>;\n };\n }) {\n return createOAuthProviderFactory({\n authenticator: googleAuthenticator,\n profileTransform: adaptLegacyOAuthHandler(options?.authHandler),\n signInResolver: adaptLegacyOAuthSignInResolver(options?.signIn?.resolver),\n });\n },\n resolvers: adaptOAuthSignInResolverToLegacy({\n emailLocalPartMatchingUserEntityName:\n commonSignInResolvers.emailLocalPartMatchingUserEntityName(),\n emailMatchingUserEntityProfileEmail:\n commonSignInResolvers.emailMatchingUserEntityProfileEmail(),\n emailMatchingUserEntityAnnotation:\n googleSignInResolvers.emailMatchingUserEntityAnnotation(),\n }),\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","googleAuthenticator","adaptLegacyOAuthHandler","adaptLegacyOAuthSignInResolver","adaptOAuthSignInResolverToLegacy","commonSignInResolvers","googleSignInResolvers"],"mappings":";;;;;;;;;AAwCO,MAAM,SAASA,2DAA8B,CAAA;AAAA,EAClD,OAAO,OAgBJ,EAAA;AACD,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,yDAAA;AAAA,MACf,gBAAA,EAAkBC,+CAAwB,CAAA,OAAA,EAAS,WAAW,CAAA;AAAA,MAC9D,cAAgB,EAAAC,6DAAA,CAA+B,OAAS,EAAA,MAAA,EAAQ,QAAQ;AAAA,KACzE,CAAA;AAAA,GACH;AAAA,EACA,WAAWC,iEAAiC,CAAA;AAAA,IAC1C,oCAAA,EACEC,qCAAsB,oCAAqC,EAAA;AAAA,IAC7D,mCAAA,EACEA,qCAAsB,mCAAoC,EAAA;AAAA,IAC5D,iCAAA,EACEC,4DAAsB,iCAAkC;AAAA,GAC3D;AACH,CAAC;;;;"}
package/dist/providers/microsoft/provider.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/microsoft/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthHandler } from '../types';\nimport { OAuthResult } from '../../lib/oauth';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport {\n SignInResolver,\n commonSignInResolvers,\n createOAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport {\n adaptLegacyOAuthHandler,\n adaptLegacyOAuthSignInResolver,\n adaptOAuthSignInResolverToLegacy,\n} from '../../lib/legacy';\nimport {\n microsoftAuthenticator,\n microsoftSignInResolvers,\n} from '@backstage/plugin-auth-backend-module-microsoft-provider';\n\n/**\n * Auth provider integration for Microsoft auth\n *\n * @public\n */\nexport const microsoft = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<OAuthResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn?: {\n resolver: SignInResolver<OAuthResult>;\n };\n }) {\n return createOAuthProviderFactory({\n authenticator: microsoftAuthenticator,\n profileTransform: adaptLegacyOAuthHandler(options?.authHandler),\n signInResolver: adaptLegacyOAuthSignInResolver(options?.signIn?.resolver),\n });\n },\n resolvers: adaptOAuthSignInResolverToLegacy({\n emailLocalPartMatchingUserEntityName:\n commonSignInResolvers.emailLocalPartMatchingUserEntityName(),\n emailMatchingUserEntityProfileEmail:\n commonSignInResolvers.emailMatchingUserEntityProfileEmail(),\n emailMatchingUserEntityAnnotation:\n microsoftSignInResolvers.emailMatchingUserEntityAnnotation(),\n userIdMatchingUserEntityAnnotation:\n microsoftSignInResolvers.userIdMatchingUserEntityAnnotation(),\n }),\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","microsoftAuthenticator","adaptLegacyOAuthHandler","adaptLegacyOAuthSignInResolver","adaptOAuthSignInResolverToLegacy","commonSignInResolvers","microsoftSignInResolvers"],"mappings":";;;;;;;;;AAuCO,MAAM,YAAYA,2DAA8B,CAAA;AAAA,EACrD,OAAO,OAaJ,EAAA;AACD,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,+DAAA;AAAA,MACf,gBAAA,EAAkBC,+CAAwB,CAAA,OAAA,EAAS,WAAW,CAAA;AAAA,MAC9D,cAAgB,EAAAC,6DAAA,CAA+B,OAAS,EAAA,MAAA,EAAQ,QAAQ;AAAA,KACzE,CAAA;AAAA,GACH;AAAA,EACA,WAAWC,iEAAiC,CAAA;AAAA,IAC1C,oCAAA,EACEC,qCAAsB,oCAAqC,EAAA;AAAA,IAC7D,mCAAA,EACEA,qCAAsB,mCAAoC,EAAA;AAAA,IAC5D,iCAAA,EACEC,kEAAyB,iCAAkC,EAAA;AAAA,IAC7D,kCAAA,EACEA,kEAAyB,kCAAmC;AAAA,GAC/D;AACH,CAAC;;;;"}
1
+ {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/microsoft/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthHandler } from '../types';\nimport { OAuthResult } from '../../lib/oauth';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport {\n SignInResolver,\n commonSignInResolvers,\n createOAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport {\n adaptLegacyOAuthHandler,\n adaptLegacyOAuthSignInResolver,\n adaptOAuthSignInResolverToLegacy,\n} from '../../lib/legacy';\nimport {\n microsoftAuthenticator,\n microsoftSignInResolvers,\n} from '@backstage/plugin-auth-backend-module-microsoft-provider';\n\n/**\n * Auth provider integration for Microsoft auth\n *\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport const microsoft = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<OAuthResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn?: {\n resolver: SignInResolver<OAuthResult>;\n };\n }) {\n return createOAuthProviderFactory({\n authenticator: microsoftAuthenticator,\n profileTransform: adaptLegacyOAuthHandler(options?.authHandler),\n signInResolver: adaptLegacyOAuthSignInResolver(options?.signIn?.resolver),\n });\n },\n resolvers: adaptOAuthSignInResolverToLegacy({\n emailLocalPartMatchingUserEntityName:\n commonSignInResolvers.emailLocalPartMatchingUserEntityName(),\n emailMatchingUserEntityProfileEmail:\n commonSignInResolvers.emailMatchingUserEntityProfileEmail(),\n emailMatchingUserEntityAnnotation:\n microsoftSignInResolvers.emailMatchingUserEntityAnnotation(),\n userIdMatchingUserEntityAnnotation:\n microsoftSignInResolvers.userIdMatchingUserEntityAnnotation(),\n }),\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","microsoftAuthenticator","adaptLegacyOAuthHandler","adaptLegacyOAuthSignInResolver","adaptOAuthSignInResolverToLegacy","commonSignInResolvers","microsoftSignInResolvers"],"mappings":";;;;;;;;;AAwCO,MAAM,YAAYA,2DAA8B,CAAA;AAAA,EACrD,OAAO,OAaJ,EAAA;AACD,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,+DAAA;AAAA,MACf,gBAAA,EAAkBC,+CAAwB,CAAA,OAAA,EAAS,WAAW,CAAA;AAAA,MAC9D,cAAgB,EAAAC,6DAAA,CAA+B,OAAS,EAAA,MAAA,EAAQ,QAAQ;AAAA,KACzE,CAAA;AAAA,GACH;AAAA,EACA,WAAWC,iEAAiC,CAAA;AAAA,IAC1C,oCAAA,EACEC,qCAAsB,oCAAqC,EAAA;AAAA,IAC7D,mCAAA,EACEA,qCAAsB,mCAAoC,EAAA;AAAA,IAC5D,iCAAA,EACEC,kEAAyB,iCAAkC,EAAA;AAAA,IAC7D,kCAAA,EACEA,kEAAyB,kCAAmC;AAAA,GAC/D;AACH,CAAC;;;;"}
package/dist/providers/oauth2/provider.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/oauth2/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { OAuthResult } from '../../lib/oauth';\nimport { AuthHandler } from '../types';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport {\n adaptLegacyOAuthHandler,\n adaptLegacyOAuthSignInResolver,\n} from '../../lib/legacy';\nimport {\n SignInResolver,\n createOAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport { oauth2Authenticator } from '@backstage/plugin-auth-backend-module-oauth2-provider';\n\n/**\n * Auth provider integration for generic OAuth2 auth\n *\n * @public\n */\nexport const oauth2 = createAuthProviderIntegration({\n create(options?: {\n authHandler?: AuthHandler<OAuthResult>;\n\n signIn?: {\n resolver: SignInResolver<OAuthResult>;\n };\n }) {\n return createOAuthProviderFactory({\n authenticator: oauth2Authenticator,\n profileTransform: adaptLegacyOAuthHandler(options?.authHandler),\n signInResolver: adaptLegacyOAuthSignInResolver(options?.signIn?.resolver),\n });\n },\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","oauth2Authenticator","adaptLegacyOAuthHandler","adaptLegacyOAuthSignInResolver"],"mappings":";;;;;;;;AAkCO,MAAM,SAASA,2DAA8B,CAAA;AAAA,EAClD,OAAO,OAMJ,EAAA;AACD,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,yDAAA;AAAA,MACf,gBAAA,EAAkBC,+CAAwB,CAAA,OAAA,EAAS,WAAW,CAAA;AAAA,MAC9D,cAAgB,EAAAC,6DAAA,CAA+B,OAAS,EAAA,MAAA,EAAQ,QAAQ;AAAA,KACzE,CAAA;AAAA;AAEL,CAAC;;;;"}
1
+ {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/oauth2/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { OAuthResult } from '../../lib/oauth';\nimport { AuthHandler } from '../types';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport {\n adaptLegacyOAuthHandler,\n adaptLegacyOAuthSignInResolver,\n} from '../../lib/legacy';\nimport {\n SignInResolver,\n createOAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport { oauth2Authenticator } from '@backstage/plugin-auth-backend-module-oauth2-provider';\n\n/**\n * Auth provider integration for generic OAuth2 auth\n *\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport const oauth2 = createAuthProviderIntegration({\n create(options?: {\n authHandler?: AuthHandler<OAuthResult>;\n\n signIn?: {\n resolver: SignInResolver<OAuthResult>;\n };\n }) {\n return createOAuthProviderFactory({\n authenticator: oauth2Authenticator,\n profileTransform: adaptLegacyOAuthHandler(options?.authHandler),\n signInResolver: adaptLegacyOAuthSignInResolver(options?.signIn?.resolver),\n });\n },\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","oauth2Authenticator","adaptLegacyOAuthHandler","adaptLegacyOAuthSignInResolver"],"mappings":";;;;;;;;AAmCO,MAAM,SAASA,2DAA8B,CAAA;AAAA,EAClD,OAAO,OAMJ,EAAA;AACD,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,yDAAA;AAAA,MACf,gBAAA,EAAkBC,+CAAwB,CAAA,OAAA,EAAS,WAAW,CAAA;AAAA,MAC9D,cAAgB,EAAAC,6DAAA,CAA+B,OAAS,EAAA,MAAA,EAAQ,QAAQ;AAAA,KACzE,CAAA;AAAA;AAEL,CAAC;;;;"}
