@backstage/plugin-auth-node 0.6.10-next.1 → 0.6.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/CHANGELOG.md +20 -0
  2. package/dist/oauth/OAuthCookieManager.cjs.js +82 -75
  3. package/dist/oauth/OAuthCookieManager.cjs.js.map +1 -1
  4. package/dist/oauth/createOAuthProviderFactory.cjs.js +1 -1
  5. package/dist/proxy/createProxyAuthProviderFactory.cjs.js +1 -1
  6. package/dist/sign-in/createSignInResolverFactory.cjs.js +2 -2
  7. package/dist/sign-in/createSignInResolverFactory.cjs.js.map +1 -1
  8. package/package.json +12 -12
package/CHANGELOG.md CHANGED
@@ -1,5 +1,25 @@
1
1
  # @backstage/plugin-auth-node
2
2
 
3
+ ## 0.6.11
4
+
5
+ ### Patch Changes
6
+
7
+ - 4eeba9e: Upgrade `zod-validation-error` to version 4
8
+ - 872eb91: Upgrade `zod-to-json-schema` to latest version
9
+ - Updated dependencies
10
+ - @backstage/backend-plugin-api@1.6.1
11
+
12
+ ## 0.6.10
13
+
14
+ ### Patch Changes
15
+
16
+ - 2389358: remove leading dot in auth cookie cleanup call
17
+ - de96a60: chore(deps): bump `express` from 4.21.2 to 4.22.0
18
+ - b35f8b2: Fixed chunked cookie replacing edge case in OAuthCookieManager class where some of the old chunks would not get removed if new chunked cookie would have fewer chunks.
19
+ - e9dd634: fix flawed cookie removal logic with chunked tokens
20
+ - Updated dependencies
21
+ - @backstage/backend-plugin-api@1.6.0
22
+
3
23
  ## 0.6.10-next.1
4
24
 
5
25
  ### Patch Changes
package/dist/oauth/OAuthCookieManager.cjs.js CHANGED
@@ -90,104 +90,111 @@ class OAuthCookieManager {
90
90
  ...this.getConfig(origin, pathSuffix)
91
91
  };
92
92
  const req = res.req;
93
- let output = res;
94
- const chunkedFormatExists = OAuthCookieManager.chunkedCookieExists(
93
+ const newCookieShouldBeChunked = val.length > MAX_COOKIE_SIZE_CHARACTERS;
94
+ const existingChunkCount = OAuthCookieManager.countExistingCookieChunks(
95
95
  req,
96
96
  name
97
97
  );
98
+ const chunkedFormatExists = existingChunkCount > 0;
98
99
  if (this.cookieConfigurer === defaultCookieConfigurer) {
99
- const { hostname: domain } = new URL(this.options.callbackUrl);
100
- output = output.cookie(name, "", {
101
- ...this.getRemoveCookieOptions(),
102
- domain
103
- });
104
- if (chunkedFormatExists) {
105
- for (let chunkNumber = 0; ; chunkNumber++) {
106
- const key = OAuthCookieManager.getCookieChunkName(name, chunkNumber);
107
- const exists = !!req.cookies[key];
108
- if (!exists) {
109
- break;
110
- }
111
- output = output.cookie(key, "", {
112
- ...this.getRemoveCookieOptions(),
113
- domain
114
- });
115
- }
116
- }
117
- }
118
- if (val.length > MAX_COOKIE_SIZE_CHARACTERS) {
119
- const nonChunkedFormatExists = !!req.cookies[name];
120
- if (nonChunkedFormatExists) {
121
- output = output.cookie(name, "", this.getRemoveCookieOptions());
122
- }
123
- const chunked = this.splitCookieToChunks(val, MAX_COOKIE_SIZE_CHARACTERS);
124
- chunked.forEach((value, chunkNumber) => {
125
- output = output.cookie(
126
- OAuthCookieManager.getCookieChunkName(name, chunkNumber),
127
- value,
128
- options
129
- );
130
- });
131
- return output;
100
+ this.removeLegacyCookieWithDomain(res, name, existingChunkCount);
132
101
  }
133
102
  if (chunkedFormatExists) {
134
- for (let chunkNumber = 0; ; chunkNumber++) {
135
- const key = OAuthCookieManager.getCookieChunkName(name, chunkNumber);
136
- const exists = !!req.cookies[key];
137
- if (!exists) {
138
- break;
139
- }
140
- output = output.cookie(key, "", this.getRemoveCookieOptions());
141
- }
103
+ this.removeChunkedCookie(res, name, existingChunkCount);
104
+ }
105
+ if (newCookieShouldBeChunked) {
106
+ this.setChunkedCookie(req, res, name, val, options);
107
+ } else {
108
+ res.cookie(name, val, options);
109
+ }
110
+ }
111
+ removeLegacyCookieWithDomain(res, name, chunkCount) {
112
+ const { hostname: domain } = new URL(this.options.callbackUrl);
113
+ res.cookie(name, "", {
114
+ ...this.getRemoveCookieOptions(),
115
+ domain
116
+ });
117
+ this.removeChunkedCookie(res, name, chunkCount, { domain });
118
+ }
119
+ setChunkedCookie(req, res, name, val, options) {
120
+ const nonChunkedFormatExists = !!req.cookies[name];
121
+ if (nonChunkedFormatExists) {
122
+ res.cookie(name, "", this.getRemoveCookieOptions());
142
123
  }
143
- return output.cookie(name, val, options);
124
+ const chunkedCookieArray = this.splitCookieToChunks(
125
+ val,
126
+ MAX_COOKIE_SIZE_CHARACTERS
127
+ );
128
+ chunkedCookieArray.forEach((chunkValue, chunkNumber) => {
129
+ res.cookie(
130
+ OAuthCookieManager.getCookieChunkName(name, chunkNumber),
131
+ chunkValue,
132
+ options
133
+ );
134
+ });
144
135
  }
145
136
  getCookie(req, name) {
146
- const isChunked = OAuthCookieManager.chunkedCookieExists(req, name);
137
+ const existingChunkCount = OAuthCookieManager.countExistingCookieChunks(
138
+ req,
139
+ name
140
+ );
141
+ const isChunked = existingChunkCount > 0;
147
142
  if (isChunked) {
148
- const chunks = [];
149
- let chunkNumber = 0;
150
- let chunk = req.cookies[OAuthCookieManager.getCookieChunkName(name, chunkNumber)];
151
- while (chunk) {
152
- chunks.push(chunk);
153
- chunkNumber++;
154
- chunk = req.cookies[OAuthCookieManager.getCookieChunkName(name, chunkNumber)];
155
- }
156
- return chunks.join("");
143
+ return this.getChunkedCookie(req, name, existingChunkCount);
157
144
  }
158
145
  return req.cookies[name];
159
146
  }
147
+ getChunkedCookie(req, name, chunkCount) {
148
+ const chunkedCookieArray = [];
149
+ for (let chunkNumber = 0; chunkNumber < chunkCount; chunkNumber++) {
150
+ const chunk = req.cookies[OAuthCookieManager.getCookieChunkName(name, chunkNumber)];
151
+ chunkedCookieArray.push(chunk);
152
+ }
153
+ return chunkedCookieArray.join("");
154
+ }
160
155
  removeCookie(res, name, origin) {
161
156
  const req = res.req;
162
- const options = this.getRemoveCookieOptions(origin);
163
- const isChunked = OAuthCookieManager.chunkedCookieExists(req, name);
164
