diff --git a/.changeset/giant-nails-grow.md b/.changeset/giant-nails-grow.md new file mode 100644 index 0000000000..c715f78d5c --- /dev/null +++ b/.changeset/giant-nails-grow.md @@ -0,0 +1,5 @@ +--- +'@backstage/plugin-auth-backend': minor +--- + +Made `IdentityClient.listPublicKeys` private. It was only used in tests, and should not be part of the API surface of that class. The interface is marked as experimental, and therefore this is a breaking change without a deprecation period. diff --git a/plugins/auth-backend/api-report.md b/plugins/auth-backend/api-report.md index aaacd05815..09f1c5185e 100644 --- a/plugins/auth-backend/api-report.md +++ b/plugins/auth-backend/api-report.md @@ -10,7 +10,6 @@ import { Config } from '@backstage/config'; import { Entity } from '@backstage/catalog-model'; import express from 'express'; import { JsonValue } from '@backstage/types'; -import { JSONWebKey } from 'jose'; import { Logger as Logger_2 } from 'winston'; import { PluginDatabaseManager } from '@backstage/backend-common'; import { PluginEndpointDiscovery } from '@backstage/backend-common'; @@ -432,9 +431,6 @@ export class IdentityClient { static getBearerToken( authorizationHeader: string | undefined, ): string | undefined; - listPublicKeys(): Promise<{ - keys: JSONWebKey[]; - }>; } // Warning: (ae-missing-release-tag) "microsoftEmailSignInResolver" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) diff --git a/plugins/auth-backend/src/identity/IdentityClient.test.ts b/plugins/auth-backend/src/identity/IdentityClient.test.ts index 9f5e1ce489..da7a8e7dce 100644 --- a/plugins/auth-backend/src/identity/IdentityClient.test.ts +++ b/plugins/auth-backend/src/identity/IdentityClient.test.ts @@ -83,7 +83,7 @@ describe('IdentityClient', () => { it('should use the correct endpoint', async () => { await factory.issueToken({ claims: { sub: 'foo' } }); const keys = await factory.listPublicKeys(); - const response = await client.listPublicKeys(); + const response = await (client as any).listPublicKeys(); expect(response).toEqual(keys); }); @@ -257,7 +257,7 @@ describe('IdentityClient', () => { }); it('should use the correct endpoint', async () => { - const response = await client.listPublicKeys(); + const response = await (client as any).listPublicKeys(); expect(response).toEqual(defaultServiceResponse); }); }); diff --git a/plugins/auth-backend/src/identity/IdentityClient.ts b/plugins/auth-backend/src/identity/IdentityClient.ts index 552d231e1f..810ae56722 100644 --- a/plugins/auth-backend/src/identity/IdentityClient.ts +++ b/plugins/auth-backend/src/identity/IdentityClient.ts @@ -125,7 +125,7 @@ export class IdentityClient { /** * Lists public part of keys used to sign Backstage Identity tokens */ - async listPublicKeys(): Promise<{ + private async listPublicKeys(): Promise<{ keys: JSONWebKey[]; }> { const url = `${await this.discovery.getBaseUrl(