@backstage/plugin-auth-backend 0.24.5-next.2 → 0.25.0-next.0

package/CHANGELOG.md

@@ -1,5 +1,56 @@
 # @backstage/plugin-auth-backend
 
+## 0.25.0-next.0
+
+### Minor Changes
+
+- 57221d9: **BREAKING**: Removed support for the old backend system, and removed all deprecated exports.
+
+  If you were using one of the deprecated imports from this package, you will have to follow the instructions in their respective deprecation notices before upgrading. Most of the general utilities are available from `@backstage/plugin-auth-node`, and the specific auth providers are available from dedicated packages such as for example `@backstage/plugin-auth-backend-module-github-provider`. See [the auth docs](https://backstage.io/docs/auth/) for specific instructions.
+
+### Patch Changes
+
+- Updated dependencies
+  - @backstage/plugin-catalog-node@1.17.0-next.0
+  - @backstage/backend-plugin-api@1.3.1-next.0
+  - @backstage/plugin-auth-node@0.6.3-next.0
+  - @backstage/catalog-model@1.7.3
+  - @backstage/config@1.3.2
+  - @backstage/errors@1.2.7
+  - @backstage/types@1.2.1
+
+## 0.24.5
+
+### Patch Changes
+
+- 25d05f9: Slight update to the config schema
+- Updated dependencies
+  - @backstage/plugin-auth-backend-module-bitbucket-provider@0.3.2
+  - @backstage/plugin-catalog-node@1.16.3
+  - @backstage/plugin-auth-backend-module-oidc-provider@0.4.2
+  - @backstage/backend-plugin-api@1.3.0
+  - @backstage/plugin-auth-backend-module-atlassian-provider@0.4.2
+  - @backstage/plugin-auth-backend-module-auth0-provider@0.2.2
+  - @backstage/plugin-auth-backend-module-bitbucket-server-provider@0.2.2
+  - @backstage/plugin-auth-backend-module-cloudflare-access-provider@0.4.2
+  - @backstage/plugin-auth-backend-module-github-provider@0.3.2
+  - @backstage/plugin-auth-backend-module-gitlab-provider@0.3.2
+  - @backstage/plugin-auth-backend-module-microsoft-provider@0.3.2
+  - @backstage/plugin-auth-backend-module-oauth2-provider@0.4.2
+  - @backstage/plugin-auth-backend-module-okta-provider@0.2.2
+  - @backstage/plugin-auth-backend-module-onelogin-provider@0.3.2
+  - @backstage/plugin-auth-node@0.6.2
+  - @backstage/catalog-client@1.9.1
+  - @backstage/catalog-model@1.7.3
+  - @backstage/config@1.3.2
+  - @backstage/errors@1.2.7
+  - @backstage/types@1.2.1
+  - @backstage/plugin-auth-backend-module-aws-alb-provider@0.4.2
+  - @backstage/plugin-auth-backend-module-azure-easyauth-provider@0.2.7
+  - @backstage/plugin-auth-backend-module-gcp-iap-provider@0.4.2
+  - @backstage/plugin-auth-backend-module-google-provider@0.3.2
+  - @backstage/plugin-auth-backend-module-oauth2-proxy-provider@0.2.7
+
 ## 0.24.5-next.2
 
 ### Patch Changes

package/config.d.ts

@@ -85,66 +85,10 @@ export interface Config {
     };
 
     /**
-     * The available auth-provider options and attributes
-     * @additionalProperties true
+     * The backstage token expiration.
      */
-    providers?: {
-      /** @visibility frontend */
-      saml?: {
-        entryPoint: string;
-        logoutUrl?: string;
-        issuer: string;
-        /**
-         * @visibility secret
-         */
-        cert: string;
-        audience?: string;
-        /**
-         * @visibility secret
-         */
-        privateKey?: string;
-        authnContext?: string[];
-        identifierFormat?: string;
-        /**
-         * @visibility secret
-         */
-        decryptionPvk?: string;
-        signatureAlgorithm?: 'sha256' | 'sha512';
-        digestAlgorithm?: string;
-        acceptedClockSkewMs?: number;
-      };
-      /** @visibility frontend */
-      auth0?: {
-        [authEnv: string]: {
-          clientId: string;
-          /**
-           * @visibility secret
-           */
-          clientSecret: string;
-          domain: string;
-          callbackUrl?: string;
-          audience?: string;
-          connection?: string;
-          connectionScope?: string;
-        };
-      };
-      /** @visibility frontend */
-      onelogin?: {
-        [authEnv: string]: {
-          clientId: string;
-          /**
-           * @visibility secret
-           */
-          clientSecret: string;
-          issuer: string;
-          callbackUrl?: string;
-        };
-      };
-      /**
-       * The backstage token expiration.
-       */
-      backstageTokenExpiration?: HumanDuration | string;
-    };
+    backstageTokenExpiration?: HumanDuration | string;
+
     /**
      * Additional app origins to allow for authenticating
      */

