@backstage/plugin-auth-node 0.5.5-next.0 → 0.5.5-next.1

package/CHANGELOG.md

@@ -1,5 +1,19 @@
 # @backstage/plugin-auth-node
 
+## 0.5.5-next.1
+
+### Patch Changes
+
+- c907440: Improved error forwarding for OAuth refresh endpoints
+- 5c9cc05: Use native fetch instead of node-fetch
+- Updated dependencies
+  - @backstage/catalog-client@1.9.0-next.1
+  - @backstage/backend-plugin-api@1.1.0-next.1
+  - @backstage/catalog-model@1.7.1
+  - @backstage/config@1.3.0
+  - @backstage/errors@1.2.5
+  - @backstage/types@1.2.0
+
 ## 0.5.5-next.0
 
 ### Patch Changes

package/dist/passport/PassportHelpers.cjs.js

@@ -1,6 +1,7 @@
 'use strict';
 
 var jose = require('jose');
+var errors = require('@backstage/errors');
 
 class PassportHelpers {
   constructor() {
@@ -36,7 +37,10 @@ class PassportHelpers {
           displayName = decoded.name;
         }
       } catch (e) {
-        throw new Error(`Failed to parse id token and get profile info, ${e}`);
+        throw new errors.ForwardedError(
+          `Failed to parse id token and get profile info`,
+          e
+        );
       }
     }
     return {
@@ -103,9 +107,7 @@ class PassportHelpers {
         },
         (err, accessToken, newRefreshToken, params) => {
           if (err) {
-            reject(
-              new Error(`Failed to refresh access token ${err.toString()}`)
-            );
+            reject(new errors.ForwardedError(`Failed to refresh access token`, err));
           }
           if (!accessToken) {
             reject(

package/dist/passport/PassportHelpers.cjs.js.map

@@ -1 +1 @@
-{"version":3,"file":"PassportHelpers.cjs.js","sources":["../../src/passport/PassportHelpers.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Request } from 'express';\nimport { decodeJwt } from 'jose';\nimport { Strategy } from 'passport';\nimport { PassportProfile } from './types';\nimport { ProfileInfo } from '../types';\n\n// Re-declared here to avoid direct dependency on passport-oauth2\n/** @internal */\ninterface InternalOAuthError extends Error {\n  oauthError?: {\n    data?: string;\n  };\n}\n\n/** @public */\nexport class PassportHelpers {\n  private constructor() {}\n\n  static transformProfile = (\n    profile: PassportProfile,\n    idToken?: string,\n  ): ProfileInfo => {\n    let email: string | undefined = undefined;\n    if (profile.emails && profile.emails.length > 0) {\n      const [firstEmail] = profile.emails;\n      email = firstEmail.value;\n    } else if (profile.email) {\n      // This is the case for Atlassian\n      email = profile.email;\n    }\n\n    let picture: string | undefined = undefined;\n    if (profile.avatarUrl) {\n      picture = profile.avatarUrl;\n    } else if (profile.photos && profile.photos.length > 0) {\n      const [firstPhoto] = profile.photos;\n      picture = firstPhoto.value;\n    } else if (profile.photo) {\n      // This is the case for Atlassian\n      picture = profile.photo;\n    }\n\n    let displayName: string | undefined =\n      