@backstage/plugin-auth-backend 0.5.2 → 0.7.0-next.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/CHANGELOG.md +82 -0
  2. package/dist/index.cjs.js +1671 -1418
  3. package/dist/index.cjs.js.map +1 -1
  4. package/dist/index.d.ts +291 -137
  5. package/package.json +13 -11
package/CHANGELOG.md CHANGED
@@ -1,5 +1,87 @@
1
1
  # @backstage/plugin-auth-backend
2
2
 
3
+ ## 0.7.0-next.0
4
+
5
+ ### Minor Changes
6
+
7
+ - 6e92ee6267: Add new authentication provider to support the oauth2-proxy.
8
+
9
+ **BREAKING** The `AuthHandler` requires now an `AuthResolverContext` parameter. This aligns with the
10
+ behavior of the `SignInResolver`.
11
+
12
+ ### Patch Changes
13
+
14
+ - Updated dependencies
15
+ - @backstage/backend-common@0.10.4-next.0
16
+ - @backstage/config@0.1.13-next.0
17
+ - @backstage/catalog-model@0.9.10-next.0
18
+ - @backstage/catalog-client@0.5.5-next.0
19
+
20
+ ## 0.6.2
21
+
22
+ ### Patch Changes
23
+
24
+ - 5333451def: Cleaned up API exports
25
+ - da9c59d6e0: Removed `@backstage/test-utils` dependency.
26
+ - 20ca7cfa5f: Switched the secure cookie mode set on the `express-session` to use `'auto'` rather than `true`. This works around an issue where cookies would not be set if TLS termination was handled in a proxy rather than having the backend served directly with HTTPS.
27
+
28
+ The downside of this change is that secure cookies won't be used unless the backend is directly served with HTTPS. This will be remedied in a future update that allows the backend to configured for trusted proxy mode.
29
+
30
+ - Updated dependencies
31
+ - @backstage/config@0.1.12
32
+ - @backstage/backend-common@0.10.3
33
+ - @backstage/errors@0.2.0
34
+ - @backstage/catalog-client@0.5.4
35
+ - @backstage/catalog-model@0.9.9
36
+
37
+ ## 0.6.1
38
+
39
+ ### Patch Changes
40
+
41
+ - e0e57817d2: Added Google Cloud Identity-Aware Proxy as an identity provider.
42
+ - Updated dependencies
43
+ - @backstage/backend-common@0.10.2
44
+
45
+ ## 0.6.0
46
+
47
+ ### Minor Changes
48
+
49
+ - c88cdacc1a: Avoid ever returning OAuth refresh tokens back to the client, and always exchange refresh tokens for a new one when available for all providers.
50
+
51
+ This comes with a breaking change to the TypeScript API for custom auth providers. The `refresh` method of `OAuthHandlers` implementation must now return a `{ response, refreshToken }` object rather than a direct response. Existing `refresh` implementations are typically migrated by changing an existing return expression that looks like this:
52
+
53
+ ```ts
54
+ return await this.handleResult({
55
+ fullProfile,
56
+ params,
57
+ accessToken,
58
+ refreshToken,
59
+ });
60
+ ```
61
+
62
+ Into the following:
63
+
64
+ ```ts
65
+ return {
66
+ response: await this.handleResult({
67
+ fullProfile,
68
+ params,
69
+ accessToken,
70
+ }),
71
+ refreshToken,
72
+ };
73
+ ```
74
+
75
+ ### Patch Changes
76
+
77
+ - f0f81f6cc7: Replaces the usage of `got` with `node-fetch` in the `getUserPhoto` method of the Microsoft provider
78
+ - 2f26120a36: Update `auth0` and `onelogin` providers to allow for `authHandler` and `signIn.resolver` configuration.
79
+ - a9abafa9df: Fixed bug on refresh token on Okta provider, now it gets the refresh token and it sends it into providerInfo
80
+ - eb48e78886: Enforce cookie SSL protection when in production for auth-backend sessions
81
+ - Updated dependencies
82
+ - @backstage/test-utils@0.2.1
83
+ - @backstage/backend-common@0.10.1
84
+
3
85
  ## 0.5.2
4
86
 
5
87
  ### Patch Changes