package/dist/authPlugin.cjs.js

@@ -2,7 +2,7 @@
 
 var backendPluginApi = require('@backstage/backend-plugin-api');
 var pluginAuthNode = require('@backstage/plugin-auth-node');
-var alpha = require('@backstage/plugin-catalog-node/alpha');
+var pluginCatalogNode = require('@backstage/plugin-catalog-node');
 var router = require('./service/router.cjs.js');
 
 const authPlugin = backendPluginApi.createBackendPlugin({
@@ -36,8 +36,7 @@ const authPlugin = backendPluginApi.createBackendPlugin({
         database: backendPluginApi.coreServices.database,
         discovery: backendPluginApi.coreServices.discovery,
         auth: backendPluginApi.coreServices.auth,
-        httpAuth: backendPluginApi.coreServices.httpAuth,
-        catalogApi: alpha.catalogServiceRef
+        catalog: pluginCatalogNode.catalogServiceRef
       },
       async init({
         httpRouter,
@@ -46,8 +45,7 @@ const authPlugin = backendPluginApi.createBackendPlugin({
         database,
         discovery,
         auth,
-        httpAuth,
-        catalogApi
+        catalog
       }) {
         const router$1 = await router.createRouter({
           logger,
@@ -55,10 +53,8 @@ const authPlugin = backendPluginApi.createBackendPlugin({
           database,
           discovery,
           auth,
-          httpAuth,
-          catalogApi,
+          catalog,
           providerFactories: Object.fromEntries(providers),
-          disableDefaultProviderFactories: true,
           ownershipResolver
         });
         httpRouter.addAuthPolicy({