package/dist/providers/oauth2-proxy/provider.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/oauth2-proxy/provider.ts"],"sourcesContent":["/*\n * Copyright 2021 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n SignInResolver,\n createProxyAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport { AuthHandler } from '../types';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport {\n type OAuth2ProxyResult,\n oauth2ProxyAuthenticator,\n} from '@backstage/plugin-auth-backend-module-oauth2-proxy-provider';\n\n/**\n * Auth provider integration for oauth2-proxy auth\n *\n * @public\n */\nexport const oauth2Proxy = createAuthProviderIntegration({\n create(options: {\n /**\n * Configure an auth handler to generate a profile for the user.\n *\n * The default implementation uses the value of the `X-Forwarded-Preferred-Username`\n * header as the display name, falling back to `X-Forwarded-User`, and the value of\n * the `X-Forwarded-Email` header as the email address.\n */\n authHandler?: AuthHandler<OAuth2ProxyResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn: {\n /**\n * Maps an auth result to a Backstage identity for the user.\n */\n resolver: SignInResolver<OAuth2ProxyResult>;\n };\n }) {\n return createProxyAuthProviderFactory({\n authenticator: oauth2ProxyAuthenticator,\n profileTransform: options?.authHandler,\n signInResolver: options?.signIn?.resolver,\n });\n },\n});\n"],"names":["createAuthProviderIntegration","createProxyAuthProviderFactory","oauth2ProxyAuthenticator"],"mappings":";;;;;;AAgCO,MAAM,cAAcA,2DAA8B,CAAA;AAAA,EACvD,OAAO,OAmBJ,EAAA;AACD,IAAA,OAAOC,6CAA+B,CAAA;AAAA,MACpC,aAAe,EAAAC,mEAAA;AAAA,MACf,kBAAkB,OAAS,EAAA,WAAA;AAAA,MAC3B,cAAA,EAAgB,SAAS,MAAQ,EAAA;AAAA,KAClC,CAAA;AAAA;AAEL,CAAC;;;;"}
1
+ {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/oauth2-proxy/provider.ts"],"sourcesContent":["/*\n * Copyright 2021 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n SignInResolver,\n createProxyAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport { AuthHandler } from '../types';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport {\n type OAuth2ProxyResult,\n oauth2ProxyAuthenticator,\n} from '@backstage/plugin-auth-backend-module-oauth2-proxy-provider';\n\n/**\n * Auth provider integration for oauth2-proxy auth\n *\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport const oauth2Proxy = createAuthProviderIntegration({\n create(options: {\n /**\n * Configure an auth handler to generate a profile for the user.\n *\n * The default implementation uses the value of the `X-Forwarded-Preferred-Username`\n * header as the display name, falling back to `X-Forwarded-User`, and the value of\n * the `X-Forwarded-Email` header as the email address.\n */\n authHandler?: AuthHandler<OAuth2ProxyResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn: {\n /**\n * Maps an auth result to a Backstage identity for the user.\n */\n resolver: SignInResolver<OAuth2ProxyResult>;\n };\n }) {\n return createProxyAuthProviderFactory({\n authenticator: oauth2ProxyAuthenticator,\n profileTransform: options?.authHandler,\n signInResolver: options?.signIn?.resolver,\n });\n },\n});\n"],"names":["createAuthProviderIntegration","createProxyAuthProviderFactory","oauth2ProxyAuthenticator"],"mappings":";;;;;;AAiCO,MAAM,cAAcA,2DAA8B,CAAA;AAAA,EACvD,OAAO,OAmBJ,EAAA;AACD,IAAA,OAAOC,6CAA+B,CAAA;AAAA,MACpC,aAAe,EAAAC,mEAAA;AAAA,MACf,kBAAkB,OAAS,EAAA,WAAA;AAAA,MAC3B,cAAA,EAAgB,SAAS,MAAQ,EAAA;AAAA,KAClC,CAAA;AAAA;AAEL,CAAC;;;;"}
package/dist/providers/oidc/provider.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/oidc/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthHandler } from '../types';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport {\n createOAuthProviderFactory,\n AuthResolverContext,\n BackstageSignInResult,\n OAuthAuthenticatorResult,\n SignInInfo,\n SignInResolver,\n} from '@backstage/plugin-auth-node';\nimport {\n oidcAuthenticator,\n OidcAuthResult,\n} from '@backstage/plugin-auth-backend-module-oidc-provider';\nimport {\n commonByEmailLocalPartResolver,\n commonByEmailResolver,\n} from '../resolvers';\n\n/**\n * Auth provider integration for generic OpenID Connect auth\n *\n * @public\n */\nexport const oidc = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<OidcAuthResult>;\n\n /**\n * Configure sign-in for this provider; convert user profile respones into\n * Backstage identities.\n */\n signIn?: {\n resolver: SignInResolver<OidcAuthResult>;\n };\n }) {\n const authHandler = options?.authHandler;\n const signInResolver = options?.signIn?.resolver;\n return createOAuthProviderFactory({\n authenticator: oidcAuthenticator,\n profileTransform:\n authHandler &&\n ((\n result: OAuthAuthenticatorResult<OidcAuthResult>,\n context: AuthResolverContext,\n ) => authHandler(result.fullProfile, context)),\n signInResolver:\n signInResolver &&\n ((\n info: SignInInfo<OAuthAuthenticatorResult<OidcAuthResult>>,\n context: AuthResolverContext,\n ): Promise<BackstageSignInResult> =>\n signInResolver(\n {\n result: info.result.fullProfile,\n profile: info.profile,\n },\n context,\n )),\n });\n },\n resolvers: {\n /**\n * Looks up the user by matching their email local part to the entity name.\n */\n emailLocalPartMatchingUserEntityName: () => commonByEmailLocalPartResolver,\n /**\n * Looks up the user by matching their email to the entity email.\n */\n emailMatchingUserEntityProfileEmail: () => commonByEmailResolver,\n },\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","oidcAuthenticator","commonByEmailLocalPartResolver","commonByEmailResolver"],"mappings":";;;;;;;AAwCO,MAAM,OAAOA,2DAA8B,CAAA;AAAA,EAChD,OAAO,OAcJ,EAAA;AACD,IAAA,MAAM,cAAc,OAAS,EAAA,WAAA;AAC7B,IAAM,MAAA,cAAA,GAAiB,SAAS,MAAQ,EAAA,QAAA;AACxC,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,qDAAA;AAAA,MACf,gBAAA,EACE,gBACC,CACC,MAAA,EACA,YACG,WAAY,CAAA,MAAA,CAAO,aAAa,OAAO,CAAA,CAAA;AAAA,MAC9C,cACE,EAAA,cAAA,KACC,CACC,IAAA,EACA,OAEA,KAAA,cAAA;AAAA,QACE;AAAA,UACE,MAAA,EAAQ,KAAK,MAAO,CAAA,WAAA;AAAA,UACpB,SAAS,IAAK,CAAA;AAAA,SAChB;AAAA,QACA;AAAA,OACF;AAAA,KACL,CAAA;AAAA,GACH;AAAA,EACA,SAAW,EAAA;AAAA;AAAA;AAAA;AAAA,IAIT,sCAAsC,MAAMC,wCAAA;AAAA;AAAA;AAAA;AAAA,IAI5C,qCAAqC,MAAMC;AAAA;AAE/C,CAAC;;;;"}
1
+ {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/oidc/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthHandler } from '../types';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport {\n createOAuthProviderFactory,\n AuthResolverContext,\n BackstageSignInResult,\n OAuthAuthenticatorResult,\n SignInInfo,\n SignInResolver,\n} from '@backstage/plugin-auth-node';\nimport {\n oidcAuthenticator,\n OidcAuthResult,\n} from '@backstage/plugin-auth-backend-module-oidc-provider';\nimport {\n commonByEmailLocalPartResolver,\n commonByEmailResolver,\n} from '../resolvers';\n\n/**\n * Auth provider integration for generic OpenID Connect auth\n *\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport const oidc = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<OidcAuthResult>;\n\n /**\n * Configure sign-in for this provider; convert user profile respones into\n * Backstage identities.\n */\n signIn?: {\n resolver: SignInResolver<OidcAuthResult>;\n };\n }) {\n const authHandler = options?.authHandler;\n const signInResolver = options?.signIn?.resolver;\n return createOAuthProviderFactory({\n authenticator: oidcAuthenticator,\n profileTransform:\n authHandler &&\n ((\n result: OAuthAuthenticatorResult<OidcAuthResult>,\n context: AuthResolverContext,\n ) => authHandler(result.fullProfile, context)),\n signInResolver:\n signInResolver &&\n ((\n info: SignInInfo<OAuthAuthenticatorResult<OidcAuthResult>>,\n context: AuthResolverContext,\n ): Promise<BackstageSignInResult> =>\n signInResolver(\n {\n result: info.result.fullProfile,\n profile: info.profile,\n },\n context,\n )),\n });\n },\n resolvers: {\n /**\n * Looks up the user by matching their email local part to the entity name.\n */\n emailLocalPartMatchingUserEntityName: () => commonByEmailLocalPartResolver,\n /**\n * Looks up the user by matching their email to the entity email.\n */\n emailMatchingUserEntityProfileEmail: () => commonByEmailResolver,\n },\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","oidcAuthenticator","commonByEmailLocalPartResolver","commonByEmailResolver"],"mappings":";;;;;;;AAyCO,MAAM,OAAOA,2DAA8B,CAAA;AAAA,EAChD,OAAO,OAcJ,EAAA;AACD,IAAA,MAAM,cAAc,OAAS,EAAA,WAAA;AAC7B,IAAM,MAAA,cAAA,GAAiB,SAAS,MAAQ,EAAA,QAAA;AACxC,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,qDAAA;AAAA,MACf,gBAAA,EACE,gBACC,CACC,MAAA,EACA,YACG,WAAY,CAAA,MAAA,CAAO,aAAa,OAAO,CAAA,CAAA;AAAA,MAC9C,cACE,EAAA,cAAA,KACC,CACC,IAAA,EACA,OAEA,KAAA,cAAA;AAAA,QACE;AAAA,UACE,MAAA,EAAQ,KAAK,MAAO,CAAA,WAAA;AAAA,UACpB,SAAS,IAAK,CAAA;AAAA,SAChB;AAAA,QACA;AAAA,OACF;AAAA,KACL,CAAA;AAAA,GACH;AAAA,EACA,SAAW,EAAA;AAAA;AAAA;AAAA;AAAA,IAIT,sCAAsC,MAAMC,wCAAA;AAAA;AAAA;AAAA;AAAA,IAI5C,qCAAqC,MAAMC;AAAA;AAE/C,CAAC;;;;"}
