@backstage/plugin-proxy-backend 0.6.9 → 0.6.10-next.0

package/CHANGELOG.md

@@ -1,5 +1,15 @@
 # @backstage/plugin-proxy-backend
 
+## 0.6.10-next.0
+
+### Patch Changes
+
+- 7455dae: Use node prefix on native imports
+- Updated dependencies
+  - @backstage/backend-plugin-api@1.7.0-next.0
+  - @backstage/plugin-proxy-node@0.1.12-next.0
+  - @backstage/types@1.2.2
+
 ## 0.6.9
 
 ### Patch Changes

package/dist/service/router.cjs.js.map

@@ -1 +1 @@
-{"version":3,"file":"router.cjs.js","sources":["../../src/service/router.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport type express from 'express';\nimport Router from 'express-promise-router';\nimport {\n  createProxyMiddleware,\n  fixRequestBody,\n  RequestHandler,\n} from 'http-proxy-middleware';\nimport http from 'http';\nimport { JsonObject } from '@backstage/types';\nimport {\n  DiscoveryService,\n  HttpRouterService,\n  LoggerService,\n  RootConfigService,\n} from '@backstage/backend-plugin-api';\nimport { ProxyConfig } from '@backstage/plugin-proxy-node/alpha';\n\n// A list of headers that are always forwarded to the proxy targets.\nconst safeForwardHeaders = [\n  // https://fetch.spec.whatwg.org/#cors-safelisted-request-header\n  'cache-control',\n  'content-language',\n  'content-length',\n  'content-type',\n  'expires',\n  'last-modified',\n  'pragma',\n\n  // host is overridden by default. if changeOrigin is configured to false,\n  // we assume this is a intentional and should also be forwarded.\n  'host',\n\n  // other headers that we assume to be ok\n  'accept',\n  'accept-language',\n  'user-agent',\n];\n\n/**\n * @internal\n */\nexport interface RouterOptions {\n  logger: LoggerService;\n  config: RootConfigService;\n  discovery: DiscoveryService;\n  httpRouterService: HttpRouterService;\n  additionalEndpoints?: ProxyConfig;\n}\n\n// Creates a proxy middleware, possibly with defaults added on top of the\n// given config.\nexport function buildMiddleware(\n  pathPrefix: string,\n  logger: LoggerService,\n  route: string,\n  config: string | ProxyConfig,\n  httpRouterService: HttpRouterService,\n  reviveConsumedRequestBodies?: boolean,\n): RequestHandler {\n  let fullConfig: ProxyConfig;\n  let credentialsPolicy: string;\n  if (typeof config === 'string') {\n    fullConfig = { target: config };\n    credentialsPolicy = 'require';\n  } else {\n    const { credentials, ...rest } = config;\n    fullConfig = rest;\n    credentialsPolicy = credentials ?? 'require';\n  }\n\n  const credentialsPolicyCandidates = [\n    'require',\n    'forward',\n    'dangerously-allow-unauthenticated',\n  ];\n  if (!credentialsPolicyCandidates.includes(credentialsPolicy)) {\n    const valid = credentialsPolicyCandidates.map(c => `'${c}'`).join(', ');\n    throw new Error(\n      `Unknown credentials policy '${credentialsPolicy}' for proxy route '${route}'; expected one of ${valid}`,\n    );\n  }\n\n  if (credentialsPolicy === 'dangerously-allow-unauthenticated') {\n    httpRouterService.addAuthPolicy({\n      path: route,\n      allow: 'unauthenticated',\n    });\n  }\n\n  // Validate that target is a valid URL.\n  const targetType = typeof fullConfig.target;\n  if (targetType !== 'string') {\n    throw new Error(\n      `Proxy target for route \"${route}\" must be a string, but is of type ${targetType}`,\n    );\n  }\n  try {\n    // eslint-disable-next-line no-new\n    new URL(fullConfig.target! as string);\n  } catch {\n    throw new Error(\n      `Proxy target is not a valid URL: ${fullConfig.target ?? ''}`,\n    );\n  }\n\n  // Default is to do a path rewrite that strips out the proxy's path prefix\n  // and the rest of the route.\n  if (fullConfig.pathRewrite === undefined) {\n    let routeWithSlash = route.endsWith('/') ? route : `${route}/`;\n\n    if (!pathPrefix.endsWith('/') && !routeWithSlash.startsWith('/')) {\n      // Need to insert a / between pathPrefix and routeWithSlash\n      routeWithSlash = `/${routeWithSlash}`;\n    } else if (pathPrefix.endsWith('/') && routeWithSlash.startsWith('/')) {\n      // Never expect this to happen at this point in time as\n      // pathPrefix is set using `getExternalBaseUrl` which \"Returns the\n      // external HTTP base backend URL for a given plugin,\n      // **without a trailing slash.**\". But in case this changes in future, we\n      // need to drop a / on either pathPrefix or routeWithSlash\n      routeWithSlash = routeWithSlash.substring(1);\n    }\n\n    // The ? makes the slash optional for the rewrite, so that a base path without an ending slash\n    // will also be matched (e.g. '/sample' and then requesting just '/api/proxy/sample' without an\n    // ending slash). Otherwise the target gets called with the full '/api/proxy/sample' path\n    // appended.