package/dist/authPlugin.cjs.js.map

@@ -1 +1 @@
-{"version":3,"file":"authPlugin.cjs.js","sources":["../src/authPlugin.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  coreServices,\n  createBackendPlugin,\n} from '@backstage/backend-plugin-api';\nimport {\n  authOwnershipResolutionExtensionPoint,\n  AuthOwnershipResolver,\n  AuthProviderFactory,\n  authProvidersExtensionPoint,\n} from '@backstage/plugin-auth-node';\nimport { catalogServiceRef } from '@backstage/plugin-catalog-node/alpha';\nimport { createRouter } from './service/router';\n\n/**\n * Auth plugin\n *\n * @public\n */\nexport const authPlugin = createBackendPlugin({\n  pluginId: 'auth',\n  register(reg) {\n    const providers = new Map<string, AuthProviderFactory>();\n    let ownershipResolver: AuthOwnershipResolver | undefined = undefined;\n\n    reg.registerExtensionPoint(authProvidersExtensionPoint, {\n      registerProvider({ providerId, factory }) {\n        if (providers.has(providerId)) {\n          throw new Error(\n            `Auth provider '${providerId}' was already registered`,\n          );\n        }\n        providers.set(providerId, factory);\n      },\n    });\n\n    reg.registerExtensionPoint(authOwnershipResolutionExtensionPoint, {\n      setAuthOwnershipResolver(resolver) {\n        if (ownershipResolver) {\n          throw new Error('Auth ownership resolver is already set');\n        }\n        ownershipResolver = resolver;\n      },\n    });\n\n    reg.registerInit({\n      deps: {\n        httpRouter: coreServices.httpRouter,\n        logger: coreServices.logger,\n        config: coreServices.rootConfig,\n        database: coreServices.database,\n        discovery: coreServices.discovery,\n        auth: coreServices.auth,\n        httpAuth: coreServices.httpAuth,\n        catalogApi: catalogServiceRef,\n      },\n      async init({\n        httpRouter,\n        logger,\n        config,\n        database,\n        discovery,\n        auth,\n        httpAuth,\n        catalogApi,\n      }) {\n        const router = await createRouter({\n          logger,\n          config,\n          database,\n          discovery,\n          auth,\n          httpAuth,\n          catalogApi,\n          providerFactories: Object.fromEntries(providers),\n          disableDefaultProviderFactories: true,\n          ownershipResolver,\n        });\n        httpRouter.addAuthPolicy({\n          path: '/',\n          allow: 'unauthenticated',\n        });\n        httpRouter.use(router);\n      },\n    });\n  },\n});\n"],"names":["createBackendPlugin","authProvidersExtensionPoint","authOwnershipResolutionExtensionPoint","coreServices","catalogServiceRef","router","createRouter"],"mappings":";;;;;;;AAkCO,MAAM,aAAaA,oCAAoB,CAAA;AAAA,EAC5C,QAAU,EAAA,MAAA;AAAA,EACV,SAAS,GAAK,EAAA;AACZ,IAAM,MAAA,SAAA,uBAAgB,GAAiC,EAAA;AACvD,IAAA,IAAI,iBAAuD,GAAA,KAAA,CAAA;AAE3D,IAAA,GAAA,CAAI,uBAAuBC,0CAA6B,EAAA;AAAA,MACtD,gBAAiB,CAAA,EAAE,UAAY,EAAA,OAAA,EAAW,EAAA;AACxC,QAAI,IAAA,SAAA,CAAU,GAAI,CAAA,UAAU,CAAG,EAAA;AAC7B,UAAA,MAAM,IAAI,KAAA;AAAA,YACR,kBAAkB,UAAU,CAAA,wBAAA;AAAA,WAC9B;AAAA;AAEF,QAAU,SAAA,CAAA,GAAA,CAAI,YAAY,OAAO,CAAA;AAAA;AACnC,KACD,CAAA;AAED,IAAA,GAAA,CAAI,uBAAuBC,oDAAuC,EAAA;AAAA,MAChE,yBAAyB,QAAU,EAAA;AACjC,QAAA,IAAI,iBAAmB,EAAA;AACrB,UAAM,MAAA,IAAI,MAAM,wCAAwC,CAAA;AAAA;AAE1D,QAAoB,iBAAA,GAAA,QAAA;AAAA;AACtB,KACD,CAAA;AAED,IAAA,GAAA,CAAI,YAAa,CAAA;AAAA,MACf,IAAM,EAAA;AAAA,QACJ,YAAYC,6BAAa,CAAA,UAAA;AAAA,QACzB,QAAQA,6BAAa,CAAA,MAAA;AAAA,QACrB,QAAQA,6BAAa,CAAA,UAAA;AAAA,QACrB,UAAUA,6BAAa,CAAA,QAAA;AAAA,QACvB,WAAWA,6BAAa,CAAA,SAAA;AAAA,QACxB,MAAMA,6BAAa,CAAA,IAAA;AAAA,QACnB,UAAUA,6BAAa,CAAA,QAAA;AAAA,QACvB,UAAY,EAAAC;AAAA,OACd;AAAA,MACA,MAAM,IAAK,CAAA;AAAA,QACT,UAAA;AAAA,QACA,MAAA;AAAA,QACA,MAAA;AAAA,QACA,QAAA;AAAA,QACA,SAAA;AAAA,QACA,IAAA;AAAA,QACA,QAAA;AAAA,QACA;AAAA,OACC,EAAA;AACD,QAAM,MAAAC,QAAA,GAAS,MAAMC,mBAAa,CAAA;AAAA,UAChC,MAAA;AAAA,UACA,MAAA;AAAA,UACA,QAAA;AAAA,UACA,SAAA;AAAA,UACA,IAAA;AAAA,UACA,QAAA;AAAA,UACA,UAAA;AAAA,UACA,iBAAA,EAAmB,MAAO,CAAA,WAAA,CAAY,SAAS,CAAA;AAAA,UAC/C,+BAAiC,EAAA,IAAA;AAAA,UACjC;AAAA,SACD,CAAA;AACD,QAAA,UAAA,CAAW,aAAc,CAAA;AAAA,UACvB,IAAM,EAAA,GAAA;AAAA,UACN,KAAO,EAAA;AAAA,SACR,CAAA;AACD,QAAA,UAAA,CAAW,IAAID,QAAM,CAAA;AAAA;AACvB,KACD,CAAA;AAAA;AAEL,CAAC;;;;"}