package/dist/providers/okta/provider.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/okta/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthHandler } from '../types';\nimport { OAuthResult } from '../../lib/oauth';\n\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport {\n SignInResolver,\n createOAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport {\n adaptLegacyOAuthHandler,\n adaptLegacyOAuthSignInResolver,\n} from '../../lib/legacy';\nimport { oktaAuthenticator } from '@backstage/plugin-auth-backend-module-okta-provider';\nimport {\n commonByEmailLocalPartResolver,\n commonByEmailResolver,\n} from '../resolvers';\n\n/**\n * Auth provider integration for Okta auth\n *\n * @public\n */\nexport const okta = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<OAuthResult>;\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn?: {\n resolver: SignInResolver<OAuthResult>;\n };\n }) {\n return createOAuthProviderFactory({\n authenticator: oktaAuthenticator,\n profileTransform: adaptLegacyOAuthHandler(options?.authHandler),\n signInResolver: adaptLegacyOAuthSignInResolver(options?.signIn?.resolver),\n });\n },\n resolvers: {\n /**\n * Looks up the user by matching their email local part to the entity name.\n */\n emailLocalPartMatchingUserEntityName: () => commonByEmailLocalPartResolver,\n /**\n * Looks up the user by matching their email to the entity email.\n */\n emailMatchingUserEntityProfileEmail: () => commonByEmailResolver,\n /**\n * Looks up the user by matching their email to the `okta.com/email` annotation.\n */\n emailMatchingUserEntityAnnotation(): SignInResolver<OAuthResult> {\n return async (info, ctx) => {\n const { profile } = info;\n\n if (!profile.email) {\n throw new Error('Okta profile contained no email');\n }\n\n return ctx.signInWithCatalogUser({\n annotations: {\n 'okta.com/email': profile.email,\n },\n });\n };\n },\n },\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","oktaAuthenticator","adaptLegacyOAuthHandler","adaptLegacyOAuthSignInResolver","commonByEmailLocalPartResolver","commonByEmailResolver"],"mappings":";;;;;;;;;AAuCO,MAAM,OAAOA,2DAA8B,CAAA;AAAA,EAChD,OAAO,OAYJ,EAAA;AACD,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,qDAAA;AAAA,MACf,gBAAA,EAAkBC,+CAAwB,CAAA,OAAA,EAAS,WAAW,CAAA;AAAA,MAC9D,cAAgB,EAAAC,6DAAA,CAA+B,OAAS,EAAA,MAAA,EAAQ,QAAQ;AAAA,KACzE,CAAA;AAAA,GACH;AAAA,EACA,SAAW,EAAA;AAAA;AAAA;AAAA;AAAA,IAIT,sCAAsC,MAAMC,wCAAA;AAAA;AAAA;AAAA;AAAA,IAI5C,qCAAqC,MAAMC,+BAAA;AAAA;AAAA;AAAA;AAAA,IAI3C,iCAAiE,GAAA;AAC/D,MAAO,OAAA,OAAO,MAAM,GAAQ,KAAA;AAC1B,QAAM,MAAA,EAAE,SAAY,GAAA,IAAA;AAEpB,QAAI,IAAA,CAAC,QAAQ,KAAO,EAAA;AAClB,UAAM,MAAA,IAAI,MAAM,iCAAiC,CAAA;AAAA;AAGnD,QAAA,OAAO,IAAI,qBAAsB,CAAA;AAAA,UAC/B,WAAa,EAAA;AAAA,YACX,kBAAkB,OAAQ,CAAA;AAAA;AAC5B,SACD,CAAA;AAAA,OACH;AAAA;AACF;AAEJ,CAAC;;;;"}
1
+ {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/okta/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthHandler } from '../types';\nimport { OAuthResult } from '../../lib/oauth';\n\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport {\n SignInResolver,\n createOAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport {\n adaptLegacyOAuthHandler,\n adaptLegacyOAuthSignInResolver,\n} from '../../lib/legacy';\nimport { oktaAuthenticator } from '@backstage/plugin-auth-backend-module-okta-provider';\nimport {\n commonByEmailLocalPartResolver,\n commonByEmailResolver,\n} from '../resolvers';\n\n/**\n * Auth provider integration for Okta auth\n *\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport const okta = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<OAuthResult>;\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn?: {\n resolver: SignInResolver<OAuthResult>;\n };\n }) {\n return createOAuthProviderFactory({\n authenticator: oktaAuthenticator,\n profileTransform: adaptLegacyOAuthHandler(options?.authHandler),\n signInResolver: adaptLegacyOAuthSignInResolver(options?.signIn?.resolver),\n });\n },\n resolvers: {\n /**\n * Looks up the user by matching their email local part to the entity name.\n */\n emailLocalPartMatchingUserEntityName: () => commonByEmailLocalPartResolver,\n /**\n * Looks up the user by matching their email to the entity email.\n */\n emailMatchingUserEntityProfileEmail: () => commonByEmailResolver,\n /**\n * Looks up the user by matching their email to the `okta.com/email` annotation.\n */\n emailMatchingUserEntityAnnotation(): SignInResolver<OAuthResult> {\n return async (info, ctx) => {\n const { profile } = info;\n\n if (!profile.email) {\n throw new Error('Okta profile contained no email');\n }\n\n return ctx.signInWithCatalogUser({\n annotations: {\n 'okta.com/email': profile.email,\n },\n });\n };\n },\n },\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","oktaAuthenticator","adaptLegacyOAuthHandler","adaptLegacyOAuthSignInResolver","commonByEmailLocalPartResolver","commonByEmailResolver"],"mappings":";;;;;;;;;AAwCO,MAAM,OAAOA,2DAA8B,CAAA;AAAA,EAChD,OAAO,OAYJ,EAAA;AACD,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,qDAAA;AAAA,MACf,gBAAA,EAAkBC,+CAAwB,CAAA,OAAA,EAAS,WAAW,CAAA;AAAA,MAC9D,cAAgB,EAAAC,6DAAA,CAA+B,OAAS,EAAA,MAAA,EAAQ,QAAQ;AAAA,KACzE,CAAA;AAAA,GACH;AAAA,EACA,SAAW,EAAA;AAAA;AAAA;AAAA;AAAA,IAIT,sCAAsC,MAAMC,wCAAA;AAAA;AAAA;AAAA;AAAA,IAI5C,qCAAqC,MAAMC,+BAAA;AAAA;AAAA;AAAA;AAAA,IAI3C,iCAAiE,GAAA;AAC/D,MAAO,OAAA,OAAO,MAAM,GAAQ,KAAA;AAC1B,QAAM,MAAA,EAAE,SAAY,GAAA,IAAA;AAEpB,QAAI,IAAA,CAAC,QAAQ,KAAO,EAAA;AAClB,UAAM,MAAA,IAAI,MAAM,iCAAiC,CAAA;AAAA;AAGnD,QAAA,OAAO,IAAI,qBAAsB,CAAA;AAAA,UAC/B,WAAa,EAAA;AAAA,YACX,kBAAkB,OAAQ,CAAA;AAAA;AAC5B,SACD,CAAA;AAAA,OACH;AAAA;AACF;AAEJ,CAAC;;;;"}
package/dist/providers/onelogin/provider.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/onelogin/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { oneLoginAuthenticator } from '@backstage/plugin-auth-backend-module-onelogin-provider';\nimport {\n SignInResolver,\n createOAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport {\n adaptLegacyOAuthHandler,\n adaptLegacyOAuthSignInResolver,\n} from '../../lib/legacy';\nimport { OAuthResult } from '../../lib/oauth';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport { AuthHandler } from '../types';\n\n/**\n * Auth provider integration for OneLogin auth\n *\n * @public\n */\nexport const onelogin = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<OAuthResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn?: {\n /**\n * Maps an auth result to a Backstage identity for the user.\n */\n resolver: SignInResolver<OAuthResult>;\n };\n }) {\n return createOAuthProviderFactory({\n authenticator: oneLoginAuthenticator,\n profileTransform: adaptLegacyOAuthHandler(options?.authHandler),\n signInResolver: adaptLegacyOAuthSignInResolver(options?.signIn?.resolver),\n });\n },\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","oneLoginAuthenticator","adaptLegacyOAuthHandler","adaptLegacyOAuthSignInResolver"],"mappings":";;;;;;;;AAkCO,MAAM,WAAWA,2DAA8B,CAAA;AAAA,EACpD,OAAO,OAgBJ,EAAA;AACD,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,6DAAA;AAAA,MACf,gBAAA,EAAkBC,+CAAwB,CAAA,OAAA,EAAS,WAAW,CAAA;AAAA,MAC9D,cAAgB,EAAAC,6DAAA,CAA+B,OAAS,EAAA,MAAA,EAAQ,QAAQ;AAAA,KACzE,CAAA;AAAA;AAEL,CAAC;;;;"}
1
+ {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/onelogin/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { oneLoginAuthenticator } from '@backstage/plugin-auth-backend-module-onelogin-provider';\nimport {\n SignInResolver,\n createOAuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport {\n adaptLegacyOAuthHandler,\n adaptLegacyOAuthSignInResolver,\n} from '../../lib/legacy';\nimport { OAuthResult } from '../../lib/oauth';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport { AuthHandler } from '../types';\n\n/**\n * Auth provider integration for OneLogin auth\n *\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport const onelogin = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<OAuthResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn?: {\n /**\n * Maps an auth result to a Backstage identity for the user.\n */\n resolver: SignInResolver<OAuthResult>;\n };\n }) {\n return createOAuthProviderFactory({\n authenticator: oneLoginAuthenticator,\n profileTransform: adaptLegacyOAuthHandler(options?.authHandler),\n signInResolver: adaptLegacyOAuthSignInResolver(options?.signIn?.resolver),\n });\n },\n});\n"],"names":["createAuthProviderIntegration","createOAuthProviderFactory","oneLoginAuthenticator","adaptLegacyOAuthHandler","adaptLegacyOAuthSignInResolver"],"mappings":";;;;;;;;AAmCO,MAAM,WAAWA,2DAA8B,CAAA;AAAA,EACpD,OAAO,OAgBJ,EAAA;AACD,IAAA,OAAOC,yCAA2B,CAAA;AAAA,MAChC,aAAe,EAAAC,6DAAA;AAAA,MACf,gBAAA,EAAkBC,+CAAwB,CAAA,OAAA,EAAS,WAAW,CAAA;AAAA,MAC9D,cAAgB,EAAAC,6DAAA,CAA+B,OAAS,EAAA,MAAA,EAAQ,QAAQ;AAAA,KACzE,CAAA;AAAA;AAEL,CAAC;;;;"}
