@backstage/plugin-auth-backend 0.8.0 → 0.10.0-next.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +95 -0
- package/dist/index.cjs.js +178 -107
- package/dist/index.cjs.js.map +1 -1
- package/dist/index.d.ts +62 -38
- package/migrations/20210326100300_timestamptz.js +2 -2
- package/package.json +7 -7
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,100 @@
|
|
|
1
1
|
# @backstage/plugin-auth-backend
|
|
2
2
|
|
|
3
|
+
## 0.10.0-next.0
|
|
4
|
+
|
|
5
|
+
### Minor Changes
|
|
6
|
+
|
|
7
|
+
- 08fcda13ef: The `callbackUrl` option of `OAuthAdapter` is now required.
|
|
8
|
+
|
|
9
|
+
### Patch Changes
|
|
10
|
+
|
|
11
|
+
- 2441d1cf59: chore(deps): bump `knex` from 0.95.6 to 1.0.2
|
|
12
|
+
|
|
13
|
+
This also replaces `sqlite3` with `@vscode/sqlite3` 5.0.7
|
|
14
|
+
|
|
15
|
+
- 3396bc5973: Enabled refresh for the Atlassian provider.
|
|
16
|
+
- 08fcda13ef: Added a new `cookieConfigurer` option to `AuthProviderConfig` that makes it possible to override the default logic for configuring OAuth provider cookies.
|
|
17
|
+
- Updated dependencies
|
|
18
|
+
- @backstage/backend-common@0.10.7-next.0
|
|
19
|
+
|
|
20
|
+
## 0.9.0
|
|
21
|
+
|
|
22
|
+
### Minor Changes
|
|
23
|
+
|
|
24
|
+
- cef64b1561: **BREAKING** Added `tokenManager` as a required property for the auth-backend `createRouter` function. This dependency is used to issue server tokens that are used by the `CatalogIdentityClient` when looking up users and their group membership during authentication.
|
|
25
|
+
|
|
26
|
+
These changes are **required** to `packages/backend/src/plugins/auth.ts`:
|
|
27
|
+
|
|
28
|
+
```diff
|
|
29
|
+
export default async function createPlugin({
|
|
30
|
+
logger,
|
|
31
|
+
database,
|
|
32
|
+
config,
|
|
33
|
+
discovery,
|
|
34
|
+
+ tokenManager,
|
|
35
|
+
}: PluginEnvironment): Promise<Router> {
|
|
36
|
+
return await createRouter({
|
|
37
|
+
logger,
|
|
38
|
+
config,
|
|
39
|
+
database,
|
|
40
|
+
discovery,
|
|
41
|
+
+ tokenManager,
|
|
42
|
+
});
|
|
43
|
+
}
|
|
44
|
+
```
|
|
45
|
+
|
|
46
|
+
**BREAKING** The `CatalogIdentityClient` constructor now expects a `TokenManager` instead of a `TokenIssuer`. The `TokenManager` interface is used to generate a server token when [resolving a user's identity and membership through the catalog](https://backstage.io/docs/auth/identity-resolver). Using server tokens for these requests allows the auth-backend to bypass authorization checks when permissions are enabled for Backstage. This change will break apps that rely on the user tokens that were previously used by the client. Refer to the ["Backend-to-backend Authentication" tutorial](https://backstage.io/docs/tutorials/backend-to-backend-auth) for more information on server token usage.
|
|
47
|
+
|
|
48
|
+
### Patch Changes
|
|
49
|
+
|
|
50
|
+
- 9d75a939b6: Fixed a bug where providers that tracked the granted scopes through a cookie would not take failed authentication attempts into account.
|
|
51
|
+
- 28a5f9d0b1: chore(deps): bump `passport` from 0.4.1 to 0.5.2
|
|
52
|
+
- 5d09bdd1de: Added custom `callbackUrl` support for multiple providers. `v0.8.0` introduced this change for `github`, and now we're adding the same capability to the following providers: `atlassian, auth0, bitbucket, gitlab, google, microsoft, oauth2, oidc, okta, onelogin`.
|
|
53
|
+
- 648606b3ac: Added support for storing static GitHub access tokens in cookies and using them to refresh the Backstage session.
|
|
54
|
+
- Updated dependencies
|
|
55
|
+
- @backstage/backend-common@0.10.6
|
|
56
|
+
|
|
57
|
+
## 0.9.0-next.1
|
|
58
|
+
|
|
59
|
+
### Patch Changes
|
|
60
|
+
|
|
61
|
+
- 9d75a939b6: Fixed a bug where providers that tracked the granted scopes through a cookie would not take failed authentication attempts into account.
|
|
62
|
+
- 648606b3ac: Added support for storing static GitHub access tokens in cookies and using them to refresh the Backstage session.
|
|
63
|
+
- Updated dependencies
|
|
64
|
+
- @backstage/backend-common@0.10.6-next.0
|
|
65
|
+
|
|
66
|
+
## 0.9.0-next.0
|
|
67
|
+
|
|
68
|
+
### Minor Changes
|
|
69
|
+
|
|
70
|
+
- cef64b1561: **BREAKING** Added `tokenManager` as a required property for the auth-backend `createRouter` function. This dependency is used to issue server tokens that are used by the `CatalogIdentityClient` when looking up users and their group membership during authentication.
|
|
71
|
+
|
|
72
|
+
These changes are **required** to `packages/backend/src/plugins/auth.ts`:
|
|
73
|
+
|
|
74
|
+
```diff
|
|
75
|
+
export default async function createPlugin({
|
|
76
|
+
logger,
|
|
77
|
+
database,
|
|
78
|
+
config,
|
|
79
|
+
discovery,
|
|
80
|
+
+ tokenManager,
|
|
81
|
+
}: PluginEnvironment): Promise<Router> {
|
|
82
|
+
return await createRouter({
|
|
83
|
+
logger,
|
|
84
|
+
config,
|
|
85
|
+
database,
|
|
86
|
+
discovery,
|
|
87
|
+
+ tokenManager,
|
|
88
|
+
});
|
|
89
|
+
}
|
|
90
|
+
```
|
|
91
|
+
|
|
92
|
+
**BREAKING** The `CatalogIdentityClient` constructor now expects a `TokenManager` instead of a `TokenIssuer`. The `TokenManager` interface is used to generate a server token when [resolving a user's identity and membership through the catalog](https://backstage.io/docs/auth/identity-resolver). Using server tokens for these requests allows the auth-backend to bypass authorization checks when permissions are enabled for Backstage. This change will break apps that rely on the user tokens that were previously used by the client. Refer to the ["Backend-to-backend Authentication" tutorial](https://backstage.io/docs/tutorials/backend-to-backend-auth) for more information on server token usage.
|
|
93
|
+
|
|
94
|
+
### Patch Changes
|
|
95
|
+
|
|
96
|
+
- 28a5f9d0b1: chore(deps): bump `passport` from 0.4.1 to 0.5.2
|
|
97
|
+
|
|
3
98
|
## 0.8.0
|
|
4
99
|
|
|
5
100
|
### Minor Changes
|