+{"version":3,"file":"authPlugin.cjs.js","sources":["../src/authPlugin.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  coreServices,\n  createBackendPlugin,\n} from '@backstage/backend-plugin-api';\nimport {\n  authOwnershipResolutionExtensionPoint,\n  AuthOwnershipResolver,\n  AuthProviderFactory,\n  authProvidersExtensionPoint,\n} from '@backstage/plugin-auth-node';\nimport { catalogServiceRef } from '@backstage/plugin-catalog-node';\nimport { createRouter } from './service/router';\n\n/**\n * Auth plugin\n *\n * @public\n */\nexport const authPlugin = createBackendPlugin({\n  pluginId: 'auth',\n  register(reg) {\n    const providers = new Map<string, AuthProviderFactory>();\n    let ownershipResolver: AuthOwnershipResolver | undefined = undefined;\n\n    reg.registerExtensionPoint(authProvidersExtensionPoint, {\n      registerProvider({ providerId, factory }) {\n        if (providers.has(providerId)) {\n          throw new Error(\n            `Auth provider '${providerId}' was already registered`,\n          );\n        }\n        providers.set(providerId, factory);\n      },\n    });\n\n    reg.registerExtensionPoint(authOwnershipResolutionExtensionPoint, {\n      setAuthOwnershipResolver(resolver) {\n        if (ownershipResolver) {\n          throw new Error('Auth ownership resolver is already set');\n        }\n        ownershipResolver = resolver;\n      },\n    });\n\n    reg.registerInit({\n      deps: {\n        httpRouter: coreServices.httpRouter,\n        logger: coreServices.logger,\n        config: coreServices.rootConfig,\n        database: coreServices.database,\n        discovery: coreServices.discovery,\n        auth: coreServices.auth,\n        catalog: catalogServiceRef,\n      },\n      async init({\n        httpRouter,\n        logger,\n        config,\n        database,\n        discovery,\n        auth,\n        catalog,\n      }) {\n        const router = await createRouter({\n          logger,\n          config,\n          database,\n          discovery,\n          auth,\n          catalog,\n          providerFactories: Object.fromEntries(providers),\n          ownershipResolver,\n        });\n        httpRouter.addAuthPolicy({\n          path: '/',\n          allow: 'unauthenticated',\n        });\n        httpRouter.use(router);\n      },\n    });\n  },\n});\n"],"names":["createBackendPlugin","authProvidersExtensionPoint","authOwnershipResolutionExtensionPoint","coreServices","catalogServiceRef","router","createRouter"],"mappings":";;;;;;;AAkCO,MAAM,aAAaA,oCAAoB,CAAA;AAAA,EAC5C,QAAU,EAAA,MAAA;AAAA,EACV,SAAS,GAAK,EAAA;AACZ,IAAM,MAAA,SAAA,uBAAgB,GAAiC,EAAA;AACvD,IAAA,IAAI,iBAAuD,GAAA,KAAA,CAAA;AAE3D,IAAA,GAAA,CAAI,uBAAuBC,0CAA6B,EAAA;AAAA,MACtD,gBAAiB,CAAA,EAAE,UAAY,EAAA,OAAA,EAAW,EAAA;AACxC,QAAI,IAAA,SAAA,CAAU,GAAI,CAAA,UAAU,CAAG,EAAA;AAC7B,UAAA,MAAM,IAAI,KAAA;AAAA,YACR,kBAAkB,UAAU,CAAA,wBAAA;AAAA,WAC9B;AAAA;AAEF,QAAU,SAAA,CAAA,GAAA,CAAI,YAAY,OAAO,CAAA;AAAA;AACnC,KACD,CAAA;AAED,IAAA,GAAA,CAAI,uBAAuBC,oDAAuC,EAAA;AAAA,MAChE,yBAAyB,QAAU,EAAA;AACjC,QAAA,IAAI,iBAAmB,EAAA;AACrB,UAAM,MAAA,IAAI,MAAM,wCAAwC,CAAA;AAAA;AAE1D,QAAoB,iBAAA,GAAA,QAAA;AAAA;AACtB,KACD,CAAA;AAED,IAAA,GAAA,CAAI,YAAa,CAAA;AAAA,MACf,IAAM,EAAA;AAAA,QACJ,YAAYC,6BAAa,CAAA,UAAA;AAAA,QACzB,QAAQA,6BAAa,CAAA,MAAA;AAAA,QACrB,QAAQA,6BAAa,CAAA,UAAA;AAAA,QACrB,UAAUA,6BAAa,CAAA,QAAA;AAAA,QACvB,WAAWA,6BAAa,CAAA,SAAA;AAAA,QACxB,MAAMA,6BAAa,CAAA,IAAA;AAAA,QACnB,OAAS,EAAAC;AAAA,OACX;AAAA,MACA,MAAM,IAAK,CAAA;AAAA,QACT,UAAA;AAAA,QACA,MAAA;AAAA,QACA,MAAA;AAAA,QACA,QAAA;AAAA,QACA,SAAA;AAAA,QACA,IAAA;AAAA,QACA;AAAA,OACC,EAAA;AACD,QAAM,MAAAC,QAAA,GAAS,MAAMC,mBAAa,CAAA;AAAA,UAChC,MAAA;AAAA,UACA,MAAA;AAAA,UACA,QAAA;AAAA,UACA,SAAA;AAAA,UACA,IAAA;AAAA,UACA,OAAA;AAAA,UACA,iBAAA,EAAmB,MAAO,CAAA,WAAA,CAAY,SAAS,CAAA;AAAA,UAC/C;AAAA,SACD,CAAA;AACD,QAAA,UAAA,CAAW,aAAc,CAAA;AAAA,UACvB,IAAM,EAAA,GAAA;AAAA,UACN,KAAO,EAAA;AAAA,SACR,CAAA;AACD,QAAA,UAAA,CAAW,IAAID,QAAM,CAAA;AAAA;AACvB,KACD,CAAA;AAAA;AAEL,CAAC;;;;"}