package/dist/providers/providers.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"providers.cjs.js","sources":["../../src/providers/providers.ts"],"sourcesContent":["/*\n * Copyright 2022 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { atlassian } from './atlassian';\nimport { auth0 } from './auth0';\nimport { awsAlb } from './aws-alb';\nimport { bitbucket } from './bitbucket';\nimport { cfAccess } from './cloudflare-access';\nimport { gcpIap } from './gcp-iap';\nimport { github } from './github';\nimport { gitlab } from './gitlab';\nimport { google } from './google';\nimport { microsoft } from './microsoft';\nimport { oauth2 } from './oauth2';\nimport { oauth2Proxy } from './oauth2-proxy';\nimport { oidc } from './oidc';\nimport { okta } from './okta';\nimport { onelogin } from './onelogin';\nimport { saml } from './saml';\nimport { bitbucketServer } from './bitbucketServer';\nimport { easyAuth } from './azure-easyauth';\nimport { AuthProviderFactory } from '@backstage/plugin-auth-node';\n\n/**\n * All built-in auth provider integrations.\n *\n * @public\n */\nexport const providers = Object.freeze({\n atlassian,\n auth0,\n awsAlb,\n bitbucket,\n bitbucketServer,\n cfAccess,\n gcpIap,\n github,\n gitlab,\n google,\n microsoft,\n oauth2,\n oauth2Proxy,\n oidc,\n okta,\n onelogin,\n saml,\n easyAuth,\n});\n\n/**\n * All auth provider factories that are installed by default.\n *\n * @public\n */\nexport const defaultAuthProviderFactories: {\n [providerId: string]: AuthProviderFactory;\n} = {\n google: google.create(),\n github: github.create(),\n gitlab: gitlab.create(),\n saml: saml.create(),\n okta: okta.create(),\n auth0: auth0.create(),\n microsoft: microsoft.create(),\n easyAuth: easyAuth.create(),\n oauth2: oauth2.create(),\n oidc: oidc.create(),\n onelogin: onelogin.create(),\n awsalb: awsAlb.create(),\n bitbucket: bitbucket.create(),\n bitbucketServer: bitbucketServer.create(),\n atlassian: atlassian.create(),\n};\n"],"names":["atlassian","auth0","awsAlb","bitbucket","bitbucketServer","cfAccess","gcpIap","github","gitlab","google","microsoft","oauth2","oauth2Proxy","oidc","okta","onelogin","saml","easyAuth"],"mappings":";;;;;;;;;;;;;;;;;;;;;AAyCa,MAAA,SAAA,GAAY,OAAO,MAAO,CAAA;AAAA,aACrCA,oBAAA;AAAA,SACAC,gBAAA;AAAA,UACAC,iBAAA;AAAA,aACAC,oBAAA;AAAA,mBACAC,0BAAA;AAAA,YACAC,mBAAA;AAAA,UACAC,iBAAA;AAAA,UACAC,iBAAA;AAAA,UACAC,iBAAA;AAAA,UACAC,eAAA;AAAA,aACAC,oBAAA;AAAA,UACAC,iBAAA;AAAA,eACAC,sBAAA;AAAA,QACAC,eAAA;AAAA,QACAC,eAAA;AAAA,YACAC,mBAAA;AAAA,QACAC,eAAA;AAAA,YACAC;AACF,CAAC;AAOM,MAAM,4BAET,GAAA;AAAA,EACF,MAAA,EAAQR,gBAAO,MAAO,EAAA;AAAA,EACtB,MAAA,EAAQF,kBAAO,MAAO,EAAA;AAAA,EACtB,MAAA,EAAQC,kBAAO,MAAO,EAAA;AAAA,EACtB,IAAA,EAAMQ,gBAAK,MAAO,EAAA;AAAA,EAClB,IAAA,EAAMF,gBAAK,MAAO,EAAA;AAAA,EAClB,KAAA,EAAOb,iBAAM,MAAO,EAAA;AAAA,EACpB,SAAA,EAAWS,qBAAU,MAAO,EAAA;AAAA,EAC5B,QAAA,EAAUO,oBAAS,MAAO,EAAA;AAAA,EAC1B,MAAA,EAAQN,kBAAO,MAAO,EAAA;AAAA,EACtB,IAAA,EAAME,gBAAK,MAAO,EAAA;AAAA,EAClB,QAAA,EAAUE,oBAAS,MAAO,EAAA;AAAA,EAC1B,MAAA,EAAQb,kBAAO,MAAO,EAAA;AAAA,EACtB,SAAA,EAAWC,qBAAU,MAAO,EAAA;AAAA,EAC5B,eAAA,EAAiBC,2BAAgB,MAAO,EAAA;AAAA,EACxC,SAAA,EAAWJ,qBAAU,MAAO;AAC9B;;;;;"}
1
+ {"version":3,"file":"providers.cjs.js","sources":["../../src/providers/providers.ts"],"sourcesContent":["/*\n * Copyright 2022 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { atlassian } from './atlassian';\nimport { auth0 } from './auth0';\nimport { awsAlb } from './aws-alb';\nimport { bitbucket } from './bitbucket';\nimport { cfAccess } from './cloudflare-access';\nimport { gcpIap } from './gcp-iap';\nimport { github } from './github';\nimport { gitlab } from './gitlab';\nimport { google } from './google';\nimport { microsoft } from './microsoft';\nimport { oauth2 } from './oauth2';\nimport { oauth2Proxy } from './oauth2-proxy';\nimport { oidc } from './oidc';\nimport { okta } from './okta';\nimport { onelogin } from './onelogin';\nimport { saml } from './saml';\nimport { bitbucketServer } from './bitbucketServer';\nimport { easyAuth } from './azure-easyauth';\nimport { AuthProviderFactory } from '@backstage/plugin-auth-node';\n\n/**\n * All built-in auth provider integrations.\n *\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport const providers = Object.freeze({\n atlassian,\n auth0,\n awsAlb,\n bitbucket,\n bitbucketServer,\n cfAccess,\n gcpIap,\n github,\n gitlab,\n google,\n microsoft,\n oauth2,\n oauth2Proxy,\n oidc,\n okta,\n onelogin,\n saml,\n easyAuth,\n});\n\n/**\n * All auth provider factories that are installed by default.\n *\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport const defaultAuthProviderFactories: {\n [providerId: string]: AuthProviderFactory;\n} = {\n google: google.create(),\n github: github.create(),\n gitlab: gitlab.create(),\n saml: saml.create(),\n okta: okta.create(),\n auth0: auth0.create(),\n microsoft: microsoft.create(),\n easyAuth: easyAuth.create(),\n oauth2: oauth2.create(),\n oidc: oidc.create(),\n onelogin: onelogin.create(),\n awsalb: awsAlb.create(),\n bitbucket: bitbucket.create(),\n bitbucketServer: bitbucketServer.create(),\n atlassian: atlassian.create(),\n};\n"],"names":["atlassian","auth0","awsAlb","bitbucket","bitbucketServer","cfAccess","gcpIap","github","gitlab","google","microsoft","oauth2","oauth2Proxy","oidc","okta","onelogin","saml","easyAuth"],"mappings":";;;;;;;;;;;;;;;;;;;;;AA0Ca,MAAA,SAAA,GAAY,OAAO,MAAO,CAAA;AAAA,aACrCA,oBAAA;AAAA,SACAC,gBAAA;AAAA,UACAC,iBAAA;AAAA,aACAC,oBAAA;AAAA,mBACAC,0BAAA;AAAA,YACAC,mBAAA;AAAA,UACAC,iBAAA;AAAA,UACAC,iBAAA;AAAA,UACAC,iBAAA;AAAA,UACAC,eAAA;AAAA,aACAC,oBAAA;AAAA,UACAC,iBAAA;AAAA,eACAC,sBAAA;AAAA,QACAC,eAAA;AAAA,QACAC,eAAA;AAAA,YACAC,mBAAA;AAAA,QACAC,eAAA;AAAA,YACAC;AACF,CAAC;AAQM,MAAM,4BAET,GAAA;AAAA,EACF,MAAA,EAAQR,gBAAO,MAAO,EAAA;AAAA,EACtB,MAAA,EAAQF,kBAAO,MAAO,EAAA;AAAA,EACtB,MAAA,EAAQC,kBAAO,MAAO,EAAA;AAAA,EACtB,IAAA,EAAMQ,gBAAK,MAAO,EAAA;AAAA,EAClB,IAAA,EAAMF,gBAAK,MAAO,EAAA;AAAA,EAClB,KAAA,EAAOb,iBAAM,MAAO,EAAA;AAAA,EACpB,SAAA,EAAWS,qBAAU,MAAO,EAAA;AAAA,EAC5B,QAAA,EAAUO,oBAAS,MAAO,EAAA;AAAA,EAC1B,MAAA,EAAQN,kBAAO,MAAO,EAAA;AAAA,EACtB,IAAA,EAAME,gBAAK,MAAO,EAAA;AAAA,EAClB,QAAA,EAAUE,oBAAS,MAAO,EAAA;AAAA,EAC1B,MAAA,EAAQb,kBAAO,MAAO,EAAA;AAAA,EACtB,SAAA,EAAWC,qBAAU,MAAO,EAAA;AAAA,EAC5B,eAAA,EAAiBC,2BAAgB,MAAO,EAAA;AAAA,EACxC,SAAA,EAAWJ,qBAAU,MAAO;AAC9B;;;;;"}
package/dist/providers/router.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"router.cjs.js","sources":["../../src/providers/router.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { TokenManager } from '@backstage/backend-common';\nimport {\n AuthService,\n DiscoveryService,\n HttpAuthService,\n LoggerService,\n} from '@backstage/backend-plugin-api';\nimport { CatalogApi, CatalogClient } from '@backstage/catalog-client';\nimport { Config } from '@backstage/config';\nimport { assertError, NotFoundError } from '@backstage/errors';\nimport {\n AuthOwnershipResolver,\n AuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport express from 'express';\nimport Router from 'express-promise-router';\nimport { Minimatch } from 'minimatch';\nimport { CatalogAuthResolverContext } from '../lib/resolvers/CatalogAuthResolverContext';\nimport { TokenIssuer } from '../identity/types';\n\n/** @public */\nexport type ProviderFactories = { [s: string]: AuthProviderFactory };\n\nexport function bindProviderRouters(\n targetRouter: express.Router,\n options: {\n providers: ProviderFactories;\n appUrl: string;\n baseUrl: string;\n config: Config;\n logger: LoggerService;\n discovery: DiscoveryService;\n auth: AuthService;\n httpAuth: HttpAuthService;\n tokenManager?: TokenManager;\n tokenIssuer: TokenIssuer;\n ownershipResolver?: AuthOwnershipResolver;\n catalogApi?: CatalogApi;\n },\n) {\n const {\n providers,\n appUrl,\n baseUrl,\n config,\n logger,\n discovery,\n auth,\n httpAuth,\n tokenManager,\n tokenIssuer,\n catalogApi,\n ownershipResolver,\n } = options;\n\n const providersConfig = config.getOptionalConfig('auth.providers');\n\n const isOriginAllowed = createOriginFilter(config);\n\n for (const [providerId, providerFactory] of Object.entries(providers)) {\n if (providersConfig?.has(providerId)) {\n logger.info(`Configuring auth provider: ${providerId}`);\n try {\n const provider = providerFactory({\n providerId,\n appUrl,\n baseUrl,\n isOriginAllowed,\n globalConfig: {\n baseUrl,\n appUrl,\n isOriginAllowed,\n },\n config: providersConfig.getConfig(providerId),\n logger,\n resolverContext: CatalogAuthResolverContext.create({\n logger,\n catalogApi:\n catalogApi ?? new CatalogClient({ discoveryApi: discovery }),\n tokenIssuer,\n tokenManager,\n discovery,\n auth,\n httpAuth,\n ownershipResolver,\n }),\n });\n\n const r = Router();\n\n r.get('/start', provider.start.bind(provider));\n r.get('/handler/frame', provider.frameHandler.bind(provider));\n r.post('/handler/frame', provider.frameHandler.bind(provider));\n if (provider.logout) {\n r.post('/logout', provider.logout.bind(provider));\n }\n if (provider.refresh) {\n r.get('/refresh', provider.refresh.bind(provider));\n r.post('/refresh', provider.refresh.bind(provider));\n }\n\n targetRouter.use(`/${providerId}`, r);\n } catch (e) {\n assertError(e);\n if (process.env.NODE_ENV !