\n    fullConfig.pathRewrite = {\n      [`^${pathPrefix}${routeWithSlash}?`]: '/',\n    };\n  }\n\n  // Default is to update the Host header to the target\n  if (fullConfig.changeOrigin === undefined) {\n    fullConfig.changeOrigin = true;\n  }\n\n  // Attach the logger to the proxy config\n  fullConfig.logProvider = () => ({\n    log: logger.info.bind(logger),\n    debug: logger.debug.bind(logger),\n    info: logger.info.bind(logger),\n    warn: logger.warn.bind(logger),\n    error: logger.error.bind(logger),\n  });\n  // http-proxy-middleware uses this log level to check if it should log the\n  // requests that it proxies. Setting this to the most verbose log level\n  // ensures that it always logs these requests. Our logger ends up deciding\n  // if the logs are displayed or not.\n  fullConfig.logLevel = 'debug';\n\n  // Only return the allowed HTTP headers to not forward unwanted secret headers\n  const requestHeaderAllowList = new Set<string>(\n    [\n      // allow all safe headers\n      ...safeForwardHeaders,\n\n      // allow all headers that are set by the proxy\n      ...((fullConfig.headers && Object.keys(fullConfig.headers)) || []),\n\n      // allow all configured headers\n      ...(fullConfig.allowedHeaders || []),\n    ].map(h => h.toLocaleLowerCase()),\n  );\n\n  if (credentialsPolicy === 'forward') {\n    requestHeaderAllowList.add('authorization');\n  }\n\n  // Use the custom middleware filter to do two things:\n  //  1. Remove any headers not in the allow list to stop them being forwarded\n  //  2. Only permit the allowed HTTP methods if configured\n  //\n  // We are filtering the proxy request headers here rather than in\n  // `onProxyReq` because when global-agent is enabled then `onProxyReq`\n  // fires _after_ the agent has already sent the headers to the proxy\n  // target, causing a ERR_HTTP_HEADERS_SENT crash\n  const filter = (_pathname: string, req: http.IncomingMessage): boolean => {\n    const headerNames = Object.keys(req.headers);\n    headerNames.forEach(h => {\n      if (!requestHeaderAllowList.has(h.toLocaleLowerCase())) {\n        delete req.headers[h];\n      }\n    });\n\n    return fullConfig?.allowedMethods?.includes(req.method!) ?? true;\n  };\n  // Makes http-proxy-middleware logs look nicer and include the mount path\n  filter.toString = () => route;\n\n  // Only forward the allowed HTTP headers to not forward unwanted secret headers\n  const responseHeaderAllowList = new Set<string>(\n    [\n      // allow all safe headers\n      ...safeForwardHeaders,\n\n      // allow all configured headers\n      ...(fullConfig.allowedHeaders || []),\n    ].map(h => h.toLocaleLowerCase()),\n  );\n\n  fullConfig.onProxyRes = (\n    proxyRes: http.IncomingMessage,\n    _,\n    res: express.Response,\n  ) => {\n    // only forward the allowed headers in backend->client\n    const headerNames = Object.keys(proxyRes.headers);\n\n    headerNames.forEach(h => {\n      if (!responseHeaderAllowList.has(h.toLocaleLowerCase())) {\n        delete proxyRes.headers[h];\n      }\n    });\n\n    // handle SSE connections closed by the backend\n    // https://github.com/chimurai/http-proxy-middleware/discussions/765\n    proxyRes.on('close', () => {\n      if (!res.writableEnded) {\n        res.end();\n      }\n    });\n  };\n\n  if (reviveConsumedRequestBodies) {\n    fullConfig.onProxyReq = fixRequestBody;\n  }\n\n  return createProxyMiddleware(filter, fullConfig);\n}\n\nfunction readProxyConfig(\n  config: RootConfigService,\n  logger: LoggerService,\n): JsonObject {\n  const endpoints = config\n    .getOptionalConfig('proxy.endpoints')\n    ?.get<JsonObject>();\n  if (endpoints) {\n    return endpoints;\n  }\n\n  const root = config.getOptionalConfig('proxy')?.get<JsonObject>();\n  if (!root) {\n    return {};\n  }\n\n  const rootEndpoints = Object.fromEntries(\n    Object.entries(root).filter(([key]) => key.startsWith('/')),\n  );\n  if (Object.keys(rootEndpoints).length === 0) {\n    return {};\n  }\n\n  logger.warn(\n    \"Configuring proxy endpoints in the root 'proxy' configuration is deprecated. Move this configuration to 'proxy.endpoints' instead.\",\n  );\n\n  return rootEndpoints;\n}\n\n/** @internal */\nexport async function createRouter(\n  options: RouterOptions,\n): Promise<express.Router> {\n  const router = Router();\n  let currentRouter = Router();\n\n  const skipInvalidProxies =\n    options.config.getOptionalBoolean('proxy.skipInvalidProxies') ?? false;\n  const reviveConsumedRequestBodies =\n    options.config.getOptionalBoolean('proxy.reviveConsumedRequestBodies') ??