- if (isChunked) {
165
- const nonChunkedFormatExists = !!req.cookies[name];
166
- let output = nonChunkedFormatExists ? res.cookie(name, "", options) : res;
167
- for (let chunkNumber = 0; ; chunkNumber++) {
168
- const key = OAuthCookieManager.getCookieChunkName(name, chunkNumber);
169
- const exists = !!req.cookies[key];
170
- if (!exists) {
171
- break;
172
- }
173
- output = output.cookie(key, "", options);
174
- }
175
- return output;
157
+ const existingChunkCount = OAuthCookieManager.countExistingCookieChunks(
158
+ req,
159
+ name
160
+ );
161
+ const chunkedFormatExists = existingChunkCount > 0;
162
+ const nonChunkedFormatExists = !!req.cookies[name];
163
+ if (nonChunkedFormatExists) {
164
+ res.cookie(name, "", this.getRemoveCookieOptions(origin));
165
+ }
166
+ if (chunkedFormatExists) {
167
+ this.removeChunkedCookie(res, name, existingChunkCount, {
168
+ origin
169
+ });
170
+ }
171
+ }
172
+ removeChunkedCookie(res, name, chunkCount, { domain, origin } = {}) {
173
+ for (let chunkNumber = 0; chunkNumber < chunkCount; chunkNumber++) {
174
+ const key = OAuthCookieManager.getCookieChunkName(name, chunkNumber);
175
+ const baseOptions = this.getRemoveCookieOptions(origin);
176
+ const options = domain ? { ...baseOptions, domain } : baseOptions;
177
+ res.cookie(key, "", options);
176
178
  }
177
- return res.cookie(name, "", options);
178
179
  }
179
180
  splitCookieToChunks(val, chunkSize) {
180
181
  const numChunks = Math.ceil(val.length / chunkSize);
181
- const chunks = Array(numChunks);
182
+ const chunkedCookieArray = Array(numChunks);
182
183
  let offset = 0;
183
184
  for (let i = 0; i < numChunks; i++) {
184
- chunks[i] = val.substring(offset, offset + chunkSize);
185
+ chunkedCookieArray[i] = val.substring(offset, offset + chunkSize);
185
186
  offset += chunkSize;
186
187
  }
187
- return chunks;
188
- }
189
- static chunkedCookieExists(req, name) {
190
- return !!req.cookies[OAuthCookieManager.getCookieChunkName(name, 0)];
188
+ return chunkedCookieArray;
189
+ }
190
+ static countExistingCookieChunks(req, name) {
191
+ for (let chunkNumber = 0; ; chunkNumber++) {
192
+ const key = OAuthCookieManager.getCookieChunkName(name, chunkNumber);
193
+ const exists = !!req.cookies[key];
194
+ if (!exists) {
195
+ return chunkNumber;
196
+ }
197
+ }
191
198
  }
192
199
  static getCookieChunkName(name, chunkIndex) {
193
200
  return `${name}-${chunkIndex}`;
package/dist/oauth/OAuthCookieManager.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"OAuthCookieManager.cjs.js","sources":["../../src/oauth/OAuthCookieManager.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { CookieOptions, Request, Response } from 'express';\nimport { CookieConfigurer } from '../types';\nimport { HumanDuration, durationToMilliseconds } from '@backstage/types';\n\nconst THOUSAND_DAYS_MS = 1000 * 24 * 60 * 60 * 1000;\nconst TEN_MINUTES_MS = 600 * 1000;\n\nconst MAX_COOKIE_SIZE_CHARACTERS = 4000;\n\nconst defaultCookieConfigurer: CookieConfigurer = ({\n callbackUrl,\n providerId,\n appOrigin,\n}) => {\n const { hostname: domain, pathname, protocol } = new URL(callbackUrl);\n const secure = protocol === 'https:';\n\n // For situations where the auth-backend is running on a\n // different domain than the app, we set the SameSite attribute\n // to 'none' to allow third-party access to the cookie, but\n // only if it's in a secure context (https).\n let sameSite: ReturnType<CookieConfigurer>['sameSite'] = 'lax';\n if (new URL(appOrigin).hostname !== domain && secure) {\n sameSite = 'none';\n }\n\n // If the provider supports callbackUrls, the pathname will\n // contain the complete path to the frame handler so we need\n // to slice off the trailing part of the path.\n const path = pathname.endsWith(`${providerId}/handler/frame`)\n ? pathname.slice(0, -'/handler/frame'.length)\n : `${pathname}/${providerId}`;\n\n return { path, secure, sameSite };\n};\n\n/** @internal */\nexport class OAuthCookieManager {\n private readonly cookieConfigurer: CookieConfigurer;\n private readonly nonceCookie: string;\n private readonly refreshTokenCookie: string;\n private readonly grantedScopeCookie: string;\n private readonly maxAge: number;\n\n constructor(\n private readonly options: {\n providerId: string;\n defaultAppOrigin: string;\n baseUrl: string;\n callbackUrl: string;\n cookieConfigurer?: CookieConfigurer;\n sessionDuration?: HumanDuration;\n },\n ) {\n this.cookieConfigurer = options.cookieConfigurer ?? defaultCookieConfigurer;\n\n this.nonceCookie = `${options.providerId}-nonce`;\n this.refreshTokenCookie = `${options.providerId}-refresh-token`;\n this.grantedScopeCookie = `${options.providerId}-granted-scope`;\n this.maxAge = options.sessionDuration\n ? durationToMilliseconds(options.sessionDuration)\n : THOUSAND_DAYS_MS;\n }\n\n private getConfig(origin?: string, pathSuffix: string = '') {\n const cookieConfig = this.cookieConfigurer({\n providerId: this.options.providerId,\n baseUrl: this.options.baseUrl,\n callbackUrl: this.options.callbackUrl,\n appOrigin: origin ?? this.options.defaultAppOrigin,\n });\n return {\n httpOnly: true,\n sameSite: 'lax' as const,\n ...cookieConfig,\n path: cookieConfig.path + pathSuffix,\n };\n }\n\n setNonce(res: Response, nonce: string, origin?: string): void {\n this.setCookie(\n res,\n this.nonceCookie,\n nonce,\n TEN_MINUTES_MS,\n origin,\n '/handler',\n );\n }\n\n setRefreshToken(res: Response, refreshToken: string, origin?: string): void {\n this.setCookie(\n res,\n this.refreshTokenCookie,\n refreshToken,\n this.maxAge,\n origin,\n );\n }\n\n removeRefreshToken(res: Response, origin?: string): void {\n this.removeCookie(res, this.refreshTokenCookie, origin);\n }\n\n removeGrantedScopes(res: Response, origin?: string): void {\n this.removeCookie(res, this.grantedScopeCookie, origin);\n }\n\n setGrantedScopes(res: Response, scope: string, origin?: string): void {\n this.setCookie(res, this.grantedScopeCookie, scope, this.maxAge, origin);\n }\n\n getNonce(req: Request): string | undefined {\n return this.getCookie(req, this.nonceCookie);\n }\n\n getRefreshToken(req: Request): string | undefined {\n return this.getCookie(req, this.refreshTokenCookie);\n }\n\n getGrantedScopes(req: Request): string | undefined {\n return this.getCookie(req, this.grantedScopeCookie);\n }\n\n private setCookie(\n res: Response,\n name: string,\n val: string,\n maxAge: number,\n origin?: string,\n pathSuffix: string = '',\n ): Response {\n const options = {\n maxAge,\n ...this.getConfig(origin, pathSuffix),\n };\n const req = res.req;\n let output = res;\n\n const chunkedFormatExists = OAuthCookieManager.chunkedCookieExists(\n req,\n name,\n );\n\n // If using the default cookieConfigurer, delete old cookie with domain\n // explicitly set to the callbackUrl's domain (legacy behavior)\n if (this.cookieConfigurer === defaultCookieConfigurer) {\n const { hostname: domain } = new URL(this.options.callbackUrl);\n output = output.cookie(name, '', {\n ...this.getRemoveCookieOptions(),\n domain: domain,\n });\n\n if (chunkedFormatExists) {\n for (let chunkNumber = 0; ; chunkNumber++) {\n const key = OAuthCookieManager.getCookieChunkName(name, chunkNumber);\n const exists = !!req.cookies[key];\n if (!exists) {\n break;\n }\n output = output.cookie(key, '', {\n ...this.getRemoveCookieOptions(),\n domain: domain,\n });\n }\n }\n }\n\n if (val.length > MAX_COOKIE_SIZE_CHARACTERS) {\n const nonChunkedFormatExists = !!req.cookies[name];\n if (nonChunkedFormatExists) {\n output = output.cookie(name, '', this.getRemoveCookieOptions());\n }\n\n const chunked = this.splitCookieToChunks(val, MAX_COOKIE_SIZE_CHARACTERS);\n chunked.forEach((value, chunkNumber) => {\n output = output.cookie(\n OAuthCookieManager.getCookieChunkName(name, chunkNumber),\n value,\n options,\n );\n });\n return output;\n }\n\n if (chunkedFormatExists) {\n for (let chunkNumber = 0; ; chunkNumber++) {\n const key = OAuthCookieManager.getCookieChunkName(name, chunkNumber);\n const exists = !!req.cookies[key];\n if (!exists) {\n break;\n }\n output = output.cookie(key, '', this.getRemoveCookieOptions());\n }\n }\n\n return output.cookie(name, val, options);\n }\n\n private getCookie(req: Request, name: string): string | undefined {\n const isChunked = OAuthCookieManager.chunkedCookieExists(req, name);\n if (isChunked) {\n const chunks: string[] = [];\n let chunkNumber = 0;\n let chunk =\n req.cookies[OAuthCookieManager.getCookieChunkName(name, chunkNumber)];\n while (chunk) {\n chunks.push(chunk);\n chunkNumber++;\n chunk =\n req.cookies[OAuthCookieManager.getCookieChunkName(name, chunkNumber)];\n }\n return chunks.join('');\n }\n return req.cookies[name];\n }\n\n private removeCookie(res: Response, name: string, origin?: string): Response {\n const req = res.req;\n const options = this.getRemoveCookieOptions(origin);\n const isChunked = OAuthCookieManager.chunkedCookieExists(req, name);\n if (isChunked) {\n const nonChunkedFormatExists = !!req.cookies[name];\n let output: Response = nonChunkedFormatExists\n ? res.cookie(name, '', options)\n : res;\n for (let chunkNumber = 0; ; chunkNumber++) {\n const key = OAuthCookieManager.getCookieChunkName(name, chunkNumber);\n const exists = !!req.cookies[key];\n if (!exists) {\n break;\n }\n output = output.cookie(key, '', options);\n }\n return output;\n }\n return res.cookie(name, '', options);\n }\n\n private splitCookieToChunks(val: string, chunkSize: number): string[] {\n const numChunks = Math.ceil(val.length / chunkSize);\n const chunks: string[] = Array<string>(numChunks);\n\n let offset: number = 0;\n for (let i = 0; i < numChunks; i++) {\n chunks[i] = val.substring(offset, offset + chunkSize);\n offset += chunkSize;\n }\n return chunks;\n }\n\n private static chunkedCookieExists(req: Request, name: string): boolean {\n return !!req.cookies[OAuthCookieManager.getCookieChunkName(name, 0)];\n }\n\n private static getCookieChunkName(name: string, chunkIndex: number): string {\n return `${name}-${chunkIndex}`;\n }\n\n private getRemoveCookieOptions(origin?: string): CookieOptions {\n return {\n maxAge: 0,\n ...this.getConfig(origin),\n };\n }\n}\n"],"names":["durationToMilliseconds"],"mappings":";;;;AAoBA,MAAM,gBAAA,GAAmB,GAAA,GAAO,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK,GAAA;AAC/C,MAAM,iBAAiB,GAAA,GAAM,GAAA;AAE7B,MAAM,0BAAA,GAA6B,GAAA;AAEnC,MAAM,0BAA4C,CAAC;AAAA,EACjD,WAAA;AAAA,EACA,UAAA;AAAA,EACA;AACF,CAAA,KAAM;AACJ,EAAA,MAAM,EAAE,UAAU,MAAA,EAAQ,QAAA,EAAU,UAAS,GAAI,IAAI,IAAI,WAAW,CAAA;AACpE,EAAA,MAAM,SAAS,QAAA,KAAa,QAAA;AAM5B,EAAA,IAAI,QAAA,GAAqD,KAAA;AACzD,EAAA,IAAI,IAAI,GAAA,CAAI,SAAS,CAAA,CAAE,QAAA,KAAa,UAAU,MAAA,EAAQ;AACpD,IAAA,QAAA,GAAW,MAAA;AAAA,EACb;AAKA,EAAA,MAAM,OAAO,QAAA,CAAS,QAAA,CAAS,CAAA,EAAG,UAAU,gBAAgB,CAAA,GACxD,QAAA,CAAS,KAAA,CAAM,CAAA,EAAG,CAAC,gBAAA,CAAiB,MAAM,IAC1C,CAAA,EAAG,QAAQ,IAAI,UAAU,CAAA,CAAA;AAE7B,EAAA,OAAO,EAAE,IAAA,EAAM,MAAA,EAAQ,QAAA,EAAS;AAClC,CAAA;AAGO,MAAM,kBAAA,CAAmB;AAAA,EAO9B,YACmB,OAAA,EAQjB;AARiB,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AASjB,IAAA,IAAA,CAAK,gBAAA,GAAmB,QAAQ,gBAAA,IAAoB,uBAAA;AAEpD,IAAA,IAAA,CAAK,WAAA,GAAc,CAAA,EAAG,OAAA,CAAQ,UAAU,CAAA,MAAA,CAAA;AACxC,IAAA,IAAA,CAAK,kBAAA,GAAqB,CAAA,EAAG,OAAA,CAAQ,UAAU,CAAA,cAAA,CAAA;AAC/C,IAAA,IAAA,CAAK,kBAAA,GAAqB,CAAA,EAAG,OAAA,CAAQ,UAAU,CAAA,cAAA,CAAA;AAC/C,IAAA,IAAA,CAAK,SAAS,OAAA,CAAQ,eAAA,GAClBA,4BAAA,CAAuB,OAAA,CAAQ,eAAe,CAAA,GAC9C,gBAAA;AAAA,EACN;AAAA,EAxBiB,gBAAA;AAAA,EACA,WAAA;AAAA,EACA,kBAAA;AAAA,EACA,kBAAA;AAAA,EACA,MAAA;AAAA,EAsBT,SAAA,CAAU,MAAA,EAAiB,UAAA,GAAqB,EAAA,EAAI;AAC1D,IAAA,MAAM,YAAA,GAAe,KAAK,gBAAA,CAAiB;AAAA,MACzC,UAAA,EAAY,KAAK,OAAA,CAAQ,UAAA;AAAA,MACzB,OAAA,EAAS,KAAK,OAAA,CAAQ,OAAA;AAAA,MACtB,WAAA,EAAa,KAAK,OAAA,CAAQ,WAAA;AAAA,MAC1B,SAAA,EAAW,MAAA,IAAU,IAAA,CAAK,OAAA,CAAQ;AAAA,KACnC,CAAA;AACD,IAAA,OAAO;AAAA,MACL,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,KAAA;AAAA,MACV,GAAG,YAAA;AAAA,MACH,IAAA,EAAM,aAAa,IAAA,GAAO;AAAA,KAC5B;AAAA,EACF;AAAA,EAEA,QAAA,CAAS,GAAA,EAAe,KAAA,EAAe,MAAA,EAAuB;AAC5D,IAAA,IAAA,CAAK,SAAA;AAAA,MACH,GAAA;AAAA,MACA,IAAA,CAAK,WAAA;AAAA,MACL,KAAA;AAAA,MACA,cAAA;AAAA,MACA,MAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAAA,EAEA,eAAA,CAAgB,GAAA,EAAe,YAAA,EAAsB,MAAA,EAAuB;AAC1E,IAAA,IAAA,CAAK,SAAA;AAAA,MACH,GAAA;AAAA,MACA,IAAA,CAAK,kBAAA;AAAA,MACL,YAAA;AAAA,MACA,IAAA,CAAK,MAAA;AAAA,MACL;AAAA,KACF;AAAA,EACF;AAAA,EAEA,kBAAA,CAAmB,KAAe,MAAA,EAAuB;AACvD,IAAA,IAAA,CAAK,YAAA,CAAa,GAAA,EAAK,IAAA,CAAK,kBAAA,EAAoB,MAAM,CAAA;AAAA,EACxD;AAAA,EAEA,mBAAA,CAAoB,KAAe,MAAA,EAAuB;AACxD,IAAA,IAAA,CAAK,YAAA,CAAa,GAAA,EAAK,IAAA,CAAK,kBAAA,EAAoB,MAAM,CAAA;AAAA,EACxD;AAAA,EAEA,gBAAA,CAAiB,GAAA,EAAe,KAAA,EAAe,MAAA,EAAuB;AACpE,IAAA,IAAA,CAAK,UAAU,GAAA,EAAK,IAAA,CAAK,oBAAoB,KAAA,EAAO,IAAA,CAAK,QAAQ,MAAM,CAAA;AAAA,EACzE;AAAA,EAEA,SAAS,GAAA,EAAkC;AACzC,IAAA,OAAO,IAAA,CAAK,SAAA,CAAU,GAAA,EAAK,IAAA,CAAK,WAAW,CAAA;AAAA,EAC7C;AAAA,EAEA,gBAAgB,GAAA,EAAkC;AAChD,IAAA,OAAO,IAAA,CAAK,SAAA,CAAU,GAAA,EAAK,IAAA,CAAK,kBAAkB,CAAA;AAAA,EACpD;AAAA,EAEA,iBAAiB,GAAA,EAAkC;AACjD,IAAA,OAAO,IAAA,CAAK,SAAA,CAAU,GAAA,EAAK,IAAA,CAAK,kBAAkB,CAAA;AAAA,EACpD;AAAA,EAEQ,UACN,GAAA,EACA,IAAA,EACA,KACA,MAAA,EACA,MAAA,EACA,aAAqB,EAAA,EACX;AACV,IAAA,MAAM,OAAA,GAAU;AAAA,MACd,MAAA;AAAA,MACA,GAAG,IAAA,CAAK,SAAA,CAAU,MAAA,EAAQ,UAAU;AAAA,KACtC;AACA,IAAA,MAAM,MAAM,GAAA,CAAI,GAAA;AAChB,IAAA,IAAI,MAAA,GAAS,GAAA;AAEb,IAAA,MAAM,sBAAsB,kBAAA,CAAmB,mBAAA;AAAA,MAC7C,GAAA;AAAA,MACA;AAAA,KACF;AAIA,IAAA,IAAI,IAAA,CAAK,qBAAqB,uBAAA,EAAyB;AACrD,MAAA,MAAM,EAAE,UAAU,MAAA,EAAO,GAAI,IAAI,GAAA,CAAI,IAAA,CAAK,QAAQ,WAAW,CAAA;AAC7D,MAAA,MAAA,GAAS,MAAA,CAAO,MAAA,CAAO,IAAA,EAAM,EAAA,EAAI;AAAA,QAC/B,GAAG,KAAK,sBAAA,EAAuB;AAAA,QAC/B;AAAA,OACD,CAAA;AAED,MAAA,IAAI,mBAAA,EAAqB;AACvB,QAAA,KAAA,IAAS,WAAA,GAAc,KAAK,WAAA,EAAA,EAAe;AACzC,UAAA,MAAM,GAAA,GAAM,kBAAA,CAAmB,kBAAA,CAAmB,IAAA,EAAM,WAAW,CAAA;AACnE,UAAA,MAAM,MAAA,GAAS,CAAC,CAAC,GAAA,CAAI,QAAQ,GAAG,CAAA;AAChC,UAAA,IAAI,CAAC,MAAA,EAAQ;AACX,YAAA;AAAA,UACF;AACA,UAAA,MAAA,GAAS,MAAA,CAAO,MAAA,CAAO,GAAA,EAAK,EAAA,EAAI;AAAA,YAC9B,GAAG,KAAK,sBAAA,EAAuB;AAAA,YAC/B;AAAA,WACD,CAAA;AAAA,QACH;AAAA,MACF;AAAA,IACF;AAEA,IAAA,IAAI,GAAA,CAAI,SAAS,0BAAA,EAA4B;AAC3C,MAAA,MAAM,sBAAA,GAAyB,CAAC,CAAC,GAAA,CAAI,QAAQ,IAAI,CAAA;AACjD,MAAA,IAAI,sBAAA,EAAwB;AAC1B,QAAA,MAAA,GAAS,OAAO,MAAA,CAAO,IAAA,EAAM,EAAA,EAAI,IAAA,CAAK,wBAAwB,CAAA;AAAA,MAChE;AAEA,MAAA,MAAM,OAAA,GAAU,IAAA,CAAK,mBAAA,CAAoB,GAAA,EAAK,0BAA0B,CAAA;AACxE,MAAA,OAAA,CAAQ,OAAA,CAAQ,CAAC,KAAA,EAAO,WAAA,KAAgB;AACtC,QAAA,MAAA,GAAS,MAAA,CAAO,MAAA;AAAA,UACd,kBAAA,CAAmB,kBAAA,CAAmB,IAAA,EAAM,WAAW,CAAA;AAAA,UACvD,KAAA;AAAA,UACA;AAAA,SACF;AAAA,MACF,CAAC,CAAA;AACD,MAAA,OAAO,MAAA;AAAA,IACT;AAEA,IAAA,IAAI,mBAAA,EAAqB;AACvB,MAAA,KAAA,IAAS,WAAA,GAAc,KAAK,WAAA,EAAA,EAAe;AACzC,QAAA,MAAM,GAAA,GAAM,kBAAA,CAAmB,kBAAA,CAAmB,IAAA,EAAM,WAAW,CAAA;AACnE,QAAA,MAAM,MAAA,GAAS,CAAC,CAAC,GAAA,CAAI,QAAQ,GAAG,CAAA;AAChC,QAAA,IAAI,CAAC,MAAA,EAAQ;AACX,UAAA;AAAA,QACF;AACA,QAAA,MAAA,GAAS,OAAO,MAAA,CAAO,GAAA,EAAK,EAAA,EAAI,IAAA,CAAK,wBAAwB,CAAA;AAAA,MAC/D;AAAA,IACF;AAEA,IAAA,OAAO,MAAA,CAAO,MAAA,CAAO,IAAA,EAAM,GAAA,EAAK,OAAO,CAAA;AAAA,EACzC;AAAA,EAEQ,SAAA,CAAU,KAAc,IAAA,EAAkC;AAChE,IAAA,MAAM,SAAA,GAAY,kBAAA,CAAmB,mBAAA,CAAoB,GAAA,EAAK,IAAI,CAAA;AAClE,IAAA,IAAI,SAAA,EAAW;AACb,MAAA,MAAM,SAAmB,EAAC;AAC1B,MAAA,IAAI,WAAA,GAAc,CAAA;AAClB,MAAA,IAAI,QACF,GAAA,CAAI,OAAA,CAAQ,mBAAmB,kBAAA,CAAmB,IAAA,EAAM,WAAW,CAAC,CAAA;AACtE,MAAA,OAAO,KAAA,EAAO;AACZ,QAAA,MAAA,CAAO,KAAK,KAAK,CAAA;AACjB,QAAA,WAAA,EAAA;AACA,QAAA,KAAA,GACE,IAAI,OAAA,CAAQ,kBAAA,CAAmB,kBAAA,CAAmB,IAAA,EAAM,WAAW,CAAC,CAAA;AAAA,MACxE;AACA,MAAA,OAAO,MAAA,CAAO,KAAK,EAAE,CAAA;AAAA,IACvB;AACA,IAAA,OAAO,GAAA,CAAI,QAAQ,IAAI,CAAA;AAAA,EACzB;AAAA,EAEQ,YAAA,CAAa,GAAA,EAAe,IAAA,EAAc,MAAA,EAA2B;AAC3E,IAAA,MAAM,MAAM,GAAA,CAAI,GAAA;AAChB,IAAA,MAAM,OAAA,GAAU,IAAA,CAAK,sBAAA,CAAuB,MAAM,CAAA;AAClD,IAAA,MAAM,SAAA,GAAY,kBAAA,CAAmB,mBAAA,CAAoB,GAAA,EAAK,IAAI,CAAA;AAClE,IAAA,IAAI,SAAA,EAAW;AACb,MAAA,MAAM,sBAAA,GAAyB,CAAC,CAAC,GAAA,CAAI,QAAQ,IAAI,CAAA;AACjD,MAAA,IAAI,SAAmB,sBAAA,GACnB,GAAA,CAAI,OAAO,IAAA,EAAM,EAAA,EAAI,OAAO,CAAA,GAC5B,GAAA;AACJ,MAAA,KAAA,IAAS,WAAA,GAAc,KAAK,WAAA,EAAA,EAAe;AACzC,QAAA,MAAM,GAAA,GAAM,kBAAA,CAAmB,kBAAA,CAAmB,IAAA,EAAM,WAAW,CAAA;AACnE,QAAA,MAAM,MAAA,GAAS,CAAC,CAAC,GAAA,CAAI,QAAQ,GAAG,CAAA;AAChC,QAAA,IAAI,CAAC,MAAA,EAAQ;AACX,UAAA;AAAA,QACF;AACA,QAAA,MAAA,GAAS,MAAA,CAAO,MAAA,CAAO,GAAA,EAAK,EAAA,EAAI,OAAO,CAAA;AAAA,MACzC;AACA,MAAA,OAAO,MAAA;AAAA,IACT;AACA,IAAA,OAAO,GAAA,CAAI,MAAA,CAAO,IAAA,EAAM,EAAA,EAAI,OAAO,CAAA;AAAA,EACrC;AAAA,EAEQ,mBAAA,CAAoB,KAAa,SAAA,EAA6B;AACpE,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,IAAA,CAAK,GAAA,CAAI,SAAS,SAAS,CAAA;AAClD,IAAA,MAAM,MAAA,GAAmB,MAAc,SAAS,CAAA;AAEhD,IAAA,IAAI,MAAA,GAAiB,CAAA;AACrB,IAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,SAAA,EAAW,CAAA,EAAA,EAAK;AAClC,MAAA,MAAA,CAAO,CAAC,CAAA,GAAI,GAAA,CAAI,SAAA,CAAU,MAAA,EAAQ,SAAS,SAAS,CAAA;AACpD,MAAA,MAAA,IAAU,SAAA;AAAA,IACZ;AACA,IAAA,OAAO,MAAA;AAAA,EACT;AAAA,EAEA,OAAe,mBAAA,CAAoB,GAAA,EAAc,IAAA,EAAuB;AACtE,IAAA,OAAO,CAAC,CAAC,GAAA,CAAI,OAAA,CAAQ,mBAAmB,kBAAA,CAAmB,IAAA,EAAM,CAAC,CAAC,CAAA;AAAA,EACrE;AAAA,EAEA,OAAe,kBAAA,CAAmB,IAAA,EAAc,UAAA,EAA4B;AAC1E,IAAA,OAAO,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI,UAAU,CAAA,CAAA;AAAA,EAC9B;AAAA,EAEQ,uBAAuB,MAAA,EAAgC;AAC7D,IAAA,OAAO;AAAA,MACL,MAAA,EAAQ,CAAA;AAAA,MACR,GAAG,IAAA,CAAK,SAAA,CAAU,MAAM;AAAA,KAC1B;AAAA,EACF;AACF;;;;"}
1