== 'development') {\n throw new Error(\n `Failed to initialize ${providerId} auth provider, ${e.message}`,\n );\n }\n\n logger.warn(`Skipping ${providerId} auth provider, ${e.message}`);\n\n targetRouter.use(`/${providerId}`, () => {\n // If the user added the provider under auth.providers but the clientId and clientSecret etc. were not found.\n throw new NotFoundError(\n `Auth provider registered for '${providerId}' is misconfigured. This could mean the configs under ` +\n `auth.providers.${providerId} are missing or the environment variables used are not defined. ` +\n `Check the auth backend plugin logs when the backend starts to see more details.`,\n );\n });\n }\n } else {\n targetRouter.use(`/${providerId}`, () => {\n throw new NotFoundError(\n `No auth provider registered for '${providerId}'`,\n );\n });\n }\n }\n}\n\n/** @public */\nexport function createOriginFilter(\n config: Config,\n): (origin: string) => boolean {\n const appUrl = config.getString('app.baseUrl');\n const { origin: appOrigin } = new URL(appUrl);\n\n const allowedOrigins = config.getOptionalStringArray(\n 'auth.experimentalExtraAllowedOrigins',\n );\n\n const allowedOriginPatterns =\n allowedOrigins?.map(\n pattern => new Minimatch(pattern, { nocase: true, noglobstar: true }),\n ) ?? [];\n\n return origin => {\n if (origin === appOrigin) {\n return true;\n }\n return allowedOriginPatterns.some(pattern => pattern.match(origin));\n };\n}\n"],"names":["CatalogAuthResolverContext","CatalogClient","Router","assertError","NotFoundError","Minimatch"],"mappings":";;;;;;;;;;;;AAuCgB,SAAA,mBAAA,CACd,cACA,OAcA,EAAA;AACA,EAAM,MAAA;AAAA,IACJ,SAAA;AAAA,IACA,MAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA,MAAA;AAAA,IACA,SAAA;AAAA,IACA,IAAA;AAAA,IACA,QAAA;AAAA,IACA,YAAA;AAAA,IACA,WAAA;AAAA,IACA,UAAA;AAAA,IACA;AAAA,GACE,GAAA,OAAA;AAEJ,EAAM,MAAA,eAAA,GAAkB,MAAO,CAAA,iBAAA,CAAkB,gBAAgB,CAAA;AAEjE,EAAM,MAAA,eAAA,GAAkB,mBAAmB,MAAM,CAAA;AAEjD,EAAA,KAAA,MAAW,CAAC,UAAY,EAAA,eAAe,KAAK,MAAO,CAAA,OAAA,CAAQ,SAAS,CAAG,EAAA;AACrE,IAAI,IAAA,eAAA,EAAiB,GAAI,CAAA,UAAU,CAAG,EAAA;AACpC,MAAO,MAAA,CAAA,IAAA,CAAK,CAA8B,2BAAA,EAAA,UAAU,CAAE,CAAA,CAAA;AACtD,MAAI,IAAA;AACF,QAAA,MAAM,WAAW,eAAgB,CAAA;AAAA,UAC/B,UAAA;AAAA,UACA,MAAA;AAAA,UACA,OAAA;AAAA,UACA,eAAA;AAAA,UACA,YAAc,EAAA;AAAA,YACZ,OAAA;AAAA,YACA,MAAA;AAAA,YACA;AAAA,WACF;AAAA,UACA,MAAA,EAAQ,eAAgB,CAAA,SAAA,CAAU,UAAU,CAAA;AAAA,UAC5C,MAAA;AAAA,UACA,eAAA,EAAiBA,sDAA2B,MAAO,CAAA;AAAA,YACjD,MAAA;AAAA,YACA,YACE,UAAc,IAAA,IAAIC,4BAAc,EAAE,YAAA,EAAc,WAAW,CAAA;AAAA,YAC7D,WAAA;AAAA,YACA,YAAA;AAAA,YACA,SAAA;AAAA,YACA,IAAA;AAAA,YACA,QAAA;AAAA,YACA;AAAA,WACD;AAAA,SACF,CAAA;AAED,QAAA,MAAM,IAAIC,uBAAO,EAAA;AAEjB,QAAA,CAAA,CAAE,IAAI,QAAU,EAAA,QAAA,CAAS,KAAM,CAAA,IAAA,CAAK,QAAQ,CAAC,CAAA;AAC7C,QAAA,CAAA,CAAE,IAAI,gBAAkB,EAAA,QAAA,CAAS,YAAa,CAAA,IAAA,CAAK,QAAQ,CAAC,CAAA;AAC5D,QAAA,CAAA,CAAE,KAAK,gBAAkB,EAAA,QAAA,CAAS,YAAa,CAAA,IAAA,CAAK,QAAQ,CAAC,CAAA;AAC7D,QAAA,IAAI,SAAS,MAAQ,EAAA;AACnB,UAAA,CAAA,CAAE,KAAK,SAAW,EAAA,QAAA,CAAS,MAAO,CAAA,IAAA,CAAK,QAAQ,CAAC,CAAA;AAAA;AAElD,QAAA,IAAI,SAAS,OAAS,EAAA;AACpB,UAAA,CAAA,CAAE,IAAI,UAAY,EAAA,QAAA,CAAS,OAAQ,CAAA,IAAA,CAAK,QAAQ,CAAC,CAAA;AACjD,UAAA,CAAA,CAAE,KAAK,UAAY,EAAA,QAAA,CAAS,OAAQ,CAAA,IAAA,CAAK,QAAQ,CAAC,CAAA;AAAA;AAGpD,QAAA,YAAA,CAAa,GAAI,CAAA,CAAA,CAAA,EAAI,UAAU,CAAA,CAAA,EAAI,CAAC,CAAA;AAAA,eAC7B,CAAG,EAAA;AACV,QAAAC,kBAAA,CAAY,CAAC,CAAA;AACb,QAAI,IAAA,OAAA,CAAQ,GAAI,CAAA,QAAA,KAAa,aAAe,EAAA;AAC1C,UAAA,MAAM,IAAI,KAAA;AAAA,YACR,CAAwB,qBAAA,EAAA,UAAU,CAAmB,gBAAA,EAAA,CAAA,CAAE,OAAO,CAAA;AAAA,WAChE;AAAA;AAGF,QAAA,MAAA,CAAO,KAAK,CAAY,SAAA,EAAA,UAAU,CAAmB,gBAAA,EAAA,CAAA,CAAE,OAAO,CAAE,CAAA,CAAA;AAEhE,QAAA,YAAA,CAAa,GAAI,CAAA,CAAA,CAAA,EAAI,UAAU,CAAA,CAAA,EAAI,MAAM;AAEvC,UAAA,MAAM,IAAIC,oBAAA;AAAA,YACR,CAAA,8BAAA,EAAiC,UAAU,CAAA,qEAAA,EACvB,UAAU,CAAA,+IAAA;AAAA,WAEhC;AAAA,SACD,CAAA;AAAA;AACH,KACK,MAAA;AACL,MAAA,YAAA,CAAa,GAAI,CAAA,CAAA,CAAA,EAAI,UAAU,CAAA,CAAA,EAAI,MAAM;AACvC,QAAA,MAAM,IAAIA,oBAAA;AAAA,UACR,oCAAoC,UAAU,CAAA,CAAA;AAAA,SAChD;AAAA,OACD,CAAA;AAAA;AACH;AAEJ;AAGO,SAAS,mBACd,MAC6B,EAAA;AAC7B,EAAM,MAAA,MAAA,GAAS,MAAO,CAAA,SAAA,CAAU,aAAa,CAAA;AAC7C,EAAA,MAAM,EAAE,MAAQ,EAAA,SAAA,EAAc,GAAA,IAAI,IAAI,MAAM,CAAA;AAE5C,EAAA,MAAM,iBAAiB,MAAO,CAAA,sBAAA;AAAA,IAC5B;AAAA,GACF;AAEA,EAAA,MAAM,wBACJ,cAAgB,EAAA,GAAA;AAAA,IACd,CAAA,OAAA,KAAW,IAAIC,mBAAU,CAAA,OAAA,EAAS,EAAE,MAAQ,EAAA,IAAA,EAAM,UAAY,EAAA,IAAA,EAAM;AAAA,OACjE,EAAC;AAER,EAAA,OAAO,CAAU,MAAA,KAAA;AACf,IAAA,IAAI,WAAW,SAAW,EAAA;AACxB,MAAO,OAAA,IAAA;AAAA;AAET,IAAA,OAAO,sBAAsB,IAAK,CAAA,CAAA,OAAA,KAAW,OAAQ,CAAA,KAAA,CAAM,MAAM,CAAC,CAAA;AAAA,GACpE;AACF;;;;;"}
1
+ {"version":3,"file":"router.cjs.js","sources":["../../src/providers/router.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { TokenManager } from '@backstage/backend-common';\nimport {\n AuthService,\n DiscoveryService,\n HttpAuthService,\n LoggerService,\n} from '@backstage/backend-plugin-api';\nimport { CatalogApi, CatalogClient } from '@backstage/catalog-client';\nimport { Config } from '@backstage/config';\nimport { assertError, NotFoundError } from '@backstage/errors';\nimport {\n AuthOwnershipResolver,\n AuthProviderFactory,\n} from '@backstage/plugin-auth-node';\nimport express from 'express';\nimport Router from 'express-promise-router';\nimport { Minimatch } from 'minimatch';\nimport { CatalogAuthResolverContext } from '../lib/resolvers/CatalogAuthResolverContext';\nimport { TokenIssuer } from '../identity/types';\n\n/**\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport type ProviderFactories = { [s: string]: AuthProviderFactory };\n\nexport function bindProviderRouters(\n targetRouter: express.Router,\n options: {\n providers: ProviderFactories;\n appUrl: string;\n baseUrl: string;\n config: Config;\n logger: LoggerService;\n discovery: DiscoveryService;\n auth: AuthService;\n httpAuth: HttpAuthService;\n tokenManager?: TokenManager;\n tokenIssuer: TokenIssuer;\n ownershipResolver?: AuthOwnershipResolver;\n catalogApi?: CatalogApi;\n },\n) {\n const {\n providers,\n appUrl,\n baseUrl,\n config,\n logger,\n discovery,\n auth,\n httpAuth,\n tokenManager,\n tokenIssuer,\n catalogApi,\n ownershipResolver,\n } = options;\n\n const providersConfig = config.getOptionalConfig('auth.providers');\n\n const isOriginAllowed = createOriginFilter(config);\n\n for (const [providerId, providerFactory] of Object.entries(providers)) {\n if (providersConfig?.has(providerId)) {\n logger.info(`Configuring auth provider: ${providerId}`);\n try {\n const provider = providerFactory({\n providerId,\n appUrl,\n baseUrl,\n isOriginAllowed,\n globalConfig: {\n baseUrl,\n appUrl,\n isOriginAllowed,\n },\n config: providersConfig.getConfig(providerId),\n logger,\n resolverContext: CatalogAuthResolverContext.create({\n logger,\n catalogApi:\n catalogApi ?? new CatalogClient({ discoveryApi: discovery }),\n tokenIssuer,\n tokenManager,\n discovery,\n auth,\n httpAuth,\n ownershipResolver,\n }),\n });\n\n const r = Router();\n\n r.get('/start', provider.start.bind(provider));\n r.get('/handler/frame', provider.frameHandler.bind(provider));\n r.post('/handler/frame', provider.frameHandler.bind(provider));\n if (provider.logout) {\n r.post('/logout', provider.logout.bind(provider));\n }\n if (provider.refresh) {\n r.get('/refresh', provider.refresh.bind(provider));\n r.post('/refresh', provider.refresh.bind(provider));\n }\n\n targetRouter.use(`/${providerId}`, r);\n } catch (e) {\n assertError(e);\n if (process.env.NODE_ENV !== 'development') {\n throw new Error(\n `Failed to initialize ${providerId} auth provider, ${e.message}`,\n );\n }\n\n logger.warn(`Skipping ${providerId} auth provider, ${e.message}`);\n\n targetRouter.use(`/${providerId}`, () => {\n // If the user added the provider under auth.providers but the clientId and clientSecret etc. were not found.\n throw new NotFoundError(\n `Auth provider registered for '${providerId}' is misconfigured. This could mean the configs under ` +\n `auth.providers.${providerId} are missing or the environment variables used are not defined. ` +\n `Check the auth backend plugin logs when the backend starts to see more details.