package/dist/database/AuthDatabase.cjs.js

@@ -1,8 +1,6 @@
 'use strict';
 
-var backendCommon = require('@backstage/backend-common');
 var backendPluginApi = require('@backstage/backend-plugin-api');
-var config = require('@backstage/config');
 
 const migrationsDir = backendPluginApi.resolvePackagePath(
   "@backstage/plugin-auth-backend",
@@ -14,20 +12,6 @@ class AuthDatabase {
   static create(database) {
     return new AuthDatabase(database);
   }
-  /** @internal */
-  static forTesting() {
-    const config$1 = new config.ConfigReader({
-      backend: {
-        database: {
-          client: "better-sqlite3",
-          connection: ":memory:",
-          useNullAsDefault: true
-        }
-      }
-    });
-    const database = backendCommon.DatabaseManager.fromConfig(config$1).forPlugin("auth");
-    return new AuthDatabase(database);
-  }
   static async runMigrations(knex) {
     await knex.migrate.latest({
       directory: migrationsDir

package/dist/database/AuthDatabase.cjs.js.map

@@ -1 +1 @@
-{"version":3,"file":"AuthDatabase.cjs.js","sources":["../../src/database/AuthDatabase.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { DatabaseManager } from '@backstage/backend-common';\nimport {\n  DatabaseService,\n  resolvePackagePath,\n} from '@backstage/backend-plugin-api';\nimport { ConfigReader } from '@backstage/config';\nimport { Knex } from 'knex';\n\nconst migrationsDir = resolvePackagePath(\n  '@backstage/plugin-auth-backend',\n  'migrations',\n);\n\n/**\n * Ensures that a database connection is established exactly once and only when\n * asked for, and runs migrations.\n */\nexport class AuthDatabase {\n  readonly #database: DatabaseService;\n  #promise: Promise<Knex> | undefined;\n\n  static create(database: DatabaseService): AuthDatabase {\n    return new AuthDatabase(database);\n  }\n\n  /** @internal */\n  static forTesting(): AuthDatabase {\n    const config = new ConfigReader({\n      backend: {\n        database: {\n          client: 'better-sqlite3',\n          connection: ':memory:',\n          useNullAsDefault: true,\n        },\n      },\n    });\n    const database = DatabaseManager.fromConfig(config).forPlugin('auth');\n    return new AuthDatabase(database);\n  }\n\n  static async runMigrations(knex: Knex): Promise<void> {\n    await knex.migrate.latest({\n      directory: migrationsDir,\n    });\n  }\n\n  private constructor(database: DatabaseService) {\n    this.#database = database;\n  }\n\n  get(): Promise<Knex> {\n    this.#promise ??= this.#database.getClient().then(async client => {\n      if (!this.#database.migrations?.skip) {\n        await AuthDatabase.runMigrations(client);\n      }\n      return client;\n    });\n\n    return this.