\n    false;\n  const proxyOptions = {\n    skipInvalidProxies,\n    reviveConsumedRequestBodies,\n    logger: options.logger,\n  };\n\n  const pathPrefix = '/api/proxy';\n\n  const proxyConfig: ProxyConfig = {\n    ...(options.additionalEndpoints ?? {}),\n    ...readProxyConfig(options.config, options.logger),\n  };\n\n  configureMiddlewares(\n    proxyOptions,\n    currentRouter,\n    pathPrefix,\n    proxyConfig,\n    options.httpRouterService,\n  );\n  router.use((...args) => currentRouter(...args));\n\n  if (options.config.subscribe) {\n    let currentKey = JSON.stringify(proxyConfig);\n\n    options.config.subscribe(() => {\n      const newProxyConfig = readProxyConfig(options.config, options.logger);\n      const newKey = JSON.stringify(newProxyConfig);\n\n      if (currentKey !== newKey) {\n        currentKey = newKey;\n        currentRouter = Router();\n        configureMiddlewares(\n          proxyOptions,\n          currentRouter,\n          pathPrefix,\n          newProxyConfig,\n          options.httpRouterService,\n        );\n      }\n    });\n  }\n\n  options.httpRouterService.use(router);\n  return router;\n}\n\nfunction configureMiddlewares(\n  options: {\n    reviveConsumedRequestBodies: boolean;\n    skipInvalidProxies: boolean;\n    logger: LoggerService;\n  },\n  router: express.Router,\n  pathPrefix: string,\n  proxyConfig: ProxyConfig,\n  httpRouterService: HttpRouterService,\n) {\n  Object.entries(proxyConfig).forEach(([route, proxyRouteConfig]) => {\n    try {\n      router.use(\n        route,\n        buildMiddleware(\n          pathPrefix,\n          options.logger,\n          route,\n          proxyRouteConfig,\n          httpRouterService,\n          options.reviveConsumedRequestBodies,\n        ),\n      );\n    } catch (e) {\n      if (options.skipInvalidProxies) {\n        options.logger.warn(`skipped configuring ${route} due to ${e.message}`);\n      } else {\n        throw e;\n      }\n    }\n  });\n}\n"],"names":["fixRequestBody","createProxyMiddleware","Router"],"mappings":";;;;;;;;;AAkCA,MAAM,kBAAA,GAAqB;AAAA;AAAA,EAEzB,eAAA;AAAA,EACA,kBAAA;AAAA,EACA,gBAAA;AAAA,EACA,cAAA;AAAA,EACA,SAAA;AAAA,EACA,eAAA;AAAA,EACA,QAAA;AAAA;AAAA;AAAA,EAIA,MAAA;AAAA;AAAA,EAGA,QAAA;AAAA,EACA,iBAAA;AAAA,EACA;AACF,CAAA;AAeO,SAAS,gBACd,UAAA,EACA,MAAA,EACA,KAAA,EACA,MAAA,EACA,mBACA,2BAAA,EACgB;AAChB,EAAA,IAAI,UAAA;AACJ,EAAA,IAAI,iBAAA;AACJ,EAAA,IAAI,OAAO,WAAW,QAAA,EAAU;AAC9B,IAAA,UAAA,GAAa,EAAE,QAAQ,MAAA,EAAO;AAC9B,IAAA,iBAAA,GAAoB,SAAA;AAAA,EACtB,CAAA,MAAO;AACL,IAAA,MAAM,EAAE,WAAA,EAAa,GAAG,IAAA,EAAK,GAAI,MAAA;AACjC,IAAA,UAAA,GAAa,IAAA;AACb,IAAA,iBAAA,GAAoB,WAAA,IAAe,SAAA;AAAA,EACrC;AAEA,EAAA,MAAM,2BAAA,GAA8B;AAAA,IAClC,SAAA;AAAA,IACA,SAAA;AAAA,IACA;AAAA,GACF;AACA,EAAA,IAAI,CAAC,2BAAA,CAA4B,QAAA,CAAS,iBAAiB,CAAA,EAAG;AAC5D,IAAA,MAAM,KAAA,GAAQ,4BAA4B,GAAA,CAAI,CAAA,CAAA,KAAK,IAAI,CAAC,CAAA,CAAA,CAAG,CAAA,CAAE,IAAA,CAAK,IAAI,CAAA;AACtE,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,4BAAA,EAA+B,iBAAiB,CAAA,mBAAA,EAAsB,KAAK,sBAAsB,KAAK,CAAA;AAAA,KACxG;AAAA,EACF;AAEA,EAAA,IAAI,sBAAsB,mCAAA,EAAqC;AAC7D,IAAA,iBAAA,CAAkB,aAAA,CAAc;AAAA,MAC9B,IAAA,EAAM,KAAA;AAAA,MACN,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,EACH;AAGA,EAAA,MAAM,UAAA,GAAa,OAAO,UAAA,CAAW,MAAA;AACrC,EAAA,IAAI,eAAe,QAAA,EAAU;AAC3B,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,wBAAA,EAA2B,KAAK,CAAA,mCAAA,EAAsC,UAAU,CAAA;AAAA,KAClF;AAAA,EACF;AACA,EAAA,IAAI;AAEF,IAAA,IAAI,GAAA,CAAI,WAAW,MAAiB,CAAA;AAAA,EACtC,CAAA,CAAA,MAAQ;AACN,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,iCAAA,EAAoC,UAAA,CAAW,MAAA,IAAU,EAAE,CAAA;AAAA,KAC7D;AAAA,EACF;AAIA,EAAA,IAAI,UAAA,CAAW,gBAAgB,MAAA,EAAW;AACxC,IAAA,IAAI,iBAAiB,KAAA,CAAM,QAAA,CAAS,GAAG,CAAA,GAAI,KAAA,GAAQ,GAAG,KAAK,CAAA,CAAA,CAAA;AAE3D,IAAA,IAAI,CAAC,WAAW,QAAA,CAAS,GAAG,KAAK,CAAC,cAAA,CAAe,UAAA,CAAW,GAAG,CAAA,EAAG;AAEhE,MAAA,cAAA,GAAiB,IAAI,cAAc,CAAA,CAAA;AAAA,IACrC,CAAA,MAAA,IAAW,WAAW,QAAA,CAAS,GAAG,KAAK,cAAA,CAAe,UAAA,CAAW,GAAG,CAAA,EAAG;AAMrE,MAAA,cAAA,GAAiB,cAAA,CAAe,UAAU,CAAC,CAAA;AAAA,IAC7C;AAMA,IAAA,UAAA,CAAW,WAAA,GAAc;AAAA,MACvB,CAAC,CAAA,CAAA,EAAI,UAAU,CAAA,EAAG,cAAc,GAAG,GAAG;AAAA,KACxC;AAAA,EACF;AAGA,EAAA,IAAI,UAAA,CAAW,iBAAiB,MAAA,EAAW;AACzC,IAAA,UAAA,CAAW,YAAA,GAAe,IAAA;AAAA,EAC5B;AAGA,EAAA,UAAA,CAAW,cAAc,OAAO;AAAA,IAC9B,GAAA,EAAK,MAAA,CAAO,IAAA,CAAK,IAAA,CAAK,MAAM,CAAA;AAAA,IAC5B,KAAA,EAAO,MAAA,CAAO,KAAA,CAAM,IAAA,CAAK,MAAM,CAAA;AAAA,IAC/B,IAAA,EAAM,MAAA,CAAO,IAAA,CAAK,IAAA,CAAK,MAAM,CAAA;AAAA,IAC7B,IAAA,EAAM,MAAA,CAAO,IAAA,CAAK,IAAA,CAAK,MAAM,CAAA;AAAA,IAC7B,KAAA,EAAO,MAAA,CAAO,KAAA,