`,\n );\n });\n }\n } else {\n targetRouter.use(`/${providerId}`, () => {\n throw new NotFoundError(\n `No auth provider registered for '${providerId}'`,\n );\n });\n }\n }\n}\n\n/**\n * @public\n * @deprecated this export will be removed\n */\nexport function createOriginFilter(\n config: Config,\n): (origin: string) => boolean {\n const appUrl = config.getString('app.baseUrl');\n const { origin: appOrigin } = new URL(appUrl);\n\n const allowedOrigins = config.getOptionalStringArray(\n 'auth.experimentalExtraAllowedOrigins',\n );\n\n const allowedOriginPatterns =\n allowedOrigins?.map(\n pattern => new Minimatch(pattern, { nocase: true, noglobstar: true }),\n ) ?? [];\n\n return origin => {\n if (origin === appOrigin) {\n return true;\n }\n return allowedOriginPatterns.some(pattern => pattern.match(origin));\n };\n}\n"],"names":["CatalogAuthResolverContext","CatalogClient","Router","assertError","NotFoundError","Minimatch"],"mappings":";;;;;;;;;;;;AA0CgB,SAAA,mBAAA,CACd,cACA,OAcA,EAAA;AACA,EAAM,MAAA;AAAA,IACJ,SAAA;AAAA,IACA,MAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA,MAAA;AAAA,IACA,SAAA;AAAA,IACA,IAAA;AAAA,IACA,QAAA;AAAA,IACA,YAAA;AAAA,IACA,WAAA;AAAA,IACA,UAAA;AAAA,IACA;AAAA,GACE,GAAA,OAAA;AAEJ,EAAM,MAAA,eAAA,GAAkB,MAAO,CAAA,iBAAA,CAAkB,gBAAgB,CAAA;AAEjE,EAAM,MAAA,eAAA,GAAkB,mBAAmB,MAAM,CAAA;AAEjD,EAAA,KAAA,MAAW,CAAC,UAAY,EAAA,eAAe,KAAK,MAAO,CAAA,OAAA,CAAQ,SAAS,CAAG,EAAA;AACrE,IAAI,IAAA,eAAA,EAAiB,GAAI,CAAA,UAAU,CAAG,EAAA;AACpC,MAAO,MAAA,CAAA,IAAA,CAAK,CAA8B,2BAAA,EAAA,UAAU,CAAE,CAAA,CAAA;AACtD,MAAI,IAAA;AACF,QAAA,MAAM,WAAW,eAAgB,CAAA;AAAA,UAC/B,UAAA;AAAA,UACA,MAAA;AAAA,UACA,OAAA;AAAA,UACA,eAAA;AAAA,UACA,YAAc,EAAA;AAAA,YACZ,OAAA;AAAA,YACA,MAAA;AAAA,YACA;AAAA,WACF;AAAA,UACA,MAAA,EAAQ,eAAgB,CAAA,SAAA,CAAU,UAAU,CAAA;AAAA,UAC5C,MAAA;AAAA,UACA,eAAA,EAAiBA,sDAA2B,MAAO,CAAA;AAAA,YACjD,MAAA;AAAA,YACA,YACE,UAAc,IAAA,IAAIC,4BAAc,EAAE,YAAA,EAAc,WAAW,CAAA;AAAA,YAC7D,WAAA;AAAA,YACA,YAAA;AAAA,YACA,SAAA;AAAA,YACA,IAAA;AAAA,YACA,QAAA;AAAA,YACA;AAAA,WACD;AAAA,SACF,CAAA;AAED,QAAA,MAAM,IAAIC,uBAAO,EAAA;AAEjB,QAAA,CAAA,CAAE,IAAI,QAAU,EAAA,QAAA,CAAS,KAAM,CAAA,IAAA,CAAK,QAAQ,CAAC,CAAA;AAC7C,QAAA,CAAA,CAAE,IAAI,gBAAkB,EAAA,QAAA,CAAS,YAAa,CAAA,IAAA,CAAK,QAAQ,CAAC,CAAA;AAC5D,QAAA,CAAA,CAAE,KAAK,gBAAkB,EAAA,QAAA,CAAS,YAAa,CAAA,IAAA,CAAK,QAAQ,CAAC,CAAA;AAC7D,QAAA,IAAI,SAAS,MAAQ,EAAA;AACnB,UAAA,CAAA,CAAE,KAAK,SAAW,EAAA,QAAA,CAAS,MAAO,CAAA,IAAA,CAAK,QAAQ,CAAC,CAAA;AAAA;AAElD,QAAA,IAAI,SAAS,OAAS,EAAA;AACpB,UAAA,CAAA,CAAE,IAAI,UAAY,EAAA,QAAA,CAAS,OAAQ,CAAA,IAAA,CAAK,QAAQ,CAAC,CAAA;AACjD,UAAA,CAAA,CAAE,KAAK,UAAY,EAAA,QAAA,CAAS,OAAQ,CAAA,IAAA,CAAK,QAAQ,CAAC,CAAA;AAAA;AAGpD,QAAA,YAAA,CAAa,GAAI,CAAA,CAAA,CAAA,EAAI,UAAU,CAAA,CAAA,EAAI,CAAC,CAAA;AAAA,eAC7B,CAAG,EAAA;AACV,QAAAC,kBAAA,CAAY,CAAC,CAAA;AACb,QAAI,IAAA,OAAA,CAAQ,GAAI,CAAA,QAAA,KAAa,aAAe,EAAA;AAC1C,UAAA,MAAM,IAAI,KAAA;AAAA,YACR,CAAwB,qBAAA,EAAA,UAAU,CAAmB,gBAAA,EAAA,CAAA,CAAE,OAAO,CAAA;AAAA,WAChE;AAAA;AAGF,QAAA,MAAA,CAAO,KAAK,CAAY,SAAA,EAAA,UAAU,CAAmB,gBAAA,EAAA,CAAA,CAAE,OAAO,CAAE,CAAA,CAAA;AAEhE,QAAA,YAAA,CAAa,GAAI,CAAA,CAAA,CAAA,EAAI,UAAU,CAAA,CAAA,EAAI,MAAM;AAEvC,UAAA,MAAM,IAAIC,oBAAA;AAAA,YACR,CAAA,8BAAA,EAAiC,UAAU,CAAA,qEAAA,EACvB,UAAU,CAAA,+IAAA;AAAA,WAEhC;AAAA,SACD,CAAA;AAAA;AACH,KACK,MAAA;AACL,MAAA,YAAA,CAAa,GAAI,CAAA,CAAA,CAAA,EAAI,UAAU,CAAA,CAAA,EAAI,MAAM;AACvC,QAAA,MAAM,IAAIA,oBAAA;AAAA,UACR,oCAAoC,UAAU,CAAA,CAAA;AAAA,SAChD;AAAA,OACD,CAAA;AAAA;AACH;AAEJ;AAMO,SAAS,mBACd,MAC6B,EAAA;AAC7B,EAAM,MAAA,MAAA,GAAS,MAAO,CAAA,SAAA,CAAU,aAAa,CAAA;AAC7C,EAAA,MAAM,EAAE,MAAQ,EAAA,SAAA,EAAc,GAAA,IAAI,IAAI,MAAM,CAAA;AAE5C,EAAA,MAAM,iBAAiB,MAAO,CAAA,sBAAA;AAAA,IAC5B;AAAA,GACF;AAEA,EAAA,MAAM,wBACJ,cAAgB,EAAA,GAAA;AAAA,IACd,CAAA,OAAA,KAAW,IAAIC,mBAAU,CAAA,OAAA,EAAS,EAAE,MAAQ,EAAA,IAAA,EAAM,UAAY,EAAA,IAAA,EAAM;AAAA,OACjE,EAAC;AAER,EAAA,OAAO,CAAU,MAAA,KAAA;AACf,IAAA,IAAI,WAAW,SAAW,EAAA;AACxB,MAAO,OAAA,IAAA;AAAA;AAET,IAAA,OAAO,sBAAsB,IAAK,CAAA,CAAA,OAAA,KAAW,OAAQ,CAAA,KAAA,CAAM,MAAM,CAAC,CAAA;AAAA,GACpE;AACF;;;;;"}
package/dist/providers/saml/provider.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/saml/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport express from 'express';\nimport { SamlConfig, VerifiedCallback } from '@node-saml/passport-saml';\nimport {\n Strategy as SamlStrategy,\n Profile as SamlProfile,\n VerifyWithoutRequest,\n} from '@node-saml/passport-saml';\nimport {\n executeFrameHandlerStrategy,\n executeRedirectStrategy,\n} from '../../lib/passport';\nimport { AuthHandler } from '../types';\nimport { postMessageResponse } from '../../lib/flow';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport { AuthenticationError, isError } from '@backstage/errors';\nimport { prepareBackstageIdentityResponse } from '../prepareBackstageIdentityResponse';\nimport {\n AuthProviderRouteHandlers,\n AuthResolverContext,\n ClientAuthResponse,\n SignInResolver,\n} from '@backstage/plugin-auth-node';\n\n/** @public */\nexport type SamlAuthResult = {\n fullProfile: any;\n};\n\ntype Options = SamlConfig & {\n signInResolver?: SignInResolver<SamlAuthResult>;\n authHandler: AuthHandler<SamlAuthResult>;\n resolverContext: AuthResolverContext;\n appUrl: string;\n};\n\nexport class SamlAuthProvider implements AuthProviderRouteHandlers {\n private readonly strategy: SamlStrategy;\n private readonly signInResolver?: SignInResolver<SamlAuthResult>;\n private readonly authHandler: AuthHandler<SamlAuthResult>;\n private readonly resolverContext: AuthResolverContext;\n private readonly appUrl: string;\n\n constructor(options: Options) {\n this.appUrl = options.appUrl;\n this.signInResolver = options.signInResolver;\n this.authHandler = options.authHandler;\n this.resolverContext = options.resolverContext;\n\n const verifier: VerifyWithoutRequest = (\n profile: SamlProfile | null,\n done: VerifiedCallback,\n ) => {\n // TODO: There's plenty more validation and profile handling to do here,\n // this provider is currently only intended to validate the provider pattern\n // for non-oauth auth flows.\n // TODO: This flow doesn't issue an identity token that can be used to validate\n // the identity of the user in other backends, which we need in some form.\n done(null, { fullProfile: profile });\n };\n this.strategy = new SamlStrategy(options, verifier, verifier);\n }\n\n async start(req: express.Request, res: express.Response): Promise<void> {\n const { url } = await executeRedirectStrategy(req, this.strategy, {});\n res.redirect(url);\n }\n\n async frameHandler(\n req: express.Request,\n res: express.Response,\n ): Promise<void> {\n try {\n const { result } = await executeFrameHandlerStrategy<SamlAuthResult>(\n req,\n this.strategy,\n );\n\n const { profile } = await this.authHandler(result, this.resolverContext);\n\n const response: ClientAuthResponse<{}> = {\n profile,\n providerInfo: {},\n };\n\n if (this.signInResolver) {\n const signInResponse = await this.signInResolver(\n {\n result,\n profile,\n },\n this.resolverContext,\n );\n\n response.backstageIdentity =\n prepareBackstageIdentityResponse(signInResponse);\n }\n\n return postMessageResponse(res, this.appUrl, {\n type: 'authorization_response',\n response,\n });\n } catch (error) {\n const { name, message } = isError(error)\n ? error\n : new Error('Encountered invalid error'); // Being a bit safe and not forwarding the bad value\n return postMessageResponse(res, this.appUrl, {\n type: 'authorization_response',\n error: { name, message },\n });\n }\n }\n\n async logout(_req: express.Request, res: express.Response): Promise<void> {\n res.end();\n }\n}\n\ntype SignatureAlgorithm = 'sha1' | 'sha256' | 'sha512';\n\n/**\n * Auth provider integration for SAML auth\n *\n * @public\n */\nexport const saml = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<SamlAuthResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn?: {\n /**\n * Maps an auth result to a Backstage identity for the user.\n */\n resolver: SignInResolver<SamlAuthResult>;\n };\n }) {\n return ({ providerId, globalConfig, config, resolverContext }) => {\n const authHandler: AuthHandler<SamlAuthResult> = options?.authHandler\n ? options.authHandler\n : async ({ fullProfile }) => ({\n profile: {\n email: fullProfile.email,\n displayName: fullProfile.displayName,\n },\n });\n\n return new SamlAuthProvider({\n callbackUrl: `${globalConfig.baseUrl}/${providerId}/handler/frame`,\n entryPoint: config.getString('entryPoint'),\n logoutUrl: config.getOptionalString('logoutUrl'),\n audience: config.getString('audience'),\n issuer: config.getString('issuer'),\n idpCert: config.getString('cert'),\n privateKey: config.getOptionalString('privateKey'),\n authnContext: config.getOptionalStringArray('authnContext'),\n identifierFormat: config.getOptionalString('identifierFormat'),\n decryptionPvk: config.getOptionalString('decryptionPvk'),\n signatureAlgorithm: config.getOptionalString('signatureAlgorithm') as\n | SignatureAlgorithm\n | undefined,\n digestAlgorithm: config.getOptionalString('digestAlgorithm'),\n acceptedClockSkewMs: config.getOptionalNumber('acceptedClockSkewMs'),\n wantAuthnResponseSigned: config.getOptionalBoolean(\n 'wantAuthnResponseSigned',\n ),\n wantAssertionsSigned: config.getOptionalBoolean('wantAssertionsSigned'),\n appUrl: globalConfig.appUrl,\n authHandler,\n signInResolver: options?.signIn?.resolver,\n resolverContext,\n });\n };\n },\n resolvers: {\n /**\n * Looks up the user by matching their nameID to the entity name.