#promise;\n  }\n}\n"],"names":["resolvePackagePath","config","ConfigReader","DatabaseManager"],"mappings":";;;;;;AAwBA,MAAM,aAAgB,GAAAA,mCAAA;AAAA,EACpB,gCAAA;AAAA,EACA;AACF,CAAA;AAMO,MAAM,YAAa,CAAA;AAAA,EACf,SAAA;AAAA,EACT,QAAA;AAAA,EAEA,OAAO,OAAO,QAAyC,EAAA;AACrD,IAAO,OAAA,IAAI,aAAa,QAAQ,CAAA;AAAA;AAClC;AAAA,EAGA,OAAO,UAA2B,GAAA;AAChC,IAAM,MAAAC,QAAA,GAAS,IAAIC,mBAAa,CAAA;AAAA,MAC9B,OAAS,EAAA;AAAA,QACP,QAAU,EAAA;AAAA,UACR,MAAQ,EAAA,gBAAA;AAAA,UACR,UAAY,EAAA,UAAA;AAAA,UACZ,gBAAkB,EAAA;AAAA;AACpB;AACF,KACD,CAAA;AACD,IAAA,MAAM,WAAWC,6BAAgB,CAAA,UAAA,CAAWF,QAAM,CAAA,CAAE,UAAU,MAAM,CAAA;AACpE,IAAO,OAAA,IAAI,aAAa,QAAQ,CAAA;AAAA;AAClC,EAEA,aAAa,cAAc,IAA2B,EAAA;AACpD,IAAM,MAAA,IAAA,CAAK,QAAQ,MAAO,CAAA;AAAA,MACxB,SAAW,EAAA;AAAA,KACZ,CAAA;AAAA;AACH,EAEQ,YAAY,QAA2B,EAAA;AAC7C,IAAA,IAAA,CAAK,SAAY,GAAA,QAAA;AAAA;AACnB,EAEA,GAAqB,GAAA;AACnB,IAAA,IAAA,CAAK,aAAa,IAAK,CAAA,SAAA,CAAU,WAAY,CAAA,IAAA,CAAK,OAAM,MAAU,KAAA;AAChE,MAAA,IAAI,CAAC,IAAA,CAAK,SAAU,CAAA,UAAA,EAAY,IAAM,EAAA;AACpC,QAAM,MAAA,YAAA,CAAa,cAAc,MAAM,CAAA;AAAA;AAEzC,MAAO,OAAA,MAAA;AAAA,KACR,CAAA;AAED,IAAA,OAAO,IAAK,CAAA,QAAA;AAAA;AAEhB;;;;"}
+{"version":3,"file":"AuthDatabase.cjs.js","sources":["../../src/database/AuthDatabase.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  DatabaseService,\n  resolvePackagePath,\n} from '@backstage/backend-plugin-api';\nimport { Knex } from 'knex';\n\nconst migrationsDir = resolvePackagePath(\n  '@backstage/plugin-auth-backend',\n  'migrations',\n);\n\n/**\n * Ensures that a database connection is established exactly once and only when\n * asked for, and runs migrations.\n */\nexport class AuthDatabase {\n  readonly #database: DatabaseService;\n  #promise: Promise<Knex> | undefined;\n\n  static create(database: DatabaseService): AuthDatabase {\n    return new AuthDatabase(database);\n  }\n\n  static async runMigrations(knex: Knex): Promise<void> {\n    await knex.migrate.latest({\n      directory: migrationsDir,\n    });\n  }\n\n  private constructor(database: DatabaseService) {\n    this.#database = database;\n  }\n\n  get(): Promise<Knex> {\n    this.#promise ??= this.#database.getClient().then(async client => {\n      if (!this.#database.migrations?.skip) {\n        await AuthDatabase.runMigrations(client);\n      }\n      return client;\n    });\n\n    return this.#promise;\n  }\n}\n"],"names":["resolvePackagePath"],"mappings":";;;;AAsBA,MAAM,aAAgB,GAAAA,mCAAA;AAAA,EACpB,gCAAA;AAAA,EACA;AACF,CAAA;AAMO,MAAM,YAAa,CAAA;AAAA,EACf,SAAA;AAAA,EACT,QAAA;AAAA,EAEA,OAAO,OAAO,QAAyC,EAAA;AACrD,IAAO,OAAA,IAAI,aAAa,QAAQ,CAAA;AAAA;AAClC,EAEA,aAAa,cAAc,IAA2B,EAAA;AACpD,IAAM,MAAA,IAAA,CAAK,QAAQ,MAAO,CAAA;AAAA,MACxB,SAAW,EAAA;AAAA,KACZ,CAAA;AAAA;AACH,EAEQ,YAAY,QAA2B,EAAA;AAC7C,IAAA,IAAA,CAAK,SAAY,GAAA,QAAA;AAAA;AACnB,EAEA,GAAqB,GAAA;AACnB,IAAA,IAAA,CAAK,aAAa,IAAK,CAAA,SAAA,CAAU,WAAY,CAAA,IAAA,CAAK,OAAM,MAAU,KAAA;AAChE,MAAA,IAAI,CAAC,IAAA,CAAK,SAAU,CAAA,UAAA,EAAY,IAAM,EAAA;AACpC,QAAM,MAAA,YAAA,CAAa,cAAc,MAAM,CAAA;AAAA;AAEzC,MAAO,OAAA,MAAA;AAAA,KACR,CAAA;AAED,IAAA,OAAO,IAAK,CAAA,QAAA;AAAA;AAEhB;;;;"}