CAAM,IAAA,CAAK,MAAM;AAAA,GACjC,CAAA;AAKA,EAAA,UAAA,CAAW,QAAA,GAAW,OAAA;AAGtB,EAAA,MAAM,yBAAyB,IAAI,GAAA;AAAA,IACjC;AAAA;AAAA,MAEE,GAAG,kBAAA;AAAA;AAAA,MAGH,GAAK,WAAW,OAAA,IAAW,MAAA,CAAO,KAAK,UAAA,CAAW,OAAO,KAAM,EAAC;AAAA;AAAA,MAGhE,GAAI,UAAA,CAAW,cAAA,IAAkB;AAAC,KACpC,CAAE,GAAA,CAAI,CAAA,CAAA,KAAK,CAAA,CAAE,mBAAmB;AAAA,GAClC;AAEA,EAAA,IAAI,sBAAsB,SAAA,EAAW;AACnC,IAAA,sBAAA,CAAuB,IAAI,eAAe,CAAA;AAAA,EAC5C;AAUA,EAAA,MAAM,MAAA,GAAS,CAAC,SAAA,EAAmB,GAAA,KAAuC;AACxE,IAAA,MAAM,WAAA,GAAc,MAAA,CAAO,IAAA,CAAK,GAAA,CAAI,OAAO,CAAA;AAC3C,IAAA,WAAA,CAAY,QAAQ,CAAA,CAAA,KAAK;AACvB,MAAA,IAAI,CAAC,sBAAA,CAAuB,GAAA,CAAI,CAAA,CAAE,iBAAA,EAAmB,CAAA,EAAG;AACtD,QAAA,OAAO,GAAA,CAAI,QAAQ,CAAC,CAAA;AAAA,MACtB;AAAA,IACF,CAAC,CAAA;AAED,IAAA,OAAO,UAAA,EAAY,cAAA,EAAgB,QAAA,CAAS,GAAA,CAAI,MAAO,CAAA,IAAK,IAAA;AAAA,EAC9D,CAAA;AAEA,EAAA,MAAA,CAAO,WAAW,MAAM,KAAA;AAGxB,EAAA,MAAM,0BAA0B,IAAI,GAAA;AAAA,IAClC;AAAA;AAAA,MAEE,GAAG,kBAAA;AAAA;AAAA,MAGH,GAAI,UAAA,CAAW,cAAA,IAAkB;AAAC,KACpC,CAAE,GAAA,CAAI,CAAA,CAAA,KAAK,CAAA,CAAE,mBAAmB;AAAA,GAClC;AAEA,EAAA,UAAA,CAAW,UAAA,GAAa,CACtB,QAAA,EACA,CAAA,EACA,GAAA,KACG;AAEH,IAAA,MAAM,WAAA,GAAc,MAAA,CAAO,IAAA,CAAK,QAAA,CAAS,OAAO,CAAA;AAEhD,IAAA,WAAA,CAAY,QAAQ,CAAA,CAAA,KAAK;AACvB,MAAA,IAAI,CAAC,uBAAA,CAAwB,GAAA,CAAI,CAAA,CAAE,iBAAA,EAAmB,CAAA,EAAG;AACvD,QAAA,OAAO,QAAA,CAAS,QAAQ,CAAC,CAAA;AAAA,MAC3B;AAAA,IACF,CAAC,CAAA;AAID,IAAA,QAAA,CAAS,EAAA,CAAG,SAAS,MAAM;AACzB,MAAA,IAAI,CAAC,IAAI,aAAA,EAAe;AACtB,QAAA,GAAA,CAAI,GAAA,EAAI;AAAA,MACV;AAAA,IACF,CAAC,CAAA;AAAA,EACH,CAAA;AAEA,EAAA,IAAI,2BAAA,EAA6B;AAC/B,IAAA,UAAA,CAAW,UAAA,GAAaA,kCAAA;AAAA,EAC1B;AAEA,EAAA,OAAOC,yCAAA,CAAsB,QAAQ,UAAU,CAAA;AACjD;AAEA,SAAS,eAAA,CACP,QACA,MAAA,EACY;AACZ,EAAA,MAAM,SAAA,GAAY,MAAA,CACf,iBAAA,CAAkB,iBAAiB,GAClC,GAAA,EAAgB;AACpB,EAAA,IAAI,SAAA,EAAW;AACb,IAAA,OAAO,SAAA;AAAA,EACT;AAEA,EAAA,MAAM,IAAA,GAAO,MAAA,CAAO,iBAAA,CAAkB,OAAO,GAAG,GAAA,EAAgB;AAChE,EAAA,IAAI,CAAC,IAAA,EAAM;AACT,IAAA,OAAO,EAAC;AAAA,EACV;AAEA,EAAA,MAAM,gBAAgB,MAAA,CAAO,WAAA;AAAA,IAC3B,MAAA,CAAO,OAAA,CAAQ,IAAI,CAAA,CAAE,MAAA,CAAO,CAAC,CAAC,GAAG,CAAA,KAAM,GAAA,CAAI,UAAA,CAAW,GAAG,CAAC;AAAA,GAC5D;AACA,EAAA,IAAI,MAAA,CAAO,IAAA,CAAK,aAAa,CAAA,CAAE,WAAW,CAAA,EAAG;AAC3C,IAAA,OAAO,EAAC;AAAA,EACV;AAEA,EAAA,MAAA,CAAO,IAAA;AAAA,IACL;AAAA,GACF;AAEA,EAAA,OAAO,aAAA;AACT;AAGA,eAAsB,aACpB,OAAA,EACyB;AACzB,EAAA,MAAM,SAASC,uBAAA,EAAO;AACtB,EAAA,IAAI,gBAAgBA,uBAAA,EAAO;AAE3B,EAAA,MAAM,kBAAA,GACJ,OAAA,CAAQ,MAAA,CAAO,kBAAA,CAAmB,0BAA0B,CAAA,IAAK,KAAA;AACnE,EAAA,MAAM,2BAAA,GACJ,OAAA,CAAQ,MAAA,CAAO,kBAAA,CAAmB,mCAAmC,CAAA,IACrE,KAAA;AACF,EAAA,MAAM,YAAA,GAAe;AAAA,IACnB,kBAAA;AAAA,IACA,2BAAA;AAAA,IACA,QAAQ,OAAA,CAAQ;AAAA,GAClB;AAEA,EAAA,MAAM,UAAA,GAAa,YAAA;AAEnB,EAAA,MAAM,WAAA,GAA2B;AAAA,IAC/B,GAAI,OAAA,CAAQ,mBAAA,IAAuB,EAAC;AAAA,IACpC,GAAG,eAAA,CAAgB,OAAA,CAAQ,MAAA,EAAQ,QAAQ,MAAM;AAAA,GACnD;AAEA,EAAA,oBAAA;AAAA,IACE,YAAA;AAAA,IACA,aAAA;AAAA,IACA,UAAA;AAAA,IACA,WAAA;AAAA,IACA,OAAA,CAAQ;AAAA,GACV;AACA,EAAA,MAAA,CAAO,IAAI,CAAA,GAAI,IAAA,KAAS,aAAA,CAAc,GAAG,IAAI,CAAC,CAAA;AAE9C,EAAA,IAAI,OAAA,CAAQ,OAAO,SAAA,EAAW;AAC5B,IAAA,IAAI,UAAA,GAAa,IAAA,CAAK,SAAA,CAAU,WAAW,CAAA;AAE3C,IAAA,OAAA,CAAQ,MAAA,CAAO,UAAU,MAAM;AAC7B,MAAA,MAAM,cAAA,GAAiB,eAAA,CAAgB,OAAA,CAAQ,MAAA,EAAQ,QAAQ,MAAM,CAAA;AACrE,MAAA,MAAM,MAAA,GAAS,IAAA,CAAK,SAAA,CAAU,cAAc,CAAA;AAE5C,MAAA,IAAI,eAAe,MAAA,EAAQ;AACzB,QAAA,UAAA,GAAa,MAAA;AACb,QAAA,aAAA,GAAgBA,uBAAA,EAAO;AACvB,QAAA,oBAAA;AAAA,UACE,YAAA;AAAA,UACA,aAAA;AAAA,UACA,UAAA;AAAA,UACA,cAAA;AAAA,UACA,OAAA,CAAQ;AAAA,SACV;AAAA,MACF;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AAEA,EAAA,OAAA,CAAQ,iBAAA,CAAkB,IAAI,MAAM,CAAA;AACpC,EAAA,OAAO,MAAA;AACT;AAEA,SAAS,oBAAA,CACP,OAAA,EAKA,MAAA,EACA,UAAA,EACA,aACA,iBAAA,EACA;AACA,EAAA,MAAA,CAAO,OAAA,CAAQ,WAAW,CAAA,CAAE,OAAA,CAAQ,CAAC,CAAC,KAAA,EAAO,gBAAgB,CAAA,KAAM;AACjE,IAAA,IAAI;AACF,MAAA,MAAA,CAAO,GAAA;AAAA,QACL,KAAA;AAAA,QACA,eAAA;AAAA,UACE,UAAA;AAAA,UACA,OAAA,CAAQ,MAAA;AAAA,UACR,KAAA;AAAA,UACA,gBAAA;AAAA,UACA,iBAAA;AAAA,UACA,OAAA,CAAQ;AAAA;AACV,OACF;AAAA,IACF,SAAS,CAAA,EAAG;AACV,MAAA,IAAI,QAAQ,kBAAA,EAAoB;AAC9B,QAAA,OAAA,CAAQ,OAAO,IAAA,CAAK,CAAA,oBAAA,EAAuB,KAAK,CAAA,QAAA,EAAW,CAAA,CAAE,OAAO,CAAA,CAAE,CAAA;AAAA,MACxE,CAAA,MAAO;AACL,QAAA,MAAM,CAAA;AAAA,MACR;AAAA,IACF;AAAA,EACF,CAAC,CAAA;AACH;;;;;"}