\n */\n nameIdMatchingUserEntityName(): SignInResolver<SamlAuthResult> {\n return async (info, ctx) => {\n const id = info.result.fullProfile.nameID;\n\n if (!id) {\n throw new AuthenticationError('No nameID found in SAML response');\n }\n\n return ctx.signInWithCatalogUser({\n entityRef: { name: id },\n });\n };\n },\n },\n});\n"],"names":["SamlStrategy","executeRedirectStrategy","executeFrameHandlerStrategy","prepareBackstageIdentityResponse","postMessageResponse","isError","createAuthProviderIntegration","AuthenticationError"],"mappings":";;;;;;;;;AAmDO,MAAM,gBAAsD,CAAA;AAAA,EAChD,QAAA;AAAA,EACA,cAAA;AAAA,EACA,WAAA;AAAA,EACA,eAAA;AAAA,EACA,MAAA;AAAA,EAEjB,YAAY,OAAkB,EAAA;AAC5B,IAAA,IAAA,CAAK,SAAS,OAAQ,CAAA,MAAA;AACtB,IAAA,IAAA,CAAK,iBAAiB,OAAQ,CAAA,cAAA;AAC9B,IAAA,IAAA,CAAK,cAAc,OAAQ,CAAA,WAAA;AAC3B,IAAA,IAAA,CAAK,kBAAkB,OAAQ,CAAA,eAAA;AAE/B,IAAM,MAAA,QAAA,GAAiC,CACrC,OAAA,EACA,IACG,KAAA;AAMH,MAAA,IAAA,CAAK,IAAM,EAAA,EAAE,WAAa,EAAA,OAAA,EAAS,CAAA;AAAA,KACrC;AACA,IAAA,IAAA,CAAK,QAAW,GAAA,IAAIA,qBAAa,CAAA,OAAA,EAAS,UAAU,QAAQ,CAAA;AAAA;AAC9D,EAEA,MAAM,KAAM,CAAA,GAAA,EAAsB,GAAsC,EAAA;AACtE,IAAM,MAAA,EAAE,KAAQ,GAAA,MAAMC,+CAAwB,GAAK,EAAA,IAAA,CAAK,QAAU,EAAA,EAAE,CAAA;AACpE,IAAA,GAAA,CAAI,SAAS,GAAG,CAAA;AAAA;AAClB,EAEA,MAAM,YACJ,CAAA,GAAA,EACA,GACe,EAAA;AACf,IAAI,IAAA;AACF,MAAM,MAAA,EAAE,MAAO,EAAA,GAAI,MAAMC,kDAAA;AAAA,QACvB,GAAA;AAAA,QACA,IAAK,CAAA;AAAA,OACP;AAEA,MAAM,MAAA,EAAE,SAAY,GAAA,MAAM,KAAK,WAAY,CAAA,MAAA,EAAQ,KAAK,eAAe,CAAA;AAEvE,MAAA,MAAM,QAAmC,GAAA;AAAA,QACvC,OAAA;AAAA,QACA,cAAc;AAAC,OACjB;AAEA,MAAA,IAAI,KAAK,cAAgB,EAAA;AACvB,QAAM,MAAA,cAAA,GAAiB,MAAM,IAAK,CAAA,cAAA;AAAA,UAChC;AAAA,YACE,MAAA;AAAA,YACA;AAAA,WACF;AAAA,UACA,IAAK,CAAA;AAAA,SACP;AAEA,QAAS,QAAA,CAAA,iBAAA,GACPC,kEAAiC,cAAc,CAAA;AAAA;AAGnD,MAAO,OAAAC,mCAAA,CAAoB,GAAK,EAAA,IAAA,CAAK,MAAQ,EAAA;AAAA,QAC3C,IAAM,EAAA,wBAAA;AAAA,QACN;AAAA,OACD,CAAA;AAAA,aACM,KAAO,EAAA;AACd,MAAM,MAAA,EAAE,IAAM,EAAA,OAAA,EAAY,GAAAC,cAAA,CAAQ,KAAK,CACnC,GAAA,KAAA,GACA,IAAI,KAAA,CAAM,2BAA2B,CAAA;AACzC,MAAO,OAAAD,mCAAA,CAAoB,GAAK,EAAA,IAAA,CAAK,MAAQ,EAAA;AAAA,QAC3C,IAAM,EAAA,wBAAA;AAAA,QACN,KAAA,EAAO,EAAE,IAAA,EAAM,OAAQ;AAAA,OACxB,CAAA;AAAA;AACH;AACF,EAEA,MAAM,MAAO,CAAA,IAAA,EAAuB,GAAsC,EAAA;AACxE,IAAA,GAAA,CAAI,GAAI,EAAA;AAAA;AAEZ;AASO,MAAM,OAAOE,2DAA8B,CAAA;AAAA,EAChD,OAAO,OAgBJ,EAAA;AACD,IAAA,OAAO,CAAC,EAAE,UAAA,EAAY,YAAc,EAAA,MAAA,EAAQ,iBAAsB,KAAA;AAChE,MAAM,MAAA,WAAA,GAA2C,SAAS,WACtD,GAAA,OAAA,CAAQ,cACR,OAAO,EAAE,aAAmB,MAAA;AAAA,QAC1B,OAAS,EAAA;AAAA,UACP,OAAO,WAAY,CAAA,KAAA;AAAA,UACnB,aAAa,WAAY,CAAA;AAAA;AAC3B,OACF,CAAA;AAEJ,MAAA,OAAO,IAAI,gBAAiB,CAAA;AAAA,QAC1B,WAAa,EAAA,CAAA,EAAG,YAAa,CAAA,OAAO,IAAI,UAAU,CAAA,cAAA,CAAA;AAAA,QAClD,UAAA,EAAY,MAAO,CAAA,SAAA,CAAU,YAAY,CAAA;AAAA,QACzC,SAAA,EAAW,MAAO,CAAA,iBAAA,CAAkB,WAAW,CAAA;AAAA,QAC/C,QAAA,EAAU,MAAO,CAAA,SAAA,CAAU,UAAU,CAAA;AAAA,QACrC,MAAA,EAAQ,MAAO,CAAA,SAAA,CAAU,QAAQ,CAAA;AAAA,QACjC,OAAA,EAAS,MAAO,CAAA,SAAA,CAAU,MAAM,CAAA;AAAA,QAChC,UAAA,EAAY,MAAO,CAAA,iBAAA,CAAkB,YAAY,CAAA;AAAA,QACjD,YAAA,EAAc,MAAO,CAAA,sBAAA,CAAuB,cAAc,CAAA;AAAA,QAC1D,gBAAA,EAAkB,MAAO,CAAA,iBAAA,CAAkB,kBAAkB,CAAA;AAAA,QAC7D,aAAA,EAAe,MAAO,CAAA,iBAAA,CAAkB,eAAe,CAAA;AAAA,QACvD,kBAAA,EAAoB,MAAO,CAAA,iBAAA,CAAkB,oBAAoB,CAAA;AAAA,QAGjE,eAAA,EAAiB,MAAO,CAAA,iBAAA,CAAkB,iBAAiB,CAAA;AAAA,QAC3D,mBAAA,EAAqB,MAAO,CAAA,iBAAA,CAAkB,qBAAqB,CAAA;AAAA,QACnE,yBAAyB,MAAO,CAAA,kBAAA;AAAA,UAC9B;AAAA,SACF;AAAA,QACA,oBAAA,EAAsB,MAAO,CAAA,kBAAA,CAAmB,sBAAsB,CAAA;AAAA,QACtE,QAAQ,YAAa,CAAA,MAAA;AAAA,QACrB,WAAA;AAAA,QACA,cAAA,EAAgB,SAAS,MAAQ,EAAA,QAAA;AAAA,QACjC;AAAA,OACD,CAAA;AAAA,KACH;AAAA,GACF;AAAA,EACA,SAAW,EAAA;AAAA;AAAA;AAAA;AAAA,IAIT,4BAA+D,GAAA;AAC7D,MAAO,OAAA,OAAO,MAAM,GAAQ,KAAA;AAC1B,QAAM,MAAA,EAAA,GAAK,IAAK,CAAA,MAAA,CAAO,WAAY,CAAA,MAAA;AAEnC,QAAA,IAAI,CAAC,EAAI,EAAA;AACP,UAAM,MAAA,IAAIC,2BAAoB,kCAAkC,CAAA;AAAA;AAGlE,QAAA,OAAO,IAAI,qBAAsB,CAAA;AAAA,UAC/B,SAAA,EAAW,EAAE,IAAA,EAAM,EAAG;AAAA,SACvB,CAAA;AAAA,OACH;AAAA;AACF;AAEJ,CAAC;;;;;"}
1
+ {"version":3,"file":"provider.cjs.js","sources":["../../../src/providers/saml/provider.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport express from 'express';\nimport { SamlConfig, VerifiedCallback } from '@node-saml/passport-saml';\nimport {\n Strategy as SamlStrategy,\n Profile as SamlProfile,\n VerifyWithoutRequest,\n} from '@node-saml/passport-saml';\nimport {\n executeFrameHandlerStrategy,\n executeRedirectStrategy,\n} from '../../lib/passport';\nimport { AuthHandler } from '../types';\nimport { postMessageResponse } from '../../lib/flow';\nimport { createAuthProviderIntegration } from '../createAuthProviderIntegration';\nimport { AuthenticationError, isError } from '@backstage/errors';\nimport { prepareBackstageIdentityResponse } from '../prepareBackstageIdentityResponse';\nimport {\n AuthProviderRouteHandlers,\n AuthResolverContext,\n ClientAuthResponse,\n SignInResolver,\n} from '@backstage/plugin-auth-node';\n\n/**\n * @public\n * @deprecated Migrate the auth plugin to the new backend system https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin\n */\nexport type SamlAuthResult = {\n fullProfile: any;\n};\n\ntype Options = SamlConfig & {\n signInResolver?: SignInResolver<SamlAuthResult>;\n authHandler: AuthHandler<SamlAuthResult>;\n resolverContext: AuthResolverContext;\n appUrl: string;\n};\n\nexport class SamlAuthProvider implements AuthProviderRouteHandlers {\n private readonly strategy: SamlStrategy;\n private readonly signInResolver?: SignInResolver<SamlAuthResult>;\n private readonly authHandler: AuthHandler<SamlAuthResult>;\n private readonly resolverContext: AuthResolverContext;\n private readonly appUrl: string;\n\n constructor(options: Options) {\n this.appUrl = options.appUrl;\n this.signInResolver = options.signInResolver;\n this.authHandler = options.authHandler;\n this.resolverContext = options.resolverContext;\n\n const verifier: VerifyWithoutRequest = (\n profile: SamlProfile | null,\n done: VerifiedCallback,\n ) => {\n // TODO: There's plenty more validation and profile handling to do here,\n // this provider is currently only intended to validate the provider pattern\n // for non-oauth auth flows.\n // TODO: This flow doesn't issue an identity token that can be used to validate\n // the identity of the user in other backends, which we need in some form.\n done(null, { fullProfile: profile });\n };\n this.strategy = new SamlStrategy(options, verifier, verifier);\n }\n\n async start(req: express.Request, res: express.Response): Promise<void> {\n const { url } = await executeRedirectStrategy(req, this.strategy, {});\n res.redirect(url);\n }\n\n async frameHandler(\n req: express.Request,\n res: express.Response,\n ): Promise<void> {\n try {\n const { result } = await executeFrameHandlerStrategy<SamlAuthResult>(\n req,\n this.strategy,\n );\n\n const { profile } = await this.authHandler(result, this.resolverContext);\n\n const response: ClientAuthResponse<{}> = {\n profile,\n providerInfo: {},\n };\n\n if (this.signInResolver) {\n const signInResponse = await this.signInResolver(\n {\n result,\n profile,\n },\n this.resolverContext,\n );\n\n response.backstageIdentity =\n prepareBackstageIdentityResponse(signInResponse);\n }\n\n return postMessageResponse(res, this.appUrl, {\n type: 'authorization_response',\n response,\n });\n } catch (error) {\n const { name, message } = isError(error)\n ? error\n : new Error('Encountered invalid error'); // Being a bit safe and not forwarding the bad value\n return postMessageResponse(res, this.appUrl, {\n type: 'authorization_response',\n error: { name, message },\n });\n }\n }\n\n async logout(_req: express.Request, res: express.Response): Promise<void> {\n res.end();\n }\n}\n\ntype SignatureAlgorithm = 'sha1' | 'sha256' | 'sha512';\n\n/**\n * Auth provider integration for SAML auth\n *\n * @public\n */\nexport const saml = createAuthProviderIntegration({\n create(options?: {\n /**\n * The profile transformation function used to verify and convert the auth response\n * into the profile that will be presented to the user.\n */\n authHandler?: AuthHandler<SamlAuthResult>;\n\n /**\n * Configure sign-in for this provider, without it the provider can not be used to sign users in.\n */\n signIn?: {\n /**\n * Maps an auth result to a Backstage identity for the user.\n */\n resolver: SignInResolver<SamlAuthResult>;\n };\n }) {\n return ({ providerId, globalConfig, config, resolverContext }) => {\n const authHandler: AuthHandler<SamlAuthResult> = options?.authHandler\n ? options.authHandler\n : async ({ fullProfile }) => ({\n profile: {\n email: fullProfile.email,\n displayName: fullProfile.displayName,\n },\n });\n\n return new SamlAuthProvider({\n callbackUrl: `${globalConfig.baseUrl}/${providerId}/handler/frame`,\n entryPoint: config.getString('entryPoint'),\n logoutUrl: config.getOptionalString('logoutUrl'),\n audience: config.getString('audience'),\n issuer: config.getString('issuer'),\n idpCert: config.getString('cert'),\n privateKey: config.getOptionalString('privateKey'),\n authnContext: config.getOptionalStringArray('authnContext'),\n identifierFormat: config.getOptionalString('identifierFormat'),\n decryptionPvk: config.getOptionalString('decryptionPvk'),\n signatureAlgorithm: config.getOptionalString('signatureAlgorithm') as\n | SignatureAlgorithm\n | undefined,\n digestAlgorithm: config.getOptionalString('digestAlgorithm'),\n acceptedClockSkewMs: config.getOptionalNumber('acceptedClockSkewMs'),\n wantAuthnResponseSigned: config.getOptionalBoolean(\n 'wantAuthnResponseSigned',\n ),\n wantAssertionsSigned: config.getOptionalBoolean('wantAssertionsSigned'),\n appUrl: globalConfig.appUrl,\n authHandler,\n signInResolver: options?.signIn?.resolver,\n resolverContext,\n });\n };\n },\n resolvers: {\n /**\n * Looks up the user by matching their nameID to the entity name.