package/dist/index.cjs.js

@@ -3,34 +3,8 @@
 Object.defineProperty(exports, '__esModule', { value: true });
 
 var authPlugin = require('./authPlugin.cjs.js');
-var router = require('./service/router.cjs.js');
-var providers = require('./providers/providers.cjs.js');
-var router$1 = require('./providers/router.cjs.js');
-var createAuthProviderIntegration = require('./providers/createAuthProviderIntegration.cjs.js');
-var prepareBackstageIdentityResponse = require('./providers/prepareBackstageIdentityResponse.cjs.js');
-var authFlowHelpers = require('./lib/flow/authFlowHelpers.cjs.js');
-var OAuthEnvironmentHandler = require('./lib/oauth/OAuthEnvironmentHandler.cjs.js');
-var OAuthAdapter = require('./lib/oauth/OAuthAdapter.cjs.js');
-var helpers = require('./lib/oauth/helpers.cjs.js');
-var CatalogIdentityClient = require('./lib/catalog/CatalogIdentityClient.cjs.js');
-var CatalogAuthResolverContext = require('./lib/resolvers/CatalogAuthResolverContext.cjs.js');
 
 
 
 exports.default = authPlugin.authPlugin;
-exports.createRouter = router.createRouter;
-exports.defaultAuthProviderFactories = providers.defaultAuthProviderFactories;
-exports.providers = providers.providers;
-exports.createOriginFilter = router$1.createOriginFilter;
-exports.createAuthProviderIntegration = createAuthProviderIntegration.createAuthProviderIntegration;
-exports.prepareBackstageIdentityResponse = prepareBackstageIdentityResponse.prepareBackstageIdentityResponse;
-exports.ensuresXRequestedWith = authFlowHelpers.ensuresXRequestedWith;
-exports.postMessageResponse = authFlowHelpers.postMessageResponse;
-exports.OAuthEnvironmentHandler = OAuthEnvironmentHandler.OAuthEnvironmentHandler;
-exports.OAuthAdapter = OAuthAdapter.OAuthAdapter;
-exports.encodeState = helpers.encodeState;
-exports.readState = helpers.readState;
-exports.verifyNonce = helpers.verifyNonce;
-exports.CatalogIdentityClient = CatalogIdentityClient.CatalogIdentityClient;
-exports.getDefaultOwnershipEntityRefs = CatalogAuthResolverContext.getDefaultOwnershipEntityRefs;
 //# sourceMappingURL=index.cjs.js.map

package/dist/index.cjs.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.cjs.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;"}
+{"version":3,"file":"index.cjs.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;"}