profile.displayName ?? profile.username ?? profile.id;\n\n    if ((!email || !picture || !displayName) && idToken) {\n      try {\n        const decoded = decodeJwt(idToken) as {\n          email?: string;\n          name?: string;\n          picture?: string;\n        };\n        if (!email && decoded.email) {\n          email = decoded.email;\n        }\n        if (!picture && decoded.picture) {\n          picture = decoded.picture;\n        }\n        if (!displayName && decoded.name) {\n          displayName = decoded.name;\n        }\n      } catch (e) {\n        throw new Error(`Failed to parse id token and get profile info, ${e}`);\n      }\n    }\n\n    return {\n      email,\n      picture,\n      displayName,\n    };\n  };\n\n  static async executeRedirectStrategy(\n    req: Request,\n    providerStrategy: Strategy,\n    options: Record<string, string>,\n  ): Promise<{\n    /**\n     * URL to redirect to\n     */\n    url: string;\n    /**\n     * Status code to use for the redirect\n     */\n    status?: number;\n  }> {\n    return new Promise(resolve => {\n      const strategy = Object.create(providerStrategy);\n      strategy.redirect = (url: string, status?: number) => {\n        resolve({ url, status: status ?? undefined });\n      };\n\n      strategy.authenticate(req, { ...options });\n    });\n  }\n\n  static async executeFrameHandlerStrategy<TResult, TPrivateInfo = never>(\n    req: Request,\n    providerStrategy: Strategy,\n    options?: Record<string, string>,\n  ): Promise<{ result: TResult; privateInfo: TPrivateInfo }> {\n    return new Promise((resolve, reject) => {\n      const strategy = Object.create(providerStrategy);\n      strategy.success = (result: any, privateInfo: any) => {\n        resolve({ result, privateInfo });\n      };\n      strategy.fail = (\n        info: { type: 'success' | 'error'; message?: string },\n        // _status: number,\n      ) => {\n        reject(new Error(`Authentication rejected, ${info.message ?? ''}`));\n      };\n      strategy.error = (error: InternalOAuthError) => {\n        let message = `Authentication failed, ${error.message}`;\n\n        if (error.oauthError?.data) {\n          try {\n            const errorData = JSON.parse(error.oauthError.data);\n\n            if (errorData.message) {\n              message += ` - ${errorData.message}`;\n            }\n          } catch (parseError) {\n            message += ` - ${error.oauthError}`;\n          }\n        }\n\n        reject(new Error(message));\n      };\n      strategy.redirect = () => {\n        reject(new Error('Unexpected redirect'));\n      };\n      strategy.authenticate(req, { ...(options ?? {}) });\n    });\n  }\n\n  static async executeRefreshTokenStrategy(\n    providerStrategy: Strategy,\n    refreshToken: string,\n    scope: string,\n  ): Promise<{\n    /**\n     * An access token issued for the signed in user.