+ {"version":3,"file":"OAuthCookieManager.cjs.js","sources":["../../src/oauth/OAuthCookieManager.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { CookieOptions, Request, Response } from 'express';\nimport { CookieConfigurer } from '../types';\nimport { HumanDuration, durationToMilliseconds } from '@backstage/types';\n\nconst THOUSAND_DAYS_MS = 1000 * 24 * 60 * 60 * 1000;\nconst TEN_MINUTES_MS = 600 * 1000;\n\nconst MAX_COOKIE_SIZE_CHARACTERS = 4000;\n\nconst defaultCookieConfigurer: CookieConfigurer = ({\n callbackUrl,\n providerId,\n appOrigin,\n}) => {\n const { hostname: domain, pathname, protocol } = new URL(callbackUrl);\n const secure = protocol === 'https:';\n\n // For situations where the auth-backend is running on a\n // different domain than the app, we set the SameSite attribute\n // to 'none' to allow third-party access to the cookie, but\n // only if it's in a secure context (https).\n let sameSite: ReturnType<CookieConfigurer>['sameSite'] = 'lax';\n if (new URL(appOrigin).hostname !== domain && secure) {\n sameSite = 'none';\n }\n\n // If the provider supports callbackUrls, the pathname will\n // contain the complete path to the frame handler so we need\n // to slice off the trailing part of the path.\n const path = pathname.endsWith(`${providerId}/handler/frame`)\n ? pathname.slice(0, -'/handler/frame'.length)\n : `${pathname}/${providerId}`;\n\n return { path, secure, sameSite };\n};\n\n/** @internal */\nexport class OAuthCookieManager {\n private readonly cookieConfigurer: CookieConfigurer;\n private readonly nonceCookie: string;\n private readonly refreshTokenCookie: string;\n private readonly grantedScopeCookie: string;\n private readonly maxAge: number;\n\n constructor(\n private readonly options: {\n providerId: string;\n defaultAppOrigin: string;\n baseUrl: string;\n callbackUrl: string;\n cookieConfigurer?: CookieConfigurer;\n sessionDuration?: HumanDuration;\n },\n ) {\n this.cookieConfigurer = options.cookieConfigurer ?? defaultCookieConfigurer;\n\n this.nonceCookie = `${options.providerId}-nonce`;\n this.refreshTokenCookie = `${options.providerId}-refresh-token`;\n this.grantedScopeCookie = `${options.providerId}-granted-scope`;\n this.maxAge = options.sessionDuration\n ? durationToMilliseconds(options.sessionDuration)\n : THOUSAND_DAYS_MS;\n }\n\n private getConfig(origin?: string, pathSuffix: string = '') {\n const cookieConfig = this.cookieConfigurer({\n providerId: this.options.providerId,\n baseUrl: this.options.baseUrl,\n callbackUrl: this.options.callbackUrl,\n appOrigin: origin ?? this.options.defaultAppOrigin,\n });\n return {\n httpOnly: true,\n sameSite: 'lax' as const,\n ...cookieConfig,\n path: cookieConfig.path + pathSuffix,\n };\n }\n\n setNonce(res: Response, nonce: string, origin?: string): void {\n this.setCookie(\n res,\n this.nonceCookie,\n nonce,\n TEN_MINUTES_MS,\n origin,\n '/handler',\n );\n }\n\n setRefreshToken(res: Response, refreshToken: string, origin?: string): void {\n this.setCookie(\n res,\n this.refreshTokenCookie,\n refreshToken,\n this.maxAge,\n origin,\n );\n }\n\n removeRefreshToken(res: Response, origin?: string): void {\n this.removeCookie(res, this.refreshTokenCookie, origin);\n }\n\n removeGrantedScopes(res: Response, origin?: string): void {\n this.removeCookie(res, this.grantedScopeCookie, origin);\n }\n\n setGrantedScopes(res: Response, scope: string, origin?: string): void {\n this.setCookie(res, this.grantedScopeCookie, scope, this.maxAge, origin);\n }\n\n getNonce(req: Request): string | undefined {\n return this.getCookie(req, this.nonceCookie);\n }\n\n getRefreshToken(req: Request): string | undefined {\n return this.getCookie(req, this.refreshTokenCookie);\n }\n\n getGrantedScopes(req: Request): string | undefined {\n return this.getCookie(req, this.grantedScopeCookie);\n }\n\n private setCookie(\n res: Response,\n name: string,\n val: string,\n maxAge: number,\n origin?: string,\n pathSuffix: string = '',\n ): void {\n const options = {\n maxAge,\n ...this.getConfig(origin, pathSuffix),\n };\n const req = res.req;\n\n const newCookieShouldBeChunked = val.length > MAX_COOKIE_SIZE_CHARACTERS;\n const existingChunkCount = OAuthCookieManager.countExistingCookieChunks(\n req,\n name,\n );\n const chunkedFormatExists = existingChunkCount > 0;\n\n // If using the default cookieConfigurer, delete old cookie with domain\n // explicitly set to the callbackUrl's domain (legacy behavior)\n if (this.cookieConfigurer === defaultCookieConfigurer) {\n this.removeLegacyCookieWithDomain(res, name, existingChunkCount);\n }\n\n if (chunkedFormatExists) {\n this.removeChunkedCookie(res, name, existingChunkCount);\n }\n\n if (newCookieShouldBeChunked) {\n this.setChunkedCookie(req, res, name, val, options);\n } else {\n res.cookie(name, val, options);\n }\n }\n\n private removeLegacyCookieWithDomain(\n res: Response,\n name: string,\n chunkCount: number,\n ): void {\n const { hostname: domain } = new URL(this.options.callbackUrl);\n res.cookie(name, '', {\n ...this.getRemoveCookieOptions(),\n domain: domain,\n });\n\n this.removeChunkedCookie(res, name, chunkCount, { domain });\n }\n\n private setChunkedCookie(\n req: Request,\n res: Response,\n name: string,\n val: string,\n options: CookieOptions,\n ): void {\n const nonChunkedFormatExists = !!req.cookies[name];\n if (nonChunkedFormatExists) {\n res.cookie(name, '', this.getRemoveCookieOptions());\n }\n const chunkedCookieArray = this.splitCookieToChunks(\n val,\n MAX_COOKIE_SIZE_CHARACTERS,\n );\n chunkedCookieArray.forEach((chunkValue, chunkNumber) => {\n res.cookie(\n OAuthCookieManager.getCookieChunkName(name, chunkNumber),\n chunkValue,\n options,\n );\n });\n }\n\n private getCookie(req: Request, name: string): string | undefined {\n const existingChunkCount = OAuthCookieManager.countExistingCookieChunks(\n req,\n name,\n );\n const isChunked = existingChunkCount > 0;\n if (isChunked) {\n return this.getChunkedCookie(req, name, existingChunkCount);\n }\n return req.cookies[name];\n }\n\n private getChunkedCookie(\n req: Request,\n name: string,\n chunkCount: number,\n ): string | undefined {\n const chunkedCookieArray: string[] = [];\n for (let chunkNumber = 0; chunkNumber < chunkCount; chunkNumber++) {\n const chunk =\n req.cookies[OAuthCookieManager.getCookieChunkName(name, chunkNumber)];\n chunkedCookieArray.push(chunk);\n }\n return chunkedCookieArray.join('');\n }\n\n private removeCookie(res: Response, name: string, origin?: string): void {\n const req = res.req;\n const existingChunkCount = OAuthCookieManager.countExistingCookieChunks(\n req,\n name,\n );\n const chunkedFormatExists = existingChunkCount > 0;\n const nonChunkedFormatExists = !!req.cookies[name];\n\n if (nonChunkedFormatExists) {\n res.cookie(name, '', this.getRemoveCookieOptions(origin));\n }\n if (chunkedFormatExists) {\n this.removeChunkedCookie(res, name, existingChunkCount, {\n origin,\n });\n }\n }\n\n private removeChunkedCookie(\n res: Response,\n name: string,\n chunkCount: number,\n { domain, origin }: { domain?: string; origin?: string } = {},\n ): void {\n for (let chunkNumber = 0; chunkNumber < chunkCount; chunkNumber++) {\n const key = OAuthCookieManager.getCookieChunkName(name, chunkNumber);\n const baseOptions = this.getRemoveCookieOptions(origin);\n const options = domain ? { ...baseOptions, domain } : baseOptions;\n res.cookie(key, '', options);\n }\n }\n\n private splitCookieToChunks(val: string, chunkSize: number): string[] {\n const numChunks = Math.ceil(val.length / chunkSize);\n const chunkedCookieArray: string[] = Array<string>(numChunks);\n\n let offset: number = 0;\n for (let i = 0; i < numChunks; i++) {\n chunkedCookieArray[i] = val.substring(offset, offset + chunkSize);\n offset += chunkSize;\n }\n return chunkedCookieArray;\n }\n\n private static countExistingCookieChunks(req: Request, name: string): number {\n for (let chunkNumber = 0; ; chunkNumber++) {\n const key = OAuthCookieManager.getCookieChunkName(name, chunkNumber);\n const exists = !!req.cookies[key];\n if (!exists) {\n return chunkNumber;\n }\n }\n }\n\n private static getCookieChunkName(name: string, chunkIndex: number): string {\n return `${name}-${chunkIndex}`;\n }\n\n private getRemoveCookieOptions(origin?: string): CookieOptions {\n return {\n maxAge: 0,\n ...this.getConfig(origin),\n };\n }\n}\n"],"names":["durationToMilliseconds"],"mappings":";;;;AAoBA,MAAM,gBAAA,GAAmB,GAAA,GAAO,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK,GAAA;AAC/C,MAAM,iBAAiB,GAAA,GAAM,GAAA;AAE7B,MAAM,0BAAA,GAA6B,GAAA;AAEnC,MAAM,0BAA4C,CAAC;AAAA,EACjD,WAAA;AAAA,EACA,UAAA;AAAA,EACA;AACF,CAAA,KAAM;AACJ,EAAA,MAAM,EAAE,UAAU,MAAA,EAAQ,QAAA,EAAU,UAAS,GAAI,IAAI,IAAI,WAAW,CAAA;AACpE,EAAA,MAAM,SAAS,QAAA,KAAa,QAAA;AAM5B,EAAA,IAAI,QAAA,GAAqD,KAAA;AACzD,EAAA,IAAI,IAAI,GAAA,CAAI,SAAS,CAAA,CAAE,QAAA,KAAa,UAAU,MAAA,EAAQ;AACpD,IAAA,QAAA,GAAW,MAAA;AAAA,EACb;AAKA,EAAA,MAAM,OAAO,QAAA,CAAS,QAAA,CAAS,CAAA,EAAG,UAAU,gBAAgB,CAAA,GACxD,QAAA,CAAS,KAAA,CAAM,CAAA,EAAG,CAAC,gBAAA,CAAiB,MAAM,IAC1C,CAAA,EAAG,QAAQ,IAAI,UAAU,CAAA,CAAA;AAE7B,EAAA,OAAO,EAAE,IAAA,EAAM,MAAA,EAAQ,QAAA,EAAS;AAClC,CAAA;AAGO,MAAM,kBAAA,CAAmB;AAAA,EAO9B,YACmB,OAAA,EAQjB;AARiB,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AASjB,IAAA,IAAA,CAAK,gBAAA,GAAmB,QAAQ,gBAAA,IAAoB,uBAAA;AAEpD,IAAA,IAAA,CAAK,WAAA,GAAc,CAAA,EAAG,OAAA,CAAQ,UAAU,CAAA,MAAA,CAAA;AACxC,IAAA,IAAA,CAAK,kBAAA,GAAqB,CAAA,EAAG,OAAA,CAAQ,UAAU,CAAA,cAAA,CAAA;AAC/C,IAAA,IAAA,CAAK,kBAAA,GAAqB,CAAA,EAAG,OAAA,CAAQ,UAAU,CAAA,cAAA,CAAA;AAC/C,IAAA,IAAA,CAAK,SAAS,OAAA,CAAQ,eAAA,GAClBA,4BAAA,CAAuB,OAAA,CAAQ,eAAe,CAAA,GAC9C,gBAAA;AAAA,EACN;AAAA,EAxBiB,gBAAA;AAAA,EACA,WAAA;AAAA,EACA,kBAAA;AAAA,EACA,kBAAA;AAAA,EACA,MAAA;AAAA,EAsBT,SAAA,CAAU,MAAA,EAAiB,UAAA,GAAqB,EAAA,EAAI;AAC1D,IAAA,MAAM,YAAA,GAAe,KAAK,gBAAA,CAAiB;AAAA,MACzC,UAAA,EAAY,KAAK,OAAA,CAAQ,UAAA;AAAA,MACzB,OAAA,EAAS,KAAK,OAAA,CAAQ,OAAA;AAAA,MACtB,WAAA,EAAa,KAAK,OAAA,CAAQ,WAAA;AAAA,MAC1B,SAAA,EAAW,MAAA,IAAU,IAAA,CAAK,OAAA,CAAQ;AAAA,KACnC,CAAA;AACD,IAAA,OAAO;AAAA,MACL,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,KAAA;AAAA,MACV,GAAG,YAAA;AAAA,MACH,IAAA,EAAM,aAAa,IAAA,GAAO;AAAA,KAC5B;AAAA,EACF;AAAA,EAEA,QAAA,CAAS,GAAA,EAAe,KAAA,EAAe,MAAA,EAAuB;AAC5D,IAAA,IAAA,CAAK,SAAA;AAAA,MACH,GAAA;AAAA,MACA,IAAA,CAAK,WAAA;AAAA,MACL,KAAA;AAAA,MACA,cAAA;AAAA,MACA,MAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAAA,EAEA,eAAA,CAAgB,GAAA,EAAe,YAAA,EAAsB,MAAA,EAAuB;AAC1E,IAAA,IAAA,CAAK,SAAA;AAAA,MACH,GAAA;AAAA,MACA,IAAA,CAAK,kBAAA;AAAA,MACL,YAAA;AAAA,MACA,IAAA,CAAK,MAAA;AAAA,MACL;AAAA,KACF;AAAA,EACF;AAAA,EAEA,kBAAA,CAAmB,KAAe,MAAA,EAAuB;AACvD,IAAA,IAAA,CAAK,YAAA,CAAa,GAAA,EAAK,IAAA,CAAK,kBAAA,EAAoB,MAAM,CAAA;AAAA,EACxD;AAAA,EAEA,mBAAA,CAAoB,KAAe,MAAA,EAAuB;AACxD,IAAA,IAAA,CAAK,YAAA,CAAa,GAAA,EAAK,IAAA,CAAK,kBAAA,EAAoB,MAAM,CAAA;AAAA,EACxD;AAAA,EAEA,gBAAA,CAAiB,GAAA,EAAe,KAAA,EAAe,MAAA,EAAuB;AACpE,IAAA,IAAA,CAAK,UAAU,GAAA,EAAK,IAAA,CAAK,oBAAoB,KAAA,EAAO,IAAA,CAAK,QAAQ,MAAM,CAAA;AAAA,EACzE;AAAA,EAEA,SAAS,GAAA,EAAkC;AACzC,IAAA,OAAO,IAAA,CAAK,SAAA,CAAU,GAAA,EAAK,IAAA,CAAK,WAAW,CAAA;AAAA,EAC7C;AAAA,EAEA,gBAAgB,GAAA,EAAkC;AAChD,IAAA,OAAO,IAAA,CAAK,SAAA,CAAU,GAAA,EAAK,IAAA,CAAK,kBAAkB,CAAA;AAAA,EACpD;AAAA,EAEA,iBAAiB,GAAA,EAAkC;AACjD,IAAA,OAAO,IAAA,CAAK,SAAA,CAAU,GAAA,EAAK,IAAA,CAAK,kBAAkB,CAAA;AAAA,EACpD;AAAA,EAEQ,UACN,GAAA,EACA,IAAA,EACA,KACA,MAAA,EACA,MAAA,EACA,aAAqB,EAAA,EACf;AACN,IAAA,MAAM,OAAA,GAAU;AAAA,MACd,MAAA;AAAA,MACA,GAAG,IAAA,CAAK,SAAA,CAAU,MAAA,EAAQ,UAAU;AAAA,KACtC;AACA,IAAA,MAAM,MAAM,GAAA,CAAI,GAAA;AAEhB,IAAA,MAAM,wBAAA,GAA2B,IAAI,MAAA,GAAS,0BAAA;AAC9C,IAAA,MAAM,qBAAqB,kBAAA,CAAmB,yBAAA;AAAA,MAC5C,GAAA;AAAA,MACA;AAAA,KACF;AACA,IAAA,MAAM,sBAAsB,kBAAA,GAAqB,CAAA;AAIjD,IAAA,IAAI,IAAA,CAAK,qBAAqB,uBAAA,EAAyB;AACrD,MAAA,IAAA,CAAK,4BAAA,CAA6B,GAAA,EAAK,IAAA,EAAM,kBAAkB,CAAA;AAAA,IACjE;AAEA,IAAA,IAAI,mBAAA,EAAqB;AACvB,MAAA,IAAA,CAAK,mBAAA,CAAoB,GAAA,EAAK,IAAA,EAAM,kBAAkB,CAAA;AAAA,IACxD;AAEA,IAAA,IAAI,wBAAA,EAA0B;AAC5B,MAAA,IAAA,CAAK,gBAAA,CAAiB,GAAA,EAAK,GAAA,EAAK,IAAA,EAAM,KAAK,OAAO,CAAA;AAAA,IACpD,CAAA,MAAO;AACL,MAAA,GAAA,CAAI,MAAA,CAAO,IAAA,EAAM,GAAA,EAAK,OAAO,CAAA;AAAA,IAC/B;AAAA,EACF;AAAA,EAEQ,4BAAA,CACN,GAAA,EACA,IAAA,EACA,UAAA,EACM;AACN,IAAA,MAAM,EAAE,UAAU,MAAA,EAAO,GAAI,IAAI,GAAA,CAAI,IAAA,CAAK,QAAQ,WAAW,CAAA;AAC7D,IAAA,GAAA,CAAI,MAAA,CAAO,MAAM,EAAA,EAAI;AAAA,MACnB,GAAG,KAAK,sBAAA,EAAuB;AAAA,MAC/B;AAAA,KACD,CAAA;AAED,IAAA,IAAA,CAAK,oBAAoB,GAAA,EAAK,IAAA,EAAM,UAAA,EAAY,EAAE,QAAQ,CAAA;AAAA,EAC5D;AAAA,EAEQ,gBAAA,CACN,GAAA,EACA,GAAA,EACA,IAAA,EACA,KACA,OAAA,EACM;AACN,IAAA,MAAM,sBAAA,GAAyB,CAAC,CAAC,GAAA,CAAI,QAAQ,IAAI,CAAA;AACjD,IAAA,IAAI,sBAAA,EAAwB;AAC1B,MAAA,GAAA,CAAI,MAAA,CAAO,IAAA,EAAM,EAAA,EAAI,IAAA,CAAK,wBAAwB,CAAA;AAAA,IACpD;AACA,IAAA,MAAM,qBAAqB,IAAA,CAAK,mBAAA;AAAA,MAC9B,GAAA;AAAA,MACA;AAAA,KACF;AACA,IAAA,kBAAA,CAAmB,OAAA,CAAQ,CAAC,UAAA,EAAY,WAAA,KAAgB;AACtD,MAAA,GAAA,CAAI,MAAA;AAAA,QACF,kBAAA,CAAmB,kBAAA,CAAmB,IAAA,EAAM,WAAW,CAAA;AAAA,QACvD,UAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AAAA,EAEQ,SAAA,CAAU,KAAc,IAAA,EAAkC;AAChE,IAAA,MAAM,qBAAqB,kBAAA,CAAmB,yBAAA;AAAA,MAC5C,GAAA;AAAA,MACA;AAAA,KACF;AACA,IAAA,MAAM,YAAY,kBAAA,GAAqB,CAAA;AACvC,IAAA,IAAI,SAAA,EAAW;AACb,MAAA,OAAO,IAAA,CAAK,gBAAA,CAAiB,GAAA,EAAK,IAAA,EAAM,kBAAkB,CAAA;AAAA,IAC5D;AACA,IAAA,OAAO,GAAA,CAAI,QAAQ,IAAI,CAAA;AAAA,EACzB;AAAA,EAEQ,gBAAA,CACN,GAAA,EACA,IAAA,EACA,UAAA,EACoB;AACpB,IAAA,MAAM,qBAA+B,EAAC;AACtC,IAAA,KAAA,IAAS,WAAA,GAAc,CAAA,EAAG,WAAA,GAAc,UAAA,EAAY,WAAA,EAAA,EAAe;AACjE,MAAA,MAAM,QACJ,GAAA,CAAI,OAAA,CAAQ,mBAAmB,kBAAA,CAAmB,IAAA,EAAM,WAAW,CAAC,CAAA;AACtE,MAAA,kBAAA,CAAmB,KAAK,KAAK,CAAA;AAAA,IAC/B;AACA,IAAA,OAAO,kBAAA,CAAmB,KAAK,EAAE,CAAA;AAAA,EACnC;AAAA,EAEQ,YAAA,CAAa,GAAA,EAAe,IAAA,EAAc,MAAA,EAAuB;AACvE,IAAA,MAAM,MAAM,GAAA,CAAI,GAAA;AAChB,IAAA,MAAM,qBAAqB,kBAAA,CAAmB,yBAAA;AAAA,MAC5C,GAAA;AAAA,MACA;AAAA,KACF;AACA,IAAA,MAAM,sBAAsB,kBAAA,GAAqB,CAAA;AACjD,IAAA,MAAM,sBAAA,GAAyB,CAAC,CAAC,GAAA,CAAI,QAAQ,IAAI,CAAA;AAEjD,IAAA,IAAI,sBAAA,EAAwB;AAC1B,MAAA,GAAA,CAAI,OAAO,IAAA,EAAM,EAAA,EAAI,IAAA,CAAK,sBAAA,CAAuB,MAAM,CAAC,CAAA;AAAA,IAC1D;AACA,IAAA,IAAI,mBAAA,EAAqB;AACvB,MAAA,IAAA,CAAK,mBAAA,CAAoB,GAAA,EAAK,IAAA,EAAM,kBAAA,EAAoB;AAAA,QACtD;AAAA,OACD,CAAA;AAAA,IACH;AAAA,EACF;AAAA,EAEQ,mBAAA,CACN,KACA,IAAA,EACA,UAAA,EACA,EAAE,MAAA,EAAQ,MAAA,EAAO,GAA0C,EAAC,EACtD;AACN,IAAA,KAAA,IAAS,WAAA,GAAc,CAAA,EAAG,WAAA,GAAc,UAAA,EAAY,WAAA,EAAA,EAAe;AACjE,MAAA,MAAM,GAAA,GAAM,kBAAA,CAAmB,kBAAA,CAAmB,IAAA,EAAM,WAAW,CAAA;AACnE,MAAA,MAAM,WAAA,GAAc,IAAA,CAAK,sBAAA,CAAuB,MAAM,CAAA;AACtD,MAAA,MAAM,UAAU,MAAA,GAAS,EAAE,GAAG,WAAA,EAAa,QAAO,GAAI,WAAA;AACtD,MAAA,GAAA,CAAI,MAAA,CAAO,GAAA,EAAK,EAAA,EAAI,OAAO,CAAA;AAAA,IAC7B;AAAA,EACF;AAAA,EAEQ,mBAAA,CAAoB,KAAa,SAAA,EAA6B;AACpE,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,IAAA,CAAK,GAAA,CAAI,SAAS,SAAS,CAAA;AAClD,IAAA,MAAM,kBAAA,GAA+B,MAAc,SAAS,CAAA;AAE5D,IAAA,IAAI,MAAA,GAAiB,CAAA;AACrB,IAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,SAAA,EAAW,CAAA,EAAA,EAAK;AAClC,MAAA,kBAAA,CAAmB,CAAC,CAAA,GAAI,GAAA,CAAI,SAAA,CAAU,MAAA,EAAQ,SAAS,SAAS,CAAA;AAChE,MAAA,MAAA,IAAU,SAAA;AAAA,IACZ;AACA,IAAA,OAAO,kBAAA;AAAA,EACT;AAAA,EAEA,OAAe,yBAAA,CAA0B,GAAA,EAAc,IAAA,EAAsB;AAC3E,IAAA,KAAA,IAAS,WAAA,GAAc,KAAK,WAAA,EAAA,EAAe;AACzC,MAAA,MAAM,GAAA,GAAM,kBAAA,CAAmB,kBAAA,CAAmB,IAAA,EAAM,WAAW,CAAA;AACnE,MAAA,MAAM,MAAA,GAAS,CAAC,CAAC,GAAA,CAAI,QAAQ,GAAG,CAAA;AAChC,MAAA,IAAI,CAAC,MAAA,EAAQ;AACX,QAAA,OAAO,WAAA;AAAA,MACT;AAAA,IACF;AAAA,EACF;AAAA,EAEA,OAAe,kBAAA,CAAmB,IAAA,EAAc,UAAA,EAA4B;AAC1E,IAAA,OAAO,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI,UAAU,CAAA,CAAA;AAAA,EAC9B;AAAA,EAEQ,uBAAuB,MAAA,EAAgC;AAC7D,IAAA,OAAO;AAAA,MACL,MAAA,EAAQ,CAAA;AAAA,MACR,GAAG,IAAA,CAAK,SAAA,CAAU,MAAM;AAAA,KAC1B;AAAA,EACF;AACF;;;;"}
package/dist/oauth/createOAuthProviderFactory.cjs.js CHANGED
@@ -1,7 +1,7 @@
1
1
  'use strict';
2
2
 
3
3
  require('zod-to-json-schema');
4
- require('zod-validation-error');
4
+ require('zod-validation-error/v3');
5
5
  require('@backstage/errors');
6
6
  var readDeclarativeSignInResolver = require('../sign-in/readDeclarativeSignInResolver.cjs.js');
7
7
  require('../sign-in/commonSignInResolvers.cjs.js');
package/dist/proxy/createProxyAuthProviderFactory.cjs.js CHANGED
@@ -1,7 +1,7 @@
1
1
  'use strict';
2
2
 
3
3
  require('zod-to-json-schema');
4
- require('zod-validation-error');
4
+ require('zod-validation-error/v3');
5
5
  require('@backstage/errors');
6
6
  var readDeclarativeSignInResolver = require('../sign-in/readDeclarativeSignInResolver.cjs.js');
7
7
  require('../sign-in/commonSignInResolvers.cjs.js');
package/dist/sign-in/createSignInResolverFactory.cjs.js CHANGED
@@ -1,7 +1,7 @@
1
1
  'use strict';
2
2
 
3
3
  var zodToJsonSchema = require('zod-to-json-schema');
4
- var zodValidationError = require('zod-validation-error');
4
+ var v3 = require('zod-validation-error/v3');
5
5
  var errors = require('@backstage/errors');
6
6
 
7
7
  function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'default' in e ? e : { default: e }; }
@@ -24,7 +24,7 @@ function createSignInResolverFactory(options) {
24
24
  parsedOptions = optionsSchema.parse(resolverOptions);
25
25
  } catch (error) {
26
26
  throw new errors.InputError(
27
- `Invalid sign-in resolver options, ${zodValidationError.fromError(error)}`
27
+ `Invalid sign-in resolver options, ${v3.fromError(error)}`
28
28
  );
29
29
  }
30
30
  return options.create(parsedOptions);
package/dist/sign-in/createSignInResolverFactory.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"createSignInResolverFactory.cjs.js","sources":["../../src/sign-in/createSignInResolverFactory.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { ZodSchema, ZodTypeDef } from 'zod';\nimport { SignInResolver } from '../types';\nimport zodToJsonSchema from 'zod-to-json-schema';\nimport { JsonObject } from '@backstage/types';\nimport { fromError } from 'zod-validation-error';\nimport { InputError } from '@backstage/errors';\n\n/** @public */\nexport interface SignInResolverFactory<TAuthResult = any, TOptions = any> {\n (\n ...options: undefined extends TOptions\n ? [options?: TOptions]\n : [options: TOptions]\n ): SignInResolver<TAuthResult>;\n optionsJsonSchema?: JsonObject;\n}\n\n/** @public */\nexport interface SignInResolverFactoryOptions<\n TAuthResult,\n TOptionsOutput,\n TOptionsInput,\n> {\n optionsSchema?: ZodSchema<TOptionsOutput, ZodTypeDef, TOptionsInput>;\n create(options: TOptionsOutput): SignInResolver<TAuthResult>;\n}\n\n/** @public */\nexport function createSignInResolverFactory<\n TAuthResult,\n TOptionsOutput,\n TOptionsInput,\n>(\n options: SignInResolverFactoryOptions<\n TAuthResult,\n TOptionsOutput,\n TOptionsInput\n >,\n): SignInResolverFactory<TAuthResult, TOptionsInput> {\n const { optionsSchema } = options;\n if (!optionsSchema) {\n return (resolverOptions?: TOptionsInput) => {\n if (resolverOptions) {\n throw new InputError('sign-in resolver does not accept options');\n }\n return options.create(undefined as TOptionsOutput);\n };\n }\n const factory = (\n ...