+{"version":3,"file":"router.cjs.js","sources":["../../src/service/router.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport type express from 'express';\nimport Router from 'express-promise-router';\nimport {\n  createProxyMiddleware,\n  fixRequestBody,\n  RequestHandler,\n} from 'http-proxy-middleware';\nimport http from 'node:http';\nimport { JsonObject } from '@backstage/types';\nimport {\n  DiscoveryService,\n  HttpRouterService,\n  LoggerService,\n  RootConfigService,\n} from '@backstage/backend-plugin-api';\nimport { ProxyConfig } from '@backstage/plugin-proxy-node/alpha';\n\n// A list of headers that are always forwarded to the proxy targets.\nconst safeForwardHeaders = [\n  // https://fetch.spec.whatwg.org/#cors-safelisted-request-header\n  'cache-control',\n  'content-language',\n  'content-length',\n  'content-type',\n  'expires',\n  'last-modified',\n  'pragma',\n\n  // host is overridden by default. if changeOrigin is configured to false,\n  // we assume this is a intentional and should also be forwarded.\n  'host',\n\n  // other headers that we assume to be ok\n  'accept',\n  'accept-language',\n  'user-agent',\n];\n\n/**\n * @internal\n */\nexport interface RouterOptions {\n  logger: LoggerService;\n  config: RootConfigService;\n  discovery: DiscoveryService;\n  httpRouterService: HttpRouterService;\n  additionalEndpoints?: ProxyConfig;\n}\n\n// Creates a proxy middleware, possibly with defaults added on top of the\n// given config.\nexport function buildMiddleware(\n  pathPrefix: string,\n  logger: LoggerService,\n  route: string,\n  config: string | ProxyConfig,\n  httpRouterService: HttpRouterService,\n  reviveConsumedRequestBodies?: boolean,\n): RequestHandler {\n  let fullConfig: ProxyConfig;\n  let credentialsPolicy: string;\n  if (typeof config === 'string') {\n    fullConfig = { target: config };\n    credentialsPolicy = 'require';\n  } else {\n    const { credentials, ...rest } = config;\n    fullConfig = rest;\n    credentialsPolicy = credentials ?? 'require';\n  }\n\n  const credentialsPolicyCandidates = [\n    'require',\n    'forward',\n    'dangerously-allow-unauthenticated',\n  ];\n  if (!credentialsPolicyCandidates.includes(credentialsPolicy)) {\n    const valid = credentialsPolicyCandidates.map(c => `'${c}'`).join(', ');\n    throw new Error(\n      `Unknown credentials policy '${credentialsPolicy}' for proxy route '${route}'; expected one of ${valid}`,\n    );\n  }\n\n  if (credentialsPolicy === 'dangerously-allow-unauthenticated') {\n    httpRouterService.addAuthPolicy({\n      path: route,\n      allow: 'unauthenticated',\n    });\n  }\n\n  // Validate that target is a valid URL.\n  const targetType = typeof fullConfig.target;\n  if (targetType !== 'string') {\n    throw new Error(\n      `Proxy target for route \"${route}\" must be a string, but is of type ${targetType}`,\n    );\n  }\n  try {\n    // eslint-disable-next-line no-new\n    new URL(fullConfig.target! as string);\n  } catch {\n    throw new Error(\n      `Proxy target is not a valid URL: ${fullConfig.target ?? ''}`,\n    );\n  }\n\n  // Default is to do a path rewrite that strips out the proxy's path prefix\n  // and the rest of the route.\n  if (fullConfig.pathRewrite === undefined) {\n    let routeWithSlash = route.endsWith('/') ? route : `${route}/`;\n\n    if (!pathPrefix.endsWith('/') && !routeWithSlash.startsWith('/')) {\n      // Need to insert a / between pathPrefix and routeWithSlash\n      routeWithSlash = `/${routeWithSlash}`;\n    } else if (pathPrefix.endsWith('/') && routeWithSlash.startsWith('/')) {\n      // Never expect this to happen at this point in time as\n      // pathPrefix is set using `getExternalBaseUrl` which \"Returns the\n      // external HTTP base backend URL for a given plugin,\n      // **without a trailing slash.**\". But in case this changes in future, we\n      // need to drop a / on either pathPrefix or routeWithSlash\n      routeWithSlash = routeWithSlash.substring(1);\n    }\n\n    // The ? makes the slash optional for the rewrite, so that a base path without an ending slash\n    // will also be matched (e.g. '/sample' and then requesting just '/api/proxy/sample' without an\n    // ending slash). Otherwise the target gets called with the full '/api/proxy/sample' path\n    // appended.\n    fullConfig.pathRewrite = {\n      [`^${pathPrefix}${routeWithSlash}?`]: '/',\n    };\n  }\n\n  // Default is to update the Host header to the target\n  if (fullConfig.changeOrigin === undefined) {\n    fullConfig.changeOrigin = true;\n  }\n\n  // Attach the logger to the proxy config\n  fullConfig.logProvider = () => ({\n    log: logger.info.bind(logger),\n    debug: logger.debug.bind(logger),\n    info: logger.info.bind(logger),\n    warn: logger.warn.bind(logger),\n    error: logger.error.bind(logger),\n  });\n  // http-proxy-middleware uses this log level to check if it should log the\n  // requests that it proxies. Setting this to the most verbose log level\n  // ensures that it always logs these requests. Our logger ends up deciding\n  // if the logs are displayed or not.