\n     */\n    accessToken: string;\n    /**\n     * Optionally, the server can issue a new Refresh Token for the user\n     */\n    refreshToken?: string;\n    params: any;\n  }> {\n    return new Promise((resolve, reject) => {\n      const anyStrategy = providerStrategy as any;\n      const OAuth2 = anyStrategy._oauth2.constructor;\n      const oauth2 = new OAuth2(\n        anyStrategy._oauth2._clientId,\n        anyStrategy._oauth2._clientSecret,\n        anyStrategy._oauth2._baseSite,\n        anyStrategy._oauth2._authorizeUrl,\n        anyStrategy._refreshURL || anyStrategy._oauth2._accessTokenUrl,\n        anyStrategy._oauth2._customHeaders,\n      );\n\n      oauth2.getOAuthAccessToken(\n        refreshToken,\n        {\n          scope,\n          grant_type: 'refresh_token',\n        },\n        (\n          err: Error | null,\n          accessToken: string,\n          newRefreshToken: string,\n          params: any,\n        ) => {\n          if (err) {\n            reject(\n              new Error(`Failed to refresh access token ${err.toString()}`),\n            );\n          }\n          if (!accessToken) {\n            reject(\n              new Error(\n                `Failed to refresh access token, no access token received`,\n              ),\n            );\n          }\n\n          resolve({\n            accessToken,\n            refreshToken: newRefreshToken,\n            params,\n          });\n        },\n      );\n    });\n  }\n\n  static async executeFetchUserProfileStrategy(\n    providerStrategy: Strategy,\n    accessToken: string,\n  ): Promise<PassportProfile> {\n    return new Promise((resolve, reject) => {\n      const anyStrategy = providerStrategy as unknown as {\n        userProfile(accessToken: string, callback: Function): void;\n      };\n      anyStrategy.userProfile(\n        accessToken,\n        (error: Error, rawProfile: PassportProfile) => {\n          if (error) {\n            reject(error);\n          } else {\n            resolve(rawProfile);\n          }\n        },\n      );\n    });\n  }\n}\n"],"names":["decodeJwt"],"mappings":";;;;AA+BO,MAAM,eAAgB,CAAA;AAAA,EACnB,WAAc,GAAA;AAAA;AAAC,EAEvB,OAAO,gBAAA,GAAmB,CACxB,OAAA,EACA,OACgB,KAAA;AAChB,IAAA,IAAI,KAA4B,GAAA,KAAA,CAAA;AAChC,IAAA,IAAI,OAAQ,CAAA,MAAA,IAAU,OAAQ,CAAA,MAAA,CAAO,SAAS,CAAG,EAAA;AAC/C,MAAM,MAAA,CAAC,UAAU,CAAA,GAAI,OAAQ,CAAA,MAAA;AAC7B,MAAA,KAAA,GAAQ,UAAW,CAAA,KAAA;AAAA,KACrB,MAAA,IAAW,QAAQ,KAAO,EAAA;AAExB,MAAA,KAAA,GAAQ,OAAQ,CAAA,KAAA;AAAA;AAGlB,IAAA,IAAI,OAA8B,GAAA,KAAA,CAAA;AAClC,IAAA,IAAI,QAAQ,SAAW,EAAA;AACrB,MAAA,OAAA,GAAU,OAAQ,CAAA,SAAA;AAAA,eACT,OAAQ,CAAA,MAAA,IAAU,OAAQ,CAAA,MAAA,CAAO,SAAS,CAAG,EAAA;AACtD,MAAM,MAAA,CAAC,UAAU,CAAA,GAAI,OAAQ,CAAA,MAAA;AAC7B,MAAA,OAAA,GAAU,UAAW,CAAA,KAAA;AAAA,KACvB,MAAA,IAAW,QAAQ,KAAO,EAAA;AAExB,MAAA,OAAA,GAAU,OAAQ,CAAA,KAAA;AAAA;AAGpB,IAAA,IAAI,WACF,GAAA,OAAA,CAAQ,WAAe,IAAA,OAAA,CAAQ,YAAY,OAAQ,CAAA,EAAA;AAErD,IAAA,IAAA,CAAK,CAAC,KAAS,IAAA,CAAC,OAAW,IAAA,CAAC,gBAAgB,OAAS,EAAA;AACnD,MAAI,IAAA;AACF,QAAM,MAAA,OAAA,GAAUA,eAAU,OAAO,CAAA;AAKjC,QAAI,IAAA,CAAC,KAAS,IAAA,OAAA,CAAQ,KAAO,EAAA;AAC3B,UAAA,KAAA,GAAQ,OAAQ,CAAA,KAAA;AAAA;AAElB,QAAI,IAAA,CAAC,OAAW,IAAA,OAAA,CAAQ,OAAS,EAAA;AAC/B,UAAA,OAAA,GAAU,OAAQ,CAAA,OAAA;AAAA;AAEpB,QAAI,IAAA,CAAC,WAAe,IAAA,OAAA,CAAQ,IAAM,EAAA;AAChC,UAAA,WAAA,GAAc,OAAQ,CAAA,IAAA;AAAA;AACxB,eACO,CAAG,EAAA;AACV,QAAA,MAAM,IAAI,KAAA,CAAM,CAAkD,+CAAA,EAAA,CAAC,CAAE,CAAA,CAAA;AAAA;AACvE;AAGF,IAAO,OAAA;AAAA,MACL,KAAA;AAAA,MACA,OAAA;AAAA,MACA;AAAA,KACF;AAAA,GACF;AAAA,EAEA,aAAa,uBAAA,CACX,GACA,EAAA,gBAAA,EACA,OAUC,EAAA;AACD,IAAO,OAAA,IAAI,QAAQ,CAAW,OAAA,KAAA;AAC5B,MAAM,MAAA,QAAA,GAAW,MAAO,CAAA,MAAA,CAAO,gBAAgB,CAAA;AAC/C,MAAS,QAAA,CAAA,QAAA,GAAW,CAAC,GAAA,EAAa,MAAoB,KAAA;AACpD,QAAA,OAAA,CAAQ,EAAE,GAAA,EAAK,MAAQ,EAAA,MAAA,IAAU,QAAW,CAAA;AAAA,OAC9C;AAEA,MAAA,QAAA,CAAS,YAAa,CAAA,GAAA,EAAK,EAAE,GAAG,SAAS,CAAA;AAAA,KAC1C,CAAA;AAAA;AACH,EAEA,aAAa,2BAAA,CACX,GACA,EAAA,gBAAA,EACA,OACyD,EAAA;AACzD,IAAA,OAAO,IAAI,OAAA,CAAQ,CAAC,OAAA,EAAS,MAAW,KAAA;AACtC,MAAM,MAAA,QAAA,GAAW,MAAO,CAAA,MAAA,CAAO,gBAAgB,CAAA;AAC/C,MAAS,QAAA,CAAA,OAAA,GAAU,CAAC,MAAA,EAAa,WAAqB,KAAA;AACpD,QAAQ,OAAA,CAAA,EAAE,MAAQ,EAAA,WAAA,EAAa,CAAA;AAAA,OACjC;AACA,MAAS,QAAA,CAAA,IAAA,GAAO,CACd,IAEG,KAAA;AACH,QAAA,MAAA,CAAO,IAAI,KAAM,CAAA,CAAA,yBAAA,EAA4B,KAAK,OAAW,IAAA,EAAE,EAAE,CAAC,CAAA;AAAA,OACpE;AACA,MAAS,QAAA,CAAA,KAAA,GAAQ,CAAC,KAA8B,KAAA;AAC9C,QAAI,IAAA,OAAA,GAAU,CAA0B,uBAAA,EAAA,KAAA,CAAM,OAAO,CAAA,CAAA;AAErD,QAAI,IAAA,KAAA,CAAM,YAAY,IAAM,EAAA;AAC1B,UAAI,IAAA;AACF,YAAA,MAAM,SAAY,GAAA,IAAA,CAAK,KAAM,CAAA,KAAA,CAAM,WAAW,IAAI,CAAA;AAElD,YAAA,IAAI,UAAU,OAAS,EAAA;AACrB,cAAW,OAAA,IAAA,CAAA,GAAA,EAAM,UAAU,OAAO,CAAA,CAAA;AAAA;AACpC,mBACO,UAAY,EAAA;AACnB,YAAW,OAAA,IAAA,CAAA,GAAA,EAAM,MAAM,UAAU,CAAA,CAAA;AAAA;AACnC;AAGF,QAAO,MAAA,CAAA,IAAI,KAAM,CAAA,OAAO,CAAC,CAAA;AAAA,OAC3B;AACA,MAAA,QAAA,CAAS,WAAW,MAAM;AACxB,QAAO,MAAA,CAAA,IAAI,KAAM,CAAA,qBAAqB,CAAC,CAAA;AAAA,OACzC;AACA,MAAA,QAAA,CAAS,aAAa,GAAK,EAAA,EAAE,GAAI,OAAW,IAAA,IAAK,CAAA;AAAA,KAClD,CAAA;AAAA;AACH,EAEA,aAAa,2BAAA,CACX,gBACA,EAAA,YAAA,EACA,KAWC,EAAA;AACD,IAAA,OAAO,IAAI,OAAA,CAAQ,CAAC,OAAA,EAAS,MAAW,KAAA;AACtC,MAAA,MAAM,WAAc,GAAA,gBAAA;AACpB,MAAM,MAAA,MAAA,GAAS,YAAY,OAAQ,CAAA,WAAA;AACnC,MAAA,MAAM,SAAS,IAAI,MAAA;AAAA,QACjB,YAAY,OAAQ,CAAA,SAAA;AAAA,QACpB,YAAY,OAAQ,CAAA,aAAA;AAAA,QACpB,YAAY,OAAQ,CAAA,SAAA;AAAA,QACpB,YAAY,OAAQ,CAAA,aAAA;AAAA,QACpB,WAAA,CAAY,WAAe,IAAA,WAAA,CAAY,OAAQ,CAAA,eAAA;AAAA,QAC/C,YAAY,OAAQ,CAAA;AAAA,OACtB;AAEA,MAAO,MAAA,CAAA,mBAAA;AAAA,QACL,YAAA;AAAA,QACA;AAAA,UACE,KAAA;AAAA,UACA,UAAY,EAAA;AAAA,SACd;AAAA,QACA,CACE,GAAA,EACA,WACA,EAAA,eAAA,EACA,MACG,KAAA;AACH,UAAA,IAAI,GAAK,EAAA;AACP,YAAA,MAAA;AAAA,cACE,IAAI,KAAM,CAAA,CAAA,+BAAA,EAAkC,GAAI,CAAA,QAAA,EAAU,CAAE,CAAA;AAAA,aAC9D;AAAA;AAEF,UAAA,IAAI,CAAC,WAAa,EAAA;AAChB,YAAA,MAAA;AAAA,cACE,IAAI,KAAA;AAAA,gBACF,CAAA,wDAAA;AAAA;AACF,aACF;AAAA;AAGF,UAAQ,OAAA,CAAA;AAAA,YACN,WAAA;AAAA,YACA,YAAc,EAAA,eAAA;AAAA,YACd;AAAA,WACD,CAAA;AAAA;AACH,OACF;AAAA,KACD,CAAA;AAAA;AACH,EAEA,aAAa,+BACX,CAAA,gBAAA,EACA,WAC0B,EAAA;AAC1B,IAAA,OAAO,IAAI,OAAA,CAAQ,CAAC,OAAA,EAAS,MAAW,KAAA;AACtC,MAAA,MAAM,WAAc,GAAA,gBAAA;AAGpB,MAAY,WAAA,CAAA,WAAA;AAAA,QACV,WAAA;AAAA,QACA,CAAC,OAAc,UAAgC,KAAA;AAC7C,UAAA,IAAI,KAAO,EAAA;AACT,YAAA,MAAA,CAAO,KAAK,CAAA;AAAA,WACP,MAAA;AACL,YAAA,OAAA,CAAQ,UAAU,CAAA;AAAA;AACpB;AACF,OACF;AAAA,KACD,CAAA;AAAA;AAEL;;;;"}
