paulononato/backstage
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

auth-node: fix for persisted scopes not being restored on sign-in

Browse Source 
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com>
This commit is contained in:
Patrik Oldsberg
2023-09-25 14:02:15 +02:00
parent 5d32a58b5a
commit 6c2b0793bf
3 changed files with 15 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.changeset/plenty-llamas-double.md
+5
View File
@@ -0,0 +1,5 @@
---
'@backstage/plugin-auth-node': patch
---
Fix for persisted scopes not being properly restored on sign-in.
plugins/auth-node/src/oauth/createOAuthRouteHandlers.test.ts
+9 -5
View File
@@ -297,7 +297,7 @@ describe('createOAuthRouteHandlers', () => {
state: encodeOAuthState({
env: 'development',
nonce: '123',
scope: 'my-scope',
scope: 'my-scope my-other-scope',
} as OAuthState),
});
@@ -310,7 +310,7 @@ describe('createOAuthRouteHandlers', () => {
accessToken: 'access-token',
expiresInSeconds: 3,
idToken: 'id-token',
scope: 'my-scope',
scope: 'my-scope my-other-scope',
},
backstageIdentity: {
identity: {
@@ -324,7 +324,9 @@ describe('createOAuthRouteHandlers', () => {
});
expect(getRefreshTokenCookie(agent).value).toBe('refresh-token');
expect(getGrantedScopesCookie(agent).value).toBe('my-scope');
expect(getGrantedScopesCookie(agent).value).toBe(
'my-scope%20my-other-scope',
);
});
it('should redirect with persisted scope', async () => {
@@ -357,7 +359,7 @@ describe('createOAuthRouteHandlers', () => {
state: encodeOAuthState({
env: 'development',
nonce: '123',
scope: 'my-scope',
scope: 'my-scope my-other-scope',
flow: 'redirect',
redirectUrl: 'https://127.0.0.1:3000/redirect',
} as OAuthState),
@@ -367,7 +369,9 @@ describe('createOAuthRouteHandlers', () => {
expect(res.get('Location')).toBe('https://127.0.0.1:3000/redirect');
expect(getRefreshTokenCookie(agent).value).toBe('refresh-token');
expect(getGrantedScopesCookie(agent).value).toBe('my-scope');
expect(getGrantedScopesCookie(agent).value).toBe(
'my-scope%20my-other-scope',
);
});
it('should require a valid origin', async () => {
plugins/auth-node/src/oauth/createOAuthRouteHandlers.ts
+1 -1
View File
@@ -214,7 +214,7 @@ export function createOAuthRouteHandlers<TProfile>(
// the provider does not return granted scopes on refresh or if they are normalized.
if (authenticator.shouldPersistScopes && state.scope) {
cookieManager.setGrantedScopes(res, state.scope, appOrigin);
result.session.scope = state.scope;
response.providerInfo.scope = state.scope;
}
if (result.session.refreshToken) {