\n */\n nameIdMatchingUserEntityName(): SignInResolver<SamlAuthResult> {\n return async (info, ctx) => {\n const id = info.result.fullProfile.nameID;\n\n if (!id) {\n throw new AuthenticationError('No nameID found in SAML response');\n }\n\n return ctx.signInWithCatalogUser({\n entityRef: { name: id },\n });\n };\n },\n },\n});\n"],"names":["SamlStrategy","executeRedirectStrategy","executeFrameHandlerStrategy","prepareBackstageIdentityResponse","postMessageResponse","isError","createAuthProviderIntegration","AuthenticationError"],"mappings":";;;;;;;;;AAsDO,MAAM,gBAAsD,CAAA;AAAA,EAChD,QAAA;AAAA,EACA,cAAA;AAAA,EACA,WAAA;AAAA,EACA,eAAA;AAAA,EACA,MAAA;AAAA,EAEjB,YAAY,OAAkB,EAAA;AAC5B,IAAA,IAAA,CAAK,SAAS,OAAQ,CAAA,MAAA;AACtB,IAAA,IAAA,CAAK,iBAAiB,OAAQ,CAAA,cAAA;AAC9B,IAAA,IAAA,CAAK,cAAc,OAAQ,CAAA,WAAA;AAC3B,IAAA,IAAA,CAAK,kBAAkB,OAAQ,CAAA,eAAA;AAE/B,IAAM,MAAA,QAAA,GAAiC,CACrC,OAAA,EACA,IACG,KAAA;AAMH,MAAA,IAAA,CAAK,IAAM,EAAA,EAAE,WAAa,EAAA,OAAA,EAAS,CAAA;AAAA,KACrC;AACA,IAAA,IAAA,CAAK,QAAW,GAAA,IAAIA,qBAAa,CAAA,OAAA,EAAS,UAAU,QAAQ,CAAA;AAAA;AAC9D,EAEA,MAAM,KAAM,CAAA,GAAA,EAAsB,GAAsC,EAAA;AACtE,IAAM,MAAA,EAAE,KAAQ,GAAA,MAAMC,+CAAwB,GAAK,EAAA,IAAA,CAAK,QAAU,EAAA,EAAE,CAAA;AACpE,IAAA,GAAA,CAAI,SAAS,GAAG,CAAA;AAAA;AAClB,EAEA,MAAM,YACJ,CAAA,GAAA,EACA,GACe,EAAA;AACf,IAAI,IAAA;AACF,MAAM,MAAA,EAAE,MAAO,EAAA,GAAI,MAAMC,kDAAA;AAAA,QACvB,GAAA;AAAA,QACA,IAAK,CAAA;AAAA,OACP;AAEA,MAAM,MAAA,EAAE,SAAY,GAAA,MAAM,KAAK,WAAY,CAAA,MAAA,EAAQ,KAAK,eAAe,CAAA;AAEvE,MAAA,MAAM,QAAmC,GAAA;AAAA,QACvC,OAAA;AAAA,QACA,cAAc;AAAC,OACjB;AAEA,MAAA,IAAI,KAAK,cAAgB,EAAA;AACvB,QAAM,MAAA,cAAA,GAAiB,MAAM,IAAK,CAAA,cAAA;AAAA,UAChC;AAAA,YACE,MAAA;AAAA,YACA;AAAA,WACF;AAAA,UACA,IAAK,CAAA;AAAA,SACP;AAEA,QAAS,QAAA,CAAA,iBAAA,GACPC,kEAAiC,cAAc,CAAA;AAAA;AAGnD,MAAO,OAAAC,mCAAA,CAAoB,GAAK,EAAA,IAAA,CAAK,MAAQ,EAAA;AAAA,QAC3C,IAAM,EAAA,wBAAA;AAAA,QACN;AAAA,OACD,CAAA;AAAA,aACM,KAAO,EAAA;AACd,MAAM,MAAA,EAAE,IAAM,EAAA,OAAA,EAAY,GAAAC,cAAA,CAAQ,KAAK,CACnC,GAAA,KAAA,GACA,IAAI,KAAA,CAAM,2BAA2B,CAAA;AACzC,MAAO,OAAAD,mCAAA,CAAoB,GAAK,EAAA,IAAA,CAAK,MAAQ,EAAA;AAAA,QAC3C,IAAM,EAAA,wBAAA;AAAA,QACN,KAAA,EAAO,EAAE,IAAA,EAAM,OAAQ;AAAA,OACxB,CAAA;AAAA;AACH;AACF,EAEA,MAAM,MAAO,CAAA,IAAA,EAAuB,GAAsC,EAAA;AACxE,IAAA,GAAA,CAAI,GAAI,EAAA;AAAA;AAEZ;AASO,MAAM,OAAOE,2DAA8B,CAAA;AAAA,EAChD,OAAO,OAgBJ,EAAA;AACD,IAAA,OAAO,CAAC,EAAE,UAAA,EAAY,YAAc,EAAA,MAAA,EAAQ,iBAAsB,KAAA;AAChE,MAAM,MAAA,WAAA,GAA2C,SAAS,WACtD,GAAA,OAAA,CAAQ,cACR,OAAO,EAAE,aAAmB,MAAA;AAAA,QAC1B,OAAS,EAAA;AAAA,UACP,OAAO,WAAY,CAAA,KAAA;AAAA,UACnB,aAAa,WAAY,CAAA;AAAA;AAC3B,OACF,CAAA;AAEJ,MAAA,OAAO,IAAI,gBAAiB,CAAA;AAAA,QAC1B,WAAa,EAAA,CAAA,EAAG,YAAa,CAAA,OAAO,IAAI,UAAU,CAAA,cAAA,CAAA;AAAA,QAClD,UAAA,EAAY,MAAO,CAAA,SAAA,CAAU,YAAY,CAAA;AAAA,QACzC,SAAA,EAAW,MAAO,CAAA,iBAAA,CAAkB,WAAW,CAAA;AAAA,QAC/C,QAAA,EAAU,MAAO,CAAA,SAAA,CAAU,UAAU,CAAA;AAAA,QACrC,MAAA,EAAQ,MAAO,CAAA,SAAA,CAAU,QAAQ,CAAA;AAAA,QACjC,OAAA,EAAS,MAAO,CAAA,SAAA,CAAU,MAAM,CAAA;AAAA,QAChC,UAAA,EAAY,MAAO,CAAA,iBAAA,CAAkB,YAAY,CAAA;AAAA,QACjD,YAAA,EAAc,MAAO,CAAA,sBAAA,CAAuB,cAAc,CAAA;AAAA,QAC1D,gBAAA,EAAkB,MAAO,CAAA,iBAAA,CAAkB,kBAAkB,CAAA;AAAA,QAC7D,aAAA,EAAe,MAAO,CAAA,iBAAA,CAAkB,eAAe,CAAA;AAAA,QACvD,kBAAA,EAAoB,MAAO,CAAA,iBAAA,CAAkB,oBAAoB,CAAA;AAAA,QAGjE,eAAA,EAAiB,MAAO,CAAA,iBAAA,CAAkB,iBAAiB,CAAA;AAAA,QAC3D,mBAAA,EAAqB,MAAO,CAAA,iBAAA,CAAkB,qBAAqB,CAAA;AAAA,QACnE,yBAAyB,MAAO,CAAA,kBAAA;AAAA,UAC9B;AAAA,SACF;AAAA,QACA,oBAAA,EAAsB,MAAO,CAAA,kBAAA,CAAmB,sBAAsB,CAAA;AAAA,QACtE,QAAQ,YAAa,CAAA,MAAA;AAAA,QACrB,WAAA;AAAA,QACA,cAAA,EAAgB,SAAS,MAAQ,EAAA,QAAA;AAAA,QACjC;AAAA,OACD,CAAA;AAAA,KACH;AAAA,GACF;AAAA,EACA,SAAW,EAAA;AAAA;AAAA;AAAA;AAAA,IAIT,4BAA+D,GAAA;AAC7D,MAAO,OAAA,OAAO,MAAM,GAAQ,KAAA;AAC1B,QAAM,MAAA,EAAA,GAAK,IAAK,CAAA,MAAA,CAAO,WAAY,CAAA,MAAA;AAEnC,QAAA,IAAI,CAAC,EAAI,EAAA;AACP,UAAM,MAAA,IAAIC,2BAAoB,kCAAkC,CAAA;AAAA;AAGlE,QAAA,OAAO,IAAI,qBAAsB,CAAA;AAAA,UAC/B,SAAA,EAAW,EAAE,IAAA,EAAM,EAAG;AAAA,SACvB,CAAA;AAAA,OACH;AAAA;AACF;AAEJ,CAAC;;;;;"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@backstage/plugin-auth-backend",
3
- "version": "0.24.4-next.0",
3
+ "version": "0.24.4-next.2",
4
4
  "description": "A Backstage backend plugin that handles authentication",
5
5
  "backstage": {
6
6
  "role": "backend-plugin",
@@ -47,30 +47,30 @@
47
47
  },
48
48
  "dependencies": {
49
49
  "@backstage/backend-common": "^0.25.0",
50
- "@backstage/backend-plugin-api": "1.2.1-next.0",
50
+ "@backstage/backend-plugin-api": "1.2.1-next.1",
51
51
  "@backstage/catalog-client": "1.9.1",
52
52
  "@backstage/catalog-model": "1.7.3",
53
53
  "@backstage/config": "1.3.2",
54
54
  "@backstage/errors": "1.2.7",
55
- "@backstage/plugin-auth-backend-module-atlassian-provider": "0.4.1-next.0",
56
- "@backstage/plugin-auth-backend-module-auth0-provider": "0.2.1-next.0",
57
- "@backstage/plugin-auth-backend-module-aws-alb-provider": "0.4.1-next.0",
58
- "@backstage/plugin-auth-backend-module-azure-easyauth-provider": "0.2.6-next.0",
59
- "@backstage/plugin-auth-backend-module-bitbucket-provider": "0.3.1-next.0",
60
- "@backstage/plugin-auth-backend-module-bitbucket-server-provider": "0.2.1-next.0",
61
- "@backstage/plugin-auth-backend-module-cloudflare-access-provider": "0.4.1-next.0",
62
- "@backstage/plugin-auth-backend-module-gcp-iap-provider": "0.4.1-next.0",
63
- "@backstage/plugin-auth-backend-module-github-provider": "0.3.1-next.0",
64
- "@backstage/plugin-auth-backend-module-gitlab-provider": "0.3.1-next.0",
65
- "@backstage/plugin-auth-backend-module-google-provider": "0.3.1-next.0",
66
- "@backstage/plugin-auth-backend-module-microsoft-provider": "0.3.1-next.0",
67
- "@backstage/plugin-auth-backend-module-oauth2-provider": "0.4.1-next.0",
68
- "@backstage/plugin-auth-backend-module-oauth2-proxy-provider": "0.2.6-next.0",
69
- "@backstage/plugin-auth-backend-module-oidc-provider": "0.4.1-next.0",
70
- "@backstage/plugin-auth-backend-module-okta-provider": "0.2.1-next.0",
71
- "@backstage/plugin-auth-backend-module-onelogin-provider": "0.3.1-next.0",
72
- "@backstage/plugin-auth-node": "0.6.1-next.0",
73
- "@backstage/plugin-catalog-node": "1.16.1-next.0",
55
+ "@backstage/plugin-auth-backend-module-atlassian-provider": "0.4.1-next.1",
56
+ "@backstage/plugin-auth-backend-module-auth0-provider": "0.2.1-next.1",
57
+ "@backstage/plugin-auth-backend-module-aws-alb-provider": "0.4.1-next.2",
58
+ "@backstage/plugin-auth-backend-module-azure-easyauth-provider": "0.2.6-next.1",
59
+ "@backstage/plugin-auth-backend-module-bitbucket-provider": "0.3.1-next.1",
60
+ "@backstage/plugin-auth-backend-module-bitbucket-server-provider": "0.2.1-next.1",
61
+ "@backstage/plugin-auth-backend-module-cloudflare-access-provider": "0.4.1-next.1",
62
+ "@backstage/plugin-auth-backend-module-gcp-iap-provider": "0.4.1-next.1",
63
+ "@backstage/plugin-auth-backend-module-github-provider": "0.3.1-next.1",
64
+ "@backstage/plugin-auth-backend-module-gitlab-provider": "0.3.1-next.1",
65
+ "@backstage/plugin-auth-backend-module-google-provider": "0.3.1-next.1",
66
+ "@backstage/plugin-auth-backend-module-microsoft-provider": "0.3.1-next.1",
67
+ "@backstage/plugin-auth-backend-module-oauth2-provider": "0.4.1-next.2",
68
+ "@backstage/plugin-auth-backend-module-oauth2-proxy-provider": "0.2.6-next.1",
69
+ "@backstage/plugin-auth-backend-module-oidc-provider": "0.4.1-next.2",
70
+ "@backstage/plugin-auth-backend-module-okta-provider": "0.2.1-next.2",
71
+ "@backstage/plugin-auth-backend-module-onelogin-provider": "0.3.1-next.1",
72
+ "@backstage/plugin-auth-node": "0.6.1-next.1",
73
+ "@backstage/plugin-catalog-node": "1.16.1-next.1",
74
74
  "@backstage/types": "1.2.1",
75
75
  "@google-cloud/firestore": "^7.0.0",
76
76
  "@node-saml/passport-saml": "^5.0.0",
@@ -105,9 +105,9 @@
105
105
  "yn": "^4.0.0"
106
106
  },
107
107
  "devDependencies": {
108
- "@backstage/backend-defaults": "0.8.2-next.0",
109
- "@backstage/backend-test-utils": "1.3.1-next.0",
110
- "@backstage/cli": "0.30.0",
108
+ "@backstage/backend-defaults": "0.8.2-next.2",
109
+ "@backstage/backend-test-utils": "1.3.1-next.2",
110
+ "@backstage/cli": "0.31.0-next.1",
111
111
  "@types/body-parser": "^1.19.0",
112
112
  "@types/cookie-parser": "^1.4.2",
113
113
  "@types/express-session": "^1.17.2",
@@ -121,12 +121,5 @@
121
121
  "msw": "^1.0.0",
122
122
  "supertest": "^7.0.0"
123
123
  },
124
- "configSchema": "config.d.ts",
125
- "typesVersions": {
126
- "*": {
127
- "index": [
128
- "dist/index.d.ts"
129
- ]
130
- }
131
- }
124
+ "configSchema": "config.d.ts"
132
125
  }