\n  fullConfig.logLevel = 'debug';\n\n  // Only return the allowed HTTP headers to not forward unwanted secret headers\n  const requestHeaderAllowList = new Set<string>(\n    [\n      // allow all safe headers\n      ...safeForwardHeaders,\n\n      // allow all headers that are set by the proxy\n      ...((fullConfig.headers && Object.keys(fullConfig.headers)) || []),\n\n      // allow all configured headers\n      ...(fullConfig.allowedHeaders || []),\n    ].map(h => h.toLocaleLowerCase()),\n  );\n\n  if (credentialsPolicy === 'forward') {\n    requestHeaderAllowList.add('authorization');\n  }\n\n  // Use the custom middleware filter to do two things:\n  //  1. Remove any headers not in the allow list to stop them being forwarded\n  //  2. Only permit the allowed HTTP methods if configured\n  //\n  // We are filtering the proxy request headers here rather than in\n  // `onProxyReq` because when global-agent is enabled then `onProxyReq`\n  // fires _after_ the agent has already sent the headers to the proxy\n  // target, causing a ERR_HTTP_HEADERS_SENT crash\n  const filter = (_pathname: string, req: http.IncomingMessage): boolean => {\n    const headerNames = Object.keys(req.headers);\n    headerNames.forEach(h => {\n      if (!requestHeaderAllowList.has(h.toLocaleLowerCase())) {\n        delete req.headers[h];\n      }\n    });\n\n    return fullConfig?.allowedMethods?.includes(req.method!) ?? true;\n  };\n  // Makes http-proxy-middleware logs look nicer and include the mount path\n  filter.toString = () => route;\n\n  // Only forward the allowed HTTP headers to not forward unwanted secret headers\n  const responseHeaderAllowList = new Set<string>(\n    [\n      // allow all safe headers\n      ...safeForwardHeaders,\n\n      // allow all configured headers\n      ...(fullConfig.allowedHeaders || []),\n    ].map(h => h.toLocaleLowerCase()),\n  );\n\n  fullConfig.onProxyRes = (\n    proxyRes: http.IncomingMessage,\n    _,\n    res: express.Response,\n  ) => {\n    // only forward the allowed headers in backend->client\n    const headerNames = Object.keys(proxyRes.headers);\n\n    headerNames.forEach(h => {\n      if (!responseHeaderAllowList.has(h.toLocaleLowerCase())) {\n        delete proxyRes.headers[h];\n      }\n    });\n\n    // handle SSE connections closed by the backend\n    // https://github.com/chimurai/http-proxy-middleware/discussions/765\n    proxyRes.on('close', () => {\n      if (!res.writableEnded) {\n        res.end();\n      }\n    });\n  };\n\n  if (reviveConsumedRequestBodies) {\n    fullConfig.onProxyReq = fixRequestBody;\n  }\n\n  return createProxyMiddleware(filter, fullConfig);\n}\n\nfunction readProxyConfig(\n  config: RootConfigService,\n  logger: LoggerService,\n): JsonObject {\n  const endpoints = config\n    .getOptionalConfig('proxy.endpoints')\n    ?.get<JsonObject>();\n  if (endpoints) {\n    return endpoints;\n  }\n\n  const root = config.getOptionalConfig('proxy')?.get<JsonObject>();\n  if (!root) {\n    return {};\n  }\n\n  const rootEndpoints = Object.fromEntries(\n    Object.entries(root).filter(([key]) => key.startsWith('/')),\n  );\n  if (Object.keys(rootEndpoints).length === 0) {\n    return {};\n  }\n\n  logger.warn(\n    \"Configuring proxy endpoints in the root 'proxy' configuration is deprecated. Move this configuration to 'proxy.endpoints' instead.\",\n  );\n\n  return rootEndpoints;\n}\n\n/** @internal */\nexport async function createRouter(\n  options: RouterOptions,\n): Promise<express.Router> {\n  const router = Router();\n  let currentRouter = Router();\n\n  const skipInvalidProxies =\n    options.config.getOptionalBoolean('proxy.skipInvalidProxies') ?? false;\n  const reviveConsumedRequestBodies =\n    options.config.getOptionalBoolean('proxy.reviveConsumedRequestBodies') ??\n    false;\n  const proxyOptions = {\n    skipInvalidProxies,\n    reviveConsumedRequestBodies,\n    logger: options.logger,\n  };\n\n  const pathPrefix = '/api/proxy';\n\n  const proxyConfig: ProxyConfig = {\n    ...(options.additionalEndpoints ?? {}),\n    ...readProxyConfig(options.config, options.logger),\n  };\n\n  configureMiddlewares(\n    proxyOptions,\n    currentRouter,\n    pathPrefix,\n    proxyConfig,\n    options.httpRouterService,\n  );\n  router.use((...args) => currentRouter(...args));\n\n  if (options.config.subscribe) {\n    let currentKey = JSON.stringify(proxyConfig);\n\n    options.config.subscribe(() => {\n      const newProxyConfig = readProxyConfig(options.config, options.logger);\n      const newKey = JSON.stringify(newProxyConfig);\n\n      if (currentKey !