@backstage/plugin-auth-node 0.2.17 → 0.3.0-next.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +41 -0
- package/dist/index.cjs.js +890 -14
- package/dist/index.cjs.js.map +1 -1
- package/dist/index.d.ts +605 -24
- package/package.json +17 -5
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,46 @@
|
|
|
1
1
|
# @backstage/plugin-auth-node
|
|
2
2
|
|
|
3
|
+
## 0.3.0-next.0
|
|
4
|
+
|
|
5
|
+
### Minor Changes
|
|
6
|
+
|
|
7
|
+
- 8513cd7d00e3: Introduced a new system for building auth providers for `@backstage/plugin-auth-backend`, which both increases the amount of code re-use across providers, and also works better with the new backend system.
|
|
8
|
+
|
|
9
|
+
Many existing types have been moved from `@backstage/plugin-auth-backend` in order to avoid a direct dependency on the plugin from modules.
|
|
10
|
+
|
|
11
|
+
Auth provider integrations are now primarily implemented through a pattern of creating "authenticators", which are in turn specific to each kind of integrations. Initially there are two types: `createOAuthAuthenticator` and `createProxyAuthenticator`. These come paired with functions that let you create the corresponding route handlers, `createOAuthRouteHandlers` and `createProxyAuthRouteHandlers`, as well as provider factories, `createOAuthProviderFactory` and `createProxyAuthProviderFactory`. This new authenticator pattern allows the sign-in logic to be separated from the auth integration logic, allowing it to be completely re-used across all providers of the same kind.
|
|
12
|
+
|
|
13
|
+
The new provider factories also implement a new declarative way to configure sign-in resolvers, rather than configuration through code. Sign-in resolvers can now be configured through the `resolvers` configuration key, where the first resolver that provides an identity will be used, for example:
|
|
14
|
+
|
|
15
|
+
```yaml
|
|
16
|
+
auth:
|
|
17
|
+
providers:
|
|
18
|
+
google:
|
|
19
|
+
development:
|
|
20
|
+
clientId: ...
|
|
21
|
+
clientSecret: ...
|
|
22
|
+
signIn:
|
|
23
|
+
resolvers:
|
|
24
|
+
- resolver: emailMatchingUserEntityAnnotation
|
|
25
|
+
- resolver: emailLocalPartMatchingUserEntityName
|
|
26
|
+
```
|
|
27
|
+
|
|
28
|
+
These configurable resolvers are created with a new `createSignInResolverFactory` function, which creates a sign-in resolver factory, optionally with an options schema that will be used both when configuring the sign-in resolver through configuration and code.
|
|
29
|
+
|
|
30
|
+
The internal helpers from `@backstage/plugin-auth-backend` that were used to implement auth providers using passport strategies have now also been made available as public API, through `PassportHelpers` and `PassportOAuthAuthenticatorHelper`.
|
|
31
|
+
|
|
32
|
+
### Patch Changes
|
|
33
|
+
|
|
34
|
+
- 18619f793c94: The `BackstageIdentityResponse` interface now has an optional `expiresInSeconds` field that can be used to signal session expiration. The `prepareBackstageIdentityResponse` utility will now also read the expiration from the provided token, and include it in the response.
|
|
35
|
+
- Updated dependencies
|
|
36
|
+
- @backstage/backend-common@0.19.4-next.0
|
|
37
|
+
- @backstage/backend-plugin-api@0.6.2-next.0
|
|
38
|
+
- @backstage/catalog-client@1.4.3
|
|
39
|
+
- @backstage/catalog-model@1.4.1
|
|
40
|
+
- @backstage/config@1.0.8
|
|
41
|
+
- @backstage/errors@1.2.1
|
|
42
|
+
- @backstage/types@1.1.0
|
|
43
|
+
|
|
3
44
|
## 0.2.17
|
|
4
45
|
|
|
5
46
|
### Patch Changes
|