[resolverOptions]: undefined extends TOptionsInput\n ? [options?: TOptionsInput]\n : [options: TOptionsInput]\n ) => {\n let parsedOptions;\n try {\n parsedOptions = optionsSchema.parse(resolverOptions);\n } catch (error) {\n throw new InputError(\n `Invalid sign-in resolver options, ${fromError(error)}`,\n );\n }\n return options.create(parsedOptions);\n };\n\n factory.optionsJsonSchema = zodToJsonSchema(optionsSchema) as JsonObject;\n return factory;\n}\n"],"names":["InputError","fromError","zodToJsonSchema"],"mappings":";;;;;;;;;;AA4CO,SAAS,4BAKd,OAAA,EAKmD;AACnD,EAAA,MAAM,EAAE,eAAc,GAAI,OAAA;AAC1B,EAAA,IAAI,CAAC,aAAA,EAAe;AAClB,IAAA,OAAO,CAAC,eAAA,KAAoC;AAC1C,MAAA,IAAI,eAAA,EAAiB;AACnB,QAAA,MAAM,IAAIA,kBAAW,0CAA0C,CAAA;AAAA,MACjE;AACA,MAAA,OAAO,OAAA,CAAQ,OAAO,MAA2B,CAAA;AAAA,IACnD,CAAA;AAAA,EACF;AACA,EAAA,MAAM,OAAA,GAAU,CAAA,GACX,CAAC,eAAe,CAAA,KAGhB;AACH,IAAA,IAAI,aAAA;AACJ,IAAA,IAAI;AACF,MAAA,aAAA,GAAgB,aAAA,CAAc,MAAM,eAAe,CAAA;AAAA,IACrD,SAAS,KAAA,EAAO;AACd,MAAA,MAAM,IAAIA,iBAAA;AAAA,QACR,CAAA,kCAAA,EAAqCC,4BAAA,CAAU,KAAK,CAAC,CAAA;AAAA,OACvD;AAAA,IACF;AACA,IAAA,OAAO,OAAA,CAAQ,OAAO,aAAa,CAAA;AAAA,EACrC,CAAA;AAEA,EAAA,OAAA,CAAQ,iBAAA,GAAoBC,iCAAgB,aAAa,CAAA;AACzD,EAAA,OAAO,OAAA;AACT;;;;"}
1
+ {"version":3,"file":"createSignInResolverFactory.cjs.js","sources":["../../src/sign-in/createSignInResolverFactory.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { ZodSchema, ZodTypeDef } from 'zod';\nimport { SignInResolver } from '../types';\nimport zodToJsonSchema from 'zod-to-json-schema';\nimport { JsonObject } from '@backstage/types';\nimport { fromError } from 'zod-validation-error/v3';\nimport { InputError } from '@backstage/errors';\n\n/** @public */\nexport interface SignInResolverFactory<TAuthResult = any, TOptions = any> {\n (\n ...options: undefined extends TOptions\n ? [options?: TOptions]\n : [options: TOptions]\n ): SignInResolver<TAuthResult>;\n optionsJsonSchema?: JsonObject;\n}\n\n/** @public */\nexport interface SignInResolverFactoryOptions<\n TAuthResult,\n TOptionsOutput,\n TOptionsInput,\n> {\n optionsSchema?: ZodSchema<TOptionsOutput, ZodTypeDef, TOptionsInput>;\n create(options: TOptionsOutput): SignInResolver<TAuthResult>;\n}\n\n/** @public */\nexport function createSignInResolverFactory<\n TAuthResult,\n TOptionsOutput,\n TOptionsInput,\n>(\n options: SignInResolverFactoryOptions<\n TAuthResult,\n TOptionsOutput,\n TOptionsInput\n >,\n): SignInResolverFactory<TAuthResult, TOptionsInput> {\n const { optionsSchema } = options;\n if (!optionsSchema) {\n return (resolverOptions?: TOptionsInput) => {\n if (resolverOptions) {\n throw new InputError('sign-in resolver does not accept options');\n }\n return options.create(undefined as TOptionsOutput);\n };\n }\n const factory = (\n ...[resolverOptions]: undefined extends TOptionsInput\n ? [options?: TOptionsInput]\n : [options: TOptionsInput]\n ) => {\n let parsedOptions;\n try {\n parsedOptions = optionsSchema.parse(resolverOptions);\n } catch (error) {\n throw new InputError(\n `Invalid sign-in resolver options, ${fromError(error)}`,\n );\n }\n return options.create(parsedOptions);\n };\n\n factory.optionsJsonSchema = zodToJsonSchema(optionsSchema) as JsonObject;\n return factory;\n}\n"],"names":["InputError","fromError","zodToJsonSchema"],"mappings":";;;;;;;;;;AA4CO,SAAS,4BAKd,OAAA,EAKmD;AACnD,EAAA,MAAM,EAAE,eAAc,GAAI,OAAA;AAC1B,EAAA,IAAI,CAAC,aAAA,EAAe;AAClB,IAAA,OAAO,CAAC,eAAA,KAAoC;AAC1C,MAAA,IAAI,eAAA,EAAiB;AACnB,QAAA,MAAM,IAAIA,kBAAW,0CAA0C,CAAA;AAAA,MACjE;AACA,MAAA,OAAO,OAAA,CAAQ,OAAO,MAA2B,CAAA;AAAA,IACnD,CAAA;AAAA,EACF;AACA,EAAA,MAAM,OAAA,GAAU,CAAA,GACX,CAAC,eAAe,CAAA,KAGhB;AACH,IAAA,IAAI,aAAA;AACJ,IAAA,IAAI;AACF,MAAA,aAAA,GAAgB,aAAA,CAAc,MAAM,eAAe,CAAA;AAAA,IACrD,SAAS,KAAA,EAAO;AACd,MAAA,MAAM,IAAIA,iBAAA;AAAA,QACR,CAAA,kCAAA,EAAqCC,YAAA,CAAU,KAAK,CAAC,CAAA;AAAA,OACvD;AAAA,IACF;AACA,IAAA,OAAO,OAAA,CAAQ,OAAO,aAAa,CAAA;AAAA,EACrC,CAAA;AAEA,EAAA,OAAA,CAAQ,iBAAA,GAAoBC,iCAAgB,aAAa,CAAA;AACzD,EAAA,OAAO,OAAA;AACT;;;;"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@backstage/plugin-auth-node",
3
- "version": "0.6.10-next.1",
3
+ "version": "0.6.11",
4
4
  "backstage": {
5
5
  "role": "node-library",
6
6
  "pluginId": "auth",
@@ -38,12 +38,12 @@
38
38
  "test": "backstage-cli package test"
39
39
  },
40
40
  "dependencies": {
41
- "@backstage/backend-plugin-api": "1.6.0-next.1",
42
- "@backstage/catalog-client": "1.12.1",
43
- "@backstage/catalog-model": "1.7.6",
44
- "@backstage/config": "1.3.6",
45
- "@backstage/errors": "1.2.7",
46
- "@backstage/types": "1.2.2",
41
+ "@backstage/backend-plugin-api": "^1.6.1",
42
+ "@backstage/catalog-client": "^1.12.1",
43
+ "@backstage/catalog-model": "^1.7.6",
44
+ "@backstage/config": "^1.3.6",
45
+ "@backstage/errors": "^1.2.7",
46
+ "@backstage/types": "^1.2.2",
47
47
  "@types/express": "^4.17.6",
48
48
  "@types/passport": "^1.0.3",
49
49
  "express": "^4.22.0",
@@ -51,13 +51,13 @@
51
51
  "lodash": "^4.17.21",
52
52
  "passport": "^0.7.0",
53
53
  "zod": "^3.22.4",
54
- "zod-to-json-schema": "^3.21.4",
55
- "zod-validation-error": "^3.4.0"
54
+ "zod-to-json-schema": "^3.25.1",
55
+ "zod-validation-error": "^4.0.2"
56
56
  },
57
57
  "devDependencies": {
58
- "@backstage/backend-defaults": "0.14.0-next.1",
59
- "@backstage/backend-test-utils": "1.10.2-next.1",
60
- "@backstage/cli": "0.35.0-next.2",
58
+ "@backstage/backend-defaults": "^0.15.0",
59
+ "@backstage/backend-test-utils": "^1.10.3",
60
+ "@backstage/cli": "^0.35.2",
61
61
  "cookie-parser": "^1.4.6",
62
62
  "express-promise-router": "^4.1.1",
63
63
  "lodash": "^4.17.21",