== newKey) {\n        currentKey = newKey;\n        currentRouter = Router();\n        configureMiddlewares(\n          proxyOptions,\n          currentRouter,\n          pathPrefix,\n          newProxyConfig,\n          options.httpRouterService,\n        );\n      }\n    });\n  }\n\n  options.httpRouterService.use(router);\n  return router;\n}\n\nfunction configureMiddlewares(\n  options: {\n    reviveConsumedRequestBodies: boolean;\n    skipInvalidProxies: boolean;\n    logger: LoggerService;\n  },\n  router: express.Router,\n  pathPrefix: string,\n  proxyConfig: ProxyConfig,\n  httpRouterService: HttpRouterService,\n) {\n  Object.entries(proxyConfig).forEach(([route, proxyRouteConfig]) => {\n    try {\n      router.use(\n        route,\n        buildMiddleware(\n          pathPrefix,\n          options.logger,\n          route,\n          proxyRouteConfig,\n          httpRouterService,\n          options.reviveConsumedRequestBodies,\n        ),\n      );\n    } catch (e) {\n      if (options.skipInvalidProxies) {\n        options.logger.warn(`skipped configuring ${route} due to ${e.message}`);\n      } else {\n        throw e;\n      }\n    }\n  });\n}\n"],"names":["fixRequestBody","createProxyMiddleware","Router"],"mappings":";;;;;;;;;AAkCA,MAAM,kBAAA,GAAqB;AAAA;AAAA,EAEzB,eAAA;AAAA,EACA,kBAAA;AAAA,EACA,gBAAA;AAAA,EACA,cAAA;AAAA,EACA,SAAA;AAAA,EACA,eAAA;AAAA,EACA,QAAA;AAAA;AAAA;AAAA,EAIA,MAAA;AAAA;AAAA,EAGA,QAAA;AAAA,EACA,iBAAA;AAAA,EACA;AACF,CAAA;AAeO,SAAS,gBACd,UAAA,EACA,MAAA,EACA,KAAA,EACA,MAAA,EACA,mBACA,2BAAA,EACgB;AAChB,EAAA,IAAI,UAAA;AACJ,EAAA,IAAI,iBAAA;AACJ,EAAA,IAAI,OAAO,WAAW,QAAA,EAAU;AAC9B,IAAA,UAAA,GAAa,EAAE,QAAQ,MAAA,EAAO;AAC9B,IAAA,iBAAA,GAAoB,SAAA;AAAA,EACtB,CAAA,MAAO;AACL,IAAA,MAAM,EAAE,WAAA,EAAa,GAAG,IAAA,EAAK,GAAI,MAAA;AACjC,IAAA,UAAA,GAAa,IAAA;AACb,IAAA,iBAAA,GAAoB,WAAA,IAAe,SAAA;AAAA,EACrC;AAEA,EAAA,MAAM,2BAAA,GAA8B;AAAA,IAClC,SAAA;AAAA,IACA,SAAA;AAAA,IACA;AAAA,GACF;AACA,EAAA,IAAI,CAAC,2BAAA,CAA4B,QAAA,CAAS,iBAAiB,CAAA,EAAG;AAC5D,IAAA,MAAM,KAAA,GAAQ,4BAA4B,GAAA,CAAI,CAAA,CAAA,KAAK,IAAI,CAAC,CAAA,CAAA,CAAG,CAAA,CAAE,IAAA,CAAK,IAAI,CAAA;AACtE,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,4BAAA,EAA+B,iBAAiB,CAAA,mBAAA,EAAsB,KAAK,sBAAsB,KAAK,CAAA;AAAA,KACxG;AAAA,EACF;AAEA,EAAA,IAAI,sBAAsB,mCAAA,EAAqC;AAC7D,IAAA,iBAAA,CAAkB,aAAA,CAAc;AAAA,MAC9B,IAAA,EAAM,KAAA;AAAA,MACN,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,EACH;AAGA,EAAA,MAAM,UAAA,GAAa,OAAO,UAAA,CAAW,MAAA;AACrC,EAAA,IAAI,eAAe,QAAA,EAAU;AAC3B,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,wBAAA,EAA2B,KAAK,CAAA,mCAAA,EAAsC,UAAU,CAAA;AAAA,KAClF;AAAA,EACF;AACA,EAAA,IAAI;AAEF,IAAA,IAAI,GAAA,CAAI,WAAW,MAAiB,CAAA;AAAA,EACtC,CAAA,CAAA,MAAQ;AACN,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,iCAAA,EAAoC,UAAA,CAAW,MAAA,IAAU,EAAE,CAAA;AAAA,KAC7D;AAAA,EACF;AAIA,EAAA,IAAI,UAAA,CAAW,gBAAgB,MAAA,EAAW;AACxC,IAAA,IAAI,iBAAiB,KAAA,CAAM,QAAA,CAAS,GAAG,CAAA,GAAI,KAAA,GAAQ,GAAG,KAAK,CAAA,CAAA,CAAA;AAE3D,IAAA,IAAI,CAAC,WAAW,QAAA,CAAS,GAAG,KAAK,CAAC,cAAA,CAAe,UAAA,CAAW,GAAG,CAAA,EAAG;AAEhE,MAAA,cAAA,GAAiB,IAAI,cAAc,CAAA,CAAA;AAAA,IACrC,CAAA,MAAA,IAAW,WAAW,QAAA,CAAS,GAAG,KAAK,cAAA,CAAe,UAAA,CAAW,GAAG,CAAA,EAAG;AAMrE,MAAA,cAAA,GAAiB,cAAA,CAAe,UAAU,CAAC,CAAA;AAAA,IAC7C;AAMA,IAAA,UAAA,CAAW,WAAA,GAAc;AAAA,MACvB,CAAC,CAAA,CAAA,EAAI,UAAU,CAAA,EAAG,cAAc,GAAG,GAAG;AAAA,KACxC;AAAA,EACF;AAGA,EAAA,IAAI,UAAA,CAAW,iBAAiB,MAAA,EAAW;AACzC,IAAA,UAAA,CAAW,YAAA,GAAe,IAAA;AAAA,EAC5B;AAGA,EAAA,UAAA,CAAW,cAAc,OAAO;AAAA,IAC9B,GAAA,EAAK,MAAA,CAAO,IAAA,CAAK,IAAA,CAAK,MAAM,CAAA;AAAA,IAC5B,KAAA,EAAO,MAAA,CAAO,KAAA,CAAM,IAAA,CAAK,MAAM,CAAA;AAAA,IAC/B,IAAA,EAAM,MAAA,CAAO,IAAA,CAAK,IAAA,CAAK,MAAM,CAAA;AAAA,IAC7B,IAAA,EAAM,MAAA,CAAO,IAAA,CAAK,IAAA,CAAK,MAAM,CAAA;AAAA,IAC7B,KAAA,EAAO,MAAA,CAAO,KAAA,CAAM,IAAA,CAAK,MAAM;AAAA,GACjC,CAAA;AAKA,EAAA,UAAA,CAAW,QAAA,GAAW,OAAA;AAGtB,EAAA,MAAM,yBAAyB,IAAI,GAAA;AAAA,IACjC;AAAA;AAAA,MAEE,GAAG,kBAAA;AAAA;AAAA,MAGH,GAAK,WAAW,OAAA,IAAW,MAAA,CAAO,KAAK,UAAA,CAAW,OAAO,KAAM,EAAC;AAAA;AAAA,MAGhE,GAAI,UAAA,CAAW,cAAA,IAAkB;AAAC,KACpC,CAAE,GAAA,CAAI,CAAA,CAAA,KAAK,CAAA,CAAE,mBAAmB;AAAA,GAClC;AAEA,EAAA,IAAI,sBAAsB,SAAA,EAAW;AACnC,IAAA,sBAAA,CAAuB,IAAI,eAAe,CAAA;AAAA,EAC5C;AAUA,EAAA,MAAM,MAAA,GAAS,CAAC,SAAA,EAAmB,GAAA,KAAuC;AACxE,IAAA,MAAM,WAAA,GAAc,MAAA,CAAO,IAAA,CAAK,GAAA,CAAI,OAAO,CAAA;AAC3C,IAAA,WAAA,CAAY,QAAQ,CAAA,CAAA,KAAK;AACvB,MAAA,IAAI,CAAC,sBAAA,CAAuB,GAAA,CAAI,CAAA,CAAE,iBAAA,EAAmB,CAAA,EAAG;AACtD,QAAA,OAAO,GAAA,CAAI,QAAQ,CAAC,CAAA;AAAA,MACtB;AAAA,IACF,CAAC,CAAA;AAED,IAAA,OAAO,UAAA,EAAY,cAAA,EAAgB,QAAA,CAAS,GAAA,CAAI,MAAO,CAAA,IAAK,IAAA;AAAA,EAC9D,CAAA;AAEA,EAAA,MAAA,CAAO,WAAW,MAAM,KAAA;AAGxB,EAAA,MAAM,0BAA0B,IAAI,GAAA;AAAA,IAClC;AAAA;AAAA,MAEE,GAAG,kBAAA;AAAA;AAAA,MAGH,GAAI,UAAA,CAAW,cAAA,IAAkB;AAAC,KACpC,CAAE,GAAA,CAAI,CAAA,CAAA,KAAK,CAAA,CAAE,mBAAmB;AAAA,GAClC;AAEA,EAAA,UAAA,CAAW,UAAA,GAAa,CACtB,QAAA,EACA,CAAA,EACA,GAAA,KACG;AAEH,IAAA,MAAM,WAAA,GAAc,MAAA,CAAO,IAAA,CAAK,QAAA,CAAS,OAAO,CAAA;AAEhD,IAAA,WAAA,CAAY,QAAQ,CAAA,CAAA,KAAK;AACvB,MAAA,IAAI,CAAC,uBAAA,CAAwB,GAAA,CAAI,CAAA,CAAE,iBAAA,EAAmB,CAAA,EAAG;AACvD,QAAA,OAAO,QAAA,CAAS,QAAQ,CAAC,CAAA;AAAA,MAC3B;AAAA,IACF,CAAC,CAAA;AAID,IAAA,QAAA,CAAS,EAAA,CAAG,SAAS,MAAM;AACzB,MAAA,IAAI,CAAC,IAAI,aAAA,EAAe;AACtB,QAAA,GAAA,CAAI,GAAA,EAAI;AAAA,MACV;AAAA,IACF,CAAC,CAAA;AAAA,EACH,CAAA;AAEA,EAAA,IAAI,2BAAA,EAA6B;AAC/B,IAAA,UAAA,CAAW,UAAA,GAAaA,kCAAA;AAAA,EAC1B;AAEA,EAAA,OAAOC,yCAAA,CAAsB,QAAQ,UAAU,CAAA;AACjD;AAEA,SAAS,eAAA,CACP,QACA,MAAA,EACY;AACZ,EAAA,MAAM,SAAA,GAAY,MAAA,CACf,iBAAA,CAAkB,iBAAiB,GAClC,GAAA,EAAgB;AACpB,EAAA,IAAI,SAAA,EAAW;AACb,IAAA,OAAO,SAAA;AAAA,EACT;AAEA,EAAA,MAAM,IAAA,GAAO,MAAA,CAAO,iBAAA,CAAkB,OAAO,GAAG,GAAA,EAAgB;AAChE,EAAA,IAAI,CAAC,IAAA,EAAM;AACT,IAAA,OAAO,EAAC;AAAA,EACV;AAEA,EAAA,MAAM,gBAAgB,MAAA,CAAO,WAAA;AAAA,IAC3B,MAAA,CAAO,OAAA,CAAQ,IAAI,CAAA,CAAE,MAAA,CAAO,CAAC,CAAC,GAAG,CAAA,KAAM,GAAA,CAAI,UAAA,CAAW,GAAG,CAAC;AAAA,GAC5D;AACA,EAAA,IAAI,MAAA,CAAO,IAAA,CAAK,aAAa,CAAA,CAAE,WAAW,CAAA,EAAG;AAC3C,IAAA,OAAO,EAAC;AAAA,EACV;AAEA,EAAA,MAAA,CAAO,IAAA;AAAA,IACL;AAAA,GACF;AAEA,EAAA,OAAO,aAAA;AACT;AAGA,eAAsB,aACpB,OAAA,EACyB;AACzB,EAAA,MAAM,SAASC,uBAAA,EAAO;AACtB,EAAA,IAAI,gBAAgBA,uBAAA,EAAO;AAE3B,EAAA,MAAM,kBAAA,GACJ,OAAA,CAAQ,MAAA,CAAO,kBAAA,CAAmB,0BAA0B,CAAA,IAAK,KAAA;AACnE,EAAA,MAAM,2BAAA,GACJ,OAAA,CAAQ,MAAA,CAAO,kBAAA,CAAmB,mCAAmC,CAAA,IACrE,KAAA;AACF,EAAA,MAAM,YAAA,GAAe;AAAA,IACnB,kBAAA;AAAA,IACA,2BAAA;AAAA,IACA,QAAQ,OAAA,CAAQ;AAAA,GAClB;AAEA,EAAA,MAAM,UAAA,GAAa,YAAA;AAEnB,EAAA,MAAM,WAAA,GAA2B;AAAA,IAC/B,GAAI,OAAA,CAAQ,mBAAA,IAAuB,EAAC;AAAA,IACpC,GAAG,eAAA,CAAgB,OAAA,CAAQ,MAAA,EAAQ,QAAQ,MAAM;AAAA,GACnD;AAEA,EAAA,oBAAA;AAAA,IACE,YAAA;AAAA,IACA,aAAA;AAAA,IACA,UAAA;AAAA,IACA,WAAA;AAAA,IACA,OAAA,CAAQ;AAAA,GACV;AACA,EAAA,MAAA,CAAO,IAAI,CAAA,GAAI,IAAA,KAAS,aAAA,CAAc,GAAG,IAAI,CAAC,CAAA;AAE9C,EAAA,IAAI,OAAA,CAAQ,OAAO,SAAA,EAAW;AAC5B,IAAA,IAAI,UAAA,GAAa,IAAA,CAAK,SAAA,CAAU,WAAW,CAAA;AAE3C,IAAA,OAAA,CAAQ,MAAA,CAAO,UAAU,MAAM;AAC7B,MAAA,MAAM,cAAA,GAAiB,eAAA,CAAgB,OAAA,CAAQ,MAAA,EAAQ,QAAQ,MAAM,CAAA;AACrE,MAAA,MAAM,MAAA,GAAS,IAAA,CAAK,SAAA,CAAU,cAAc,CAAA;AAE5C,MAAA,IAAI,eAAe,MAAA,EAAQ;AACzB,QAAA,UAAA,GAAa,MAAA;AACb,QAAA,aAAA,GAAgBA,uBAAA,EAAO;AACvB,QAAA,oBAAA;AAAA,UACE,YAAA;AAAA,UACA,aAAA;AAAA,UACA,UAAA;AAAA,UACA,cAAA;AAAA,UACA,OAAA,CAAQ;AAAA,SACV;AAAA,MACF;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AAEA,EAAA,OAAA,CAAQ,iBAAA,CAAkB,IAAI,MAAM,CAAA;AACpC,EAAA,OAAO,MAAA;AACT;AAEA,SAAS,oBAAA,CACP,OAAA,EAKA,MAAA,EACA,UAAA,EACA,aACA,iBAAA,EACA;AACA,EAAA,MAAA,CAAO,OAAA,CAAQ,WAAW,CAAA,CAAE,OAAA,CAAQ,CAAC,CAAC,KAAA,EAAO,gBAAgB,CAAA,KAAM;AACjE,IAAA,IAAI;AACF,MAAA,MAAA,CAAO,GAAA;AAAA,QACL,KAAA;AAAA,QACA,eAAA;AAAA,UACE,UAAA;AAAA,UACA,OAAA,CAAQ,MAAA;AAAA,UACR,KAAA;AAAA,UACA,gBAAA;AAAA,UACA,iBAAA;AAAA,UACA,OAAA,CAAQ;AAAA;AACV,OACF;AAAA,IACF,SAAS,CAAA,EAAG;AACV,MAAA,IAAI,QAAQ,kBAAA,EAAoB;AAC9B,QAAA,OAAA,CAAQ,OAAO,IAAA,CAAK,CAAA,oBAAA,EAAuB,KAAK,CAAA,QAAA,EAAW,CAAA,CAAE,OAAO,CAAA,CAAE,CAAA;AAAA,MACxE,CAAA,MAAO;AACL,QAAA,MAAM,CAAA;AAAA,MACR;AAAA,IACF;AAAA,EACF,CAAC,CAAA;AACH;;;;;"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@backstage/plugin-proxy-backend",
-  "version": "0.6.9",
+  "version": "0.6.10-next.0",
   "description": "A Backstage backend plugin that helps you set up proxy endpoints in the backend",
   "backstage": {
     "role": "backend-plugin",
@@ -57,19 +57,19 @@
     "test": "backstage-cli package test"
   },
   "dependencies": {
-    "@backstage/backend-plugin-api": "^1.6.0",
-    "@backstage/plugin-proxy-node": "^0.1.11",
-    "@backstage/types": "^1.2.2",
+    "@backstage/backend-plugin-api": "1.7.0-next.0",
+    "@backstage/plugin-proxy-node": "0.1.12-next.0",
+    "@backstage/types": "1.2.2",
     "express-promise-router": "^4.1.0",
     "http-proxy-middleware": "^2.0.0"
   },
   "devDependencies": {
-    "@backstage/backend-app-api": "^1.4.0",
-    "@backstage/backend-defaults": "^0.14.0",
-    "@backstage/backend-test-utils": "^1.10.2",
-    "@backstage/cli": "^0.35.0",
-    "@backstage/config-loader": "^1.10.7",
-    "@backstage/errors": "^1.2.7",
+    "@backstage/backend-app-api": "1.5.0-next.0",
+    "@backstage/backend-defaults": "0.15.1-next.0",
+    "@backstage/backend-test-utils": "1.10.4-next.0",
+    "@backstage/cli": "0.35.3-next.0",
+    "@backstage/config-loader": "1.10.8-next.0",
+    "@backstage/errors": "1.2.7",
     "@types/express": "^4.17.6",
     "@types/http-proxy-middleware": "^1.0.0",
     "express": "^4.22.0",