+{"version":3,"file":"PassportHelpers.cjs.js","sources":["../../src/passport/PassportHelpers.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Request } from 'express';\nimport { decodeJwt } from 'jose';\nimport { Strategy } from 'passport';\nimport { PassportProfile } from './types';\nimport { ProfileInfo } from '../types';\nimport { ForwardedError } from '@backstage/errors';\n\n// Re-declared here to avoid direct dependency on passport-oauth2\n/** @internal */\ninterface InternalOAuthError extends Error {\n  oauthError?: {\n    data?: string;\n  };\n}\n\n/** @public */\nexport class PassportHelpers {\n  private constructor() {}\n\n  static transformProfile = (\n    profile: PassportProfile,\n    idToken?: string,\n  ): ProfileInfo => {\n    let email: string | undefined = undefined;\n    if (profile.emails && profile.emails.length > 0) {\n      const [firstEmail] = profile.emails;\n      email = firstEmail.value;\n    } else if (profile.email) {\n      // This is the case for Atlassian\n      email = profile.email;\n    }\n\n    let picture: string | undefined = undefined;\n    if (profile.avatarUrl) {\n      picture = profile.avatarUrl;\n    } else if (profile.photos && profile.photos.length > 0) {\n      const [firstPhoto] = profile.photos;\n      picture = firstPhoto.value;\n    } else if (profile.photo) {\n      // This is the case for Atlassian\n      picture = profile.photo;\n    }\n\n    let displayName: string | undefined =\n      profile.displayName ?? profile.username ?? profile.id;\n\n    if ((!email || !picture || !displayName) && idToken) {\n      try {\n        const decoded = decodeJwt(idToken) as {\n          email?: string;\n          name?: string;\n          picture?: string;\n        };\n        if (!email && decoded.email) {\n          email = decoded.email;\n        }\n        if (!picture && decoded.picture) {\n          picture = decoded.picture;\n        }\n        if (!displayName && decoded.name) {\n          displayName = decoded.name;\n        }\n      } catch (e) {\n        throw new ForwardedError(\n          `Failed to parse id token and get profile info`,\n          e,\n        );\n      }\n    }\n\n    return {\n      email,\n      picture,\n      displayName,\n    };\n  };\n\n  static async executeRedirectStrategy(\n    req: Request,\n    providerStrategy: Strategy,\n    options: Record<string, string>,\n  ): Promise<{\n    /**\n     * URL to redirect to\n     */\n    url: string;\n    /**\n     * Status code to use for the redirect\n     */\n    status?: number;\n  }> {\n    return new Promise(resolve => {\n      const strategy = Object.create(providerStrategy);\n      strategy.redirect = (url: string, status?: number) => {\n        resolve({ url, status: status ?? undefined });\n      };\n\n      strategy.authenticate(req, { ...options });\n    });\n  }\n\n  static async executeFrameHandlerStrategy<TResult, TPrivateInfo = never>(\n    req: Request,\n    providerStrategy: Strategy,\n    options?: Record<string, string>,\n  ): Promise<{ result: TResult; privateInfo: TPrivateInfo }> {\n    return new Promise((resolve, reject) => {\n      const strategy = Object.create(providerStrategy);\n      strategy.success = (result: any, privateInfo: any) => {\n        resolve({ result, privateInfo });\n      };\n      strategy.fail = (\n        info: { type: 'success' | 'error'; message?: string },\n        // _status: number,\n      ) => {\n        reject(new Error(`Authentication rejected, ${info.message ?? ''}`));\n      };\n      strategy.error = (error: InternalOAuthError) => {\n        let message = `Authentication failed, ${error.message}`;\n\n        if (error.oauthError?.data) {\n          try {\n            const errorData = JSON.parse(error.oauthError.data);\n\n            if (errorData.message) {\n              message += ` - ${errorData.message}`;\n            }\n          } catch (parseError) {\n            message += ` - ${error.oauthError}`;\n          }\n        }\n\n        reject(new Error(message));\n      };\n      strategy.redirect = () => {\n        reject(new Error('Unexpected redirect'));\n      };\n      strategy.authenticate(req, { ...(options ?? {}) });\n    });\n  }\n\n  static async executeRefreshTokenStrategy(\n    providerStrategy: Strategy,\n    refreshToken: string,\n    scope: string,\n  ): Promise<{\n    /**\n     * An access token issued for the signed in user.\n     */\n    accessToken: string;\n    /**\n     * Optionally, the server can issue a new Refresh Token for the user\n     */\n    refreshToken?: string;\n    params: any;\n  }> {\n    return new Promise((resolve, reject) => {\n      const anyStrategy = providerStrategy as any;\n      const OAuth2 = anyStrategy._oauth2.constructor;\n      const oauth2 = new OAuth2(\n        anyStrategy._oauth2._clientId,\n        anyStrategy._oauth2._clientSecret,\n        anyStrategy._oauth2._baseSite,\n        anyStrategy._oauth2._authorizeUrl,\n        anyStrategy._refreshURL || anyStrategy._oauth2._accessTokenUrl,\n        anyStrategy._oauth2._customHeaders,\n      );\n\n      oauth2.getOAuthAccessToken(\n        refreshToken,\n        {\n          scope,\n          grant_type: 'refresh_token',\n        },\n        (\n          err: Error | null,\n          accessToken: string,\n          newRefreshToken: string,\n          params: any,\n        ) => {\n          if (err) {\n            reject(new ForwardedError(`Failed to refresh access token`, err));\n          }\n          if (!accessToken) {\n            reject(\n              new Error(\n                `Failed to refresh access token, no access token received`,\n              ),\n            );\n          }\n\n          resolve({\n            accessToken,\n            refreshToken: newRefreshToken,\n            params,\n          });\n        },\n      );\n    });\n  }\n\n  static async executeFetchUserProfileStrategy(\n    providerStrategy: Strategy,\n    accessToken: string,\n  ): Promise<PassportProfile> {\n    return new Promise((resolve, reject) => {\n      const anyStrategy = providerStrategy as unknown as {\n        userProfile(accessToken: string, callback: Function): void;\n      };\n      anyStrategy.userProfile(\n        accessToken,\n        (error: Error, rawProfile: PassportProfile) => {\n          if (error) {\n            reject(error);\n          } else {\n            resolve(rawProfile);\n          }\n        },\n      );\n    });\n  }\n}\n"],"names":["decodeJwt","ForwardedError"],"mappings":";;;;;AAgCO,MAAM,eAAgB,CAAA;AAAA,EACnB,WAAc,GAAA;AAAA;AAAC,EAEvB,OAAO,gBAAA,GAAmB,CACxB,OAAA,EACA,OACgB,KAAA;AAChB,IAAA,IAAI,KAA4B,GAAA,KAAA,CAAA;AAChC,IAAA,IAAI,OAAQ,CAAA,MAAA,IAAU,OAAQ,CAAA,MAAA,CAAO,SAAS,CAAG,EAAA;AAC/C,MAAM,MAAA,CAAC,UAAU,CAAA,GAAI,OAAQ,CAAA,MAAA;AAC7B,MAAA,KAAA,GAAQ,UAAW,CAAA,KAAA;AAAA,KACrB,MAAA,IAAW,QAAQ,KAAO,EAAA;AAExB,MAAA,KAAA,GAAQ,OAAQ,CAAA,KAAA;AAAA;AAGlB,IAAA,IAAI,OAA8B,GAAA,KAAA,CAAA;AAClC,IAAA,IAAI,QAAQ,SAAW,EAAA;AACrB,MAAA,OAAA,GAAU,OAAQ,CAAA,SAAA;AAAA,eACT,OAAQ,CAAA,MAAA,IAAU,OAAQ,CAAA,MAAA,CAAO,SAAS,CAAG,EAAA;AACtD,MAAM,MAAA,CAAC,UAAU,CAAA,GAAI,OAAQ,CAAA,MAAA;AAC7B,MAAA,OAAA,GAAU,UAAW,CAAA,KAAA;AAAA,KACvB,MAAA,IAAW,QAAQ,KAAO,EAAA;AAExB,MAAA,OAAA,GAAU,OAAQ,CAAA,KAAA;AAAA;AAGpB,IAAA,IAAI,WACF,GAAA,OAAA,CAAQ,WAAe,IAAA,OAAA,CAAQ,YAAY,OAAQ,CAAA,EAAA;AAErD,IAAA,IAAA,CAAK,CAAC,KAAS,IAAA,CAAC,OAAW,IAAA,CAAC,gBAAgB,OAAS,EAAA;AACnD,MAAI,IAAA;AACF,QAAM,MAAA,OAAA,GAAUA,eAAU,OAAO,CAAA;AAKjC,QAAI,IAAA,CAAC,KAAS,IAAA,OAAA,CAAQ,KAAO,EAAA;AAC3B,UAAA,KAAA,GAAQ,OAAQ,CAAA,KAAA;AAAA;AAElB,QAAI,IAAA,CAAC,OAAW,IAAA,OAAA,CAAQ,OAAS,EAAA;AAC/B,UAAA,OAAA,GAAU,OAAQ,CAAA,OAAA;AAAA;AAEpB,QAAI,IAAA,CAAC,WAAe,IAAA,OAAA,CAAQ,IAAM,EAAA;AAChC,UAAA,WAAA,GAAc,OAAQ,CAAA,IAAA;AAAA;AACxB,eACO,CAAG,EAAA;AACV,QAAA,MAAM,IAAIC,qBAAA;AAAA,UACR,CAAA,6CAAA,CAAA;AAAA,UACA;AAAA,SACF;AAAA;AACF;AAGF,IAAO,OAAA;AAAA,MACL,KAAA;AAAA,MACA,OAAA;AAAA,MACA;AAAA,KACF;AAAA,GACF;AAAA,EAEA,aAAa,uBAAA,CACX,GACA,EAAA,gBAAA,EACA,OAUC,EAAA;AACD,IAAO,OAAA,IAAI,QAAQ,CAAW,OAAA,KAAA;AAC5B,MAAM,MAAA,QAAA,GAAW,MAAO,CAAA,MAAA,CAAO,gBAAgB,CAAA;AAC/C,MAAS,QAAA,CAAA,QAAA,GAAW,CAAC,GAAA,EAAa,MAAoB,KAAA;AACpD,QAAA,OAAA,CAAQ,EAAE,GAAA,EAAK,MAAQ,EAAA,MAAA,IAAU,QAAW,CAAA;AAAA,OAC9C;AAEA,MAAA,QAAA,CAAS,YAAa,CAAA,GAAA,EAAK,EAAE,GAAG,SAAS,CAAA;AAAA,KAC1C,CAAA;AAAA;AACH,EAEA,aAAa,2BAAA,CACX,GACA,EAAA,gBAAA,EACA,OACyD,EAAA;AACzD,IAAA,OAAO,IAAI,OAAA,CAAQ,CAAC,OAAA,EAAS,MAAW,KAAA;AACtC,MAAM,MAAA,QAAA,GAAW,MAAO,CAAA,MAAA,CAAO,gBAAgB,CAAA;AAC/C,MAAS,QAAA,CAAA,OAAA,GAAU,CAAC,MAAA,EAAa,WAAqB,KAAA;AACpD,QAAQ,OAAA,CAAA,EAAE,MAAQ,EAAA,WAAA,EAAa,CAAA;AAAA,OACjC;AACA,MAAS,QAAA,CAAA,IAAA,GAAO,CACd,IAEG,KAAA;AACH,QAAA,MAAA,CAAO,IAAI,KAAM,CAAA,CAAA,yBAAA,EAA4B,KAAK,OAAW,IAAA,EAAE,EAAE,CAAC,CAAA;AAAA,OACpE;AACA,MAAS,QAAA,CAAA,KAAA,GAAQ,CAAC,KAA8B,KAAA;AAC9C,QAAI,IAAA,OAAA,GAAU,CAA0B,uBAAA,EAAA,KAAA,CAAM,OAAO,CAAA,CAAA;AAErD,QAAI,IAAA,KAAA,CAAM,YAAY,IAAM,EAAA;AAC1B,UAAI,IAAA;AACF,YAAA,MAAM,SAAY,GAAA,IAAA,CAAK,KAAM,CAAA,KAAA,CAAM,WAAW,IAAI,CAAA;AAElD,YAAA,IAAI,UAAU,OAAS,EAAA;AACrB,cAAW,OAAA,IAAA,CAAA,GAAA,EAAM,UAAU,OAAO,CAAA,CAAA;AAAA;AACpC,mBACO,UAAY,EAAA;AACnB,YAAW,OAAA,IAAA,CAAA,GAAA,EAAM,MAAM,UAAU,CAAA,CAAA;AAAA;AACnC;AAGF,QAAO,MAAA,CAAA,IAAI,KAAM,CAAA,OAAO,CAAC,CAAA;AAAA,OAC3B;AACA,MAAA,QAAA,CAAS,WAAW,MAAM;AACxB,QAAO,MAAA,CAAA,IAAI,KAAM,CAAA,qBAAqB,CAAC,CAAA;AAAA,OACzC;AACA,MAAA,QAAA,CAAS,aAAa,GAAK,EAAA,EAAE,GAAI,OAAW,IAAA,IAAK,CAAA;AAAA,KAClD,CAAA;AAAA;AACH,EAEA,aAAa,2BAAA,CACX,gBACA,EAAA,YAAA,EACA,KAWC,EAAA;AACD,IAAA,OAAO,IAAI,OAAA,CAAQ,CAAC,OAAA,EAAS,MAAW,KAAA;AACtC,MAAA,MAAM,WAAc,GAAA,gBAAA;AACpB,MAAM,MAAA,MAAA,GAAS,YAAY,OAAQ,CAAA,WAAA;AACnC,MAAA,MAAM,SAAS,IAAI,MAAA;AAAA,QACjB,YAAY,OAAQ,CAAA,SAAA;AAAA,QACpB,YAAY,OAAQ,CAAA,aAAA;AAAA,QACpB,YAAY,OAAQ,CAAA,SAAA;AAAA,QACpB,YAAY,OAAQ,CAAA,aAAA;AAAA,QACpB,WAAA,CAAY,WAAe,IAAA,WAAA,CAAY,OAAQ,CAAA,eAAA;AAAA,QAC/C,YAAY,OAAQ,CAAA;AAAA,OACtB;AAEA,MAAO,MAAA,CAAA,mBAAA;AAAA,QACL,YAAA;AAAA,QACA;AAAA,UACE,KAAA;AAAA,UACA,UAAY,EAAA;AAAA,SACd;AAAA,QACA,CACE,GAAA,EACA,WACA,EAAA,eAAA,EACA,MACG,KAAA;AACH,UAAA,IAAI,GAAK,EAAA;AACP,YAAA,MAAA,CAAO,IAAIA,qBAAA,CAAe,CAAkC,8BAAA,CAAA,EAAA,GAAG,CAAC,CAAA;AAAA;AAElE,UAAA,IAAI,CAAC,WAAa,EAAA;AAChB,YAAA,MAAA;AAAA,cACE,IAAI,KAAA;AAAA,gBACF,CAAA,wDAAA;AAAA;AACF,aACF;AAAA;AAGF,UAAQ,OAAA,CAAA;AAAA,YACN,WAAA;AAAA,YACA,YAAc,EAAA,eAAA;AAAA,YACd;AAAA,WACD,CAAA;AAAA;AACH,OACF;AAAA,KACD,CAAA;AAAA;AACH,EAEA,aAAa,+BACX,CAAA,gBAAA,EACA,WAC0B,EAAA;AAC1B,IAAA,OAAO,IAAI,OAAA,CAAQ,CAAC,OAAA,EAAS,MAAW,KAAA;AACtC,MAAA,MAAM,WAAc,GAAA,gBAAA;AAGpB,MAAY,WAAA,CAAA,WAAA;AAAA,QACV,WAAA;AAAA,QACA,CAAC,OAAc,UAAgC,KAAA;AAC7C,UAAA,IAAI,KAAO,EAAA;AACT,YAAA,MAAA,CAAO,KAAK,CAAA;AAAA,WACP,MAAA;AACL,YAAA,OAAA,CAAQ,UAAU,CAAA;AAAA;AACpB;AACF,OACF;AAAA,KACD,CAAA;AAAA;AAEL;;;;"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@backstage/plugin-auth-node",
-  "version": "0.5.5-next.0",
+  "version": "0.5.5-next.1",
   "backstage": {
     "role": "node-library",
     "pluginId": "auth",
@@ -38,8 +38,8 @@
   },
   "dependencies": {
     "@backstage/backend-common": "^0.25.0",
-    "@backstage/backend-plugin-api": "1.0.3-next.0",
-    "@backstage/catalog-client": "1.8.1-next.0",
+    "@backstage/backend-plugin-api": "1.1.0-next.1",
+    "@backstage/catalog-client": "1.9.0-next.1",
     "@backstage/catalog-model": "1.7.1",
     "@backstage/config": "1.3.0",
     "@backstage/errors": "1.2.5",
@@ -49,7 +49,6 @@
     "express": "^4.17.1",
     "jose": "^5.0.0",
     "lodash": "^4.17.21",
-    "node-fetch": "^2.7.0",
     "passport": "^0.7.0",
     "winston": "^3.2.1",
     "zod": "^3.22.4",
@@ -57,8 +56,8 @@
     "zod-validation-error": "^3.4.0"
   },
   "devDependencies": {
-    "@backstage/backend-test-utils": "1.2.0-next.0",
-    "@backstage/cli": "0.29.3-next.0",
+    "@backstage/backend-test-utils": "1.2.0-next.1",
+    "@backstage/cli": "0.29.3-next.1",
     "cookie-parser": "^1.4.6",
     "express-promise-router": "^4.1.1",
     "lodash": "^4.17.21",