@backstage/plugin-auth-backend 0.6.1 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/CHANGELOG.md +67 -0
  2. package/dist/index.cjs.js +959 -846
  3. package/dist/index.cjs.js.map +1 -1
  4. package/dist/index.d.ts +67 -32
  5. package/package.json +10 -10
package/CHANGELOG.md CHANGED
@@ -1,5 +1,72 @@
1
1
  # @backstage/plugin-auth-backend
2
2
 
3
+ ## 0.8.0
4
+
5
+ ### Minor Changes
6
+
7
+ - 67349916ac: The `sub` claim in Backstage tokens generated by the default Google and OIDC sign-in resolvers are now full entity references of the format `<kind>:<namespace>/<name>`.
8
+
9
+ ### Patch Changes
10
+
11
+ - 033493a8af: Running the `auth-backend` on multiple domains, perhaps different domains depending on the `auth.environment`, was previously not possible as the `domain` name of the cookie was taken from `backend.baseUrl`. This prevented any cookies to be set in the start of the auth flow as the domain of the cookie would not match the domain of the callbackUrl configured in the OAuth app. This change checks if a provider supports custom `callbackUrl`'s to be configured in the application configuration and uses the domain from that, allowing the `domain`'s to match and the cookie to be set.
12
+ - Updated dependencies
13
+ - @backstage/backend-common@0.10.5
14
+
15
+ ## 0.7.0
16
+
17
+ ### Minor Changes
18
+
19
+ - 6e92ee6267: Add new authentication provider to support the oauth2-proxy.
20
+
21
+ **BREAKING** The `AuthHandler` requires now an `AuthResolverContext` parameter. This aligns with the
22
+ behavior of the `SignInResolver`.
23
+
24
+ - f8496730ab: Switched the handling of the `BackstageIdentityResponse` so that the returned `identity.userEntityRef` is always a full entity reference. If `userEntityRef` was previously set to `jane`, it will now be `user:default/jane`. The `userEntityRef` in the response is parsed from the `sub` claim in the payload of the Backstage token.
25
+ - a53d7d8143: Update provider subs to return full entity ref.
26
+
27
+ ### Patch Changes
28
+
29
+ - f815b7e4a4: build(deps): bump `@google-cloud/firestore` from 4.15.1 to 5.0.2
30
+ - Updated dependencies
31
+ - @backstage/backend-common@0.10.4
32
+ - @backstage/config@0.1.13
33
+ - @backstage/catalog-model@0.9.10
34
+ - @backstage/catalog-client@0.5.5
35
+
36
+ ## 0.7.0-next.0
37
+
38
+ ### Minor Changes
39
+
40
+ - 6e92ee6267: Add new authentication provider to support the oauth2-proxy.
41
+
42
+ **BREAKING** The `AuthHandler` requires now an `AuthResolverContext` parameter. This aligns with the
43
+ behavior of the `SignInResolver`.
44
+
45
+ ### Patch Changes
46
+
47
+ - Updated dependencies
48
+ - @backstage/backend-common@0.10.4-next.0
49
+ - @backstage/config@0.1.13-next.0
50
+ - @backstage/catalog-model@0.9.10-next.0
51
+ - @backstage/catalog-client@0.5.5-next.0
52
+
53
+ ## 0.6.2
54
+
55
+ ### Patch Changes
56
+
57
+ - 5333451def: Cleaned up API exports
58
+ - da9c59d6e0: Removed `@backstage/test-utils` dependency.
59
+ - 20ca7cfa5f: Switched the secure cookie mode set on the `express-session` to use `'auto'` rather than `true`. This works around an issue where cookies would not be set if TLS termination was handled in a proxy rather than having the backend served directly with HTTPS.
60
+
61
+ The downside of this change is that secure cookies won't be used unless the backend is directly served with HTTPS. This will be remedied in a future update that allows the backend to configured for trusted proxy mode.
62
+
63
+ - Updated dependencies
64
+ - @backstage/config@0.1.12
65
+ - @backstage/backend-common@0.10.3
66
+ - @backstage/errors@0.2.0
67
+ - @backstage/catalog-client@0.5.4
68
+ - @backstage/catalog-model@0.9.9
69
+
3
70
  ## 0.6.1
4
71
 
5
72
  ### Patch Changes