paulononato/backstage
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Fix authenticate() ctx properties being missing

Browse Source 
This was broken because the return value of `initialize()` was a `Promise<...>` but its caller wasn't `await`-ing the value.

This was causing the `gcpIap` provider to fail on the `/request` endpoint because `jwtHeader` was undefined.

The OAuth equivalent keeps `initialize()` synchronous, and all implementations don't _need_ to be `async`, so make them synchronous instead.

I've chosen the changelog to be a `major` bump since this changes the API of a public type.

Signed-off-by: Mitchell Hentges <mhentges@spotify.com>
This commit is contained in:
Mitchell Hentges
2023-10-02 16:20:32 +02:00
parent 468871dbc0
commit 6f142d5356
6 changed files with 16 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.changeset/large-balloons-brush.md
+5
View File
@@ -0,0 +1,5 @@
---
'@backstage/plugin-auth-node': minor
---
**BREAKING**: The recently introduced `ProxyAuthenticator.initialize()` method is no longer `async` to match the way the OAuth equivalent is implemented.
.changeset/rare-pants-reply.md
+5
View File
@@ -0,0 +1,5 @@
---
'@backstage/plugin-auth-backend-module-gcp-iap-provider': minor
---
**BREAKING** `gcpIapAuthenticator.initialize()` is no longer `async`
plugins/auth-backend-module-gcp-iap-provider/src/authenticator.test.ts
+3 -3
View File
@@ -29,7 +29,7 @@ jest.mock('./helpers', () => ({
describe('GcpIapProvider', () => {
it('should find default JWT header', async () => {
const ctx = await gcpIapAuthenticator.initialize({
const ctx = gcpIapAuthenticator.initialize({
config: mockServices.rootConfig({ data: { audience: 'my-audience' } }),
});
await expect(
@@ -50,7 +50,7 @@ describe('GcpIapProvider', () => {
it('should find custom JWT header', async () => {
const jwtHeader = 'x-custom-header';
const ctx = await gcpIapAuthenticator.initialize({
const ctx = gcpIapAuthenticator.initialize({
config: mockServices.rootConfig({
data: { audience: 'my-audience', jwtHeader },
}),
@@ -70,7 +70,7 @@ describe('GcpIapProvider', () => {
});
it('should throw if header is missing', async () => {
const ctx = await gcpIapAuthenticator.initialize({
const ctx = gcpIapAuthenticator.initialize({
config: mockServices.rootConfig({
data: { audience: 'my-audience' },
}),
plugins/auth-backend-module-gcp-iap-provider/src/authenticator.ts
+1 -1
View File
@@ -29,7 +29,7 @@ export const gcpIapAuthenticator = createProxyAuthenticator({
defaultProfileTransform: async (result: GcpIapResult) => {
return { profile: { email: result.iapToken.email } };
},
async initialize({ config }) {
initialize({ config }) {
const audience = config.getString('audience');
const jwtHeader =
config.getOptionalString('jwtHeader') ?? DEFAULT_IAP_JWT_HEADER;
plugins/auth-node/api-report.md
+1 -1
View File
@@ -550,7 +550,7 @@ export interface ProxyAuthenticator<TContext, TResult> {
// (undocumented)
defaultProfileTransform: ProfileTransform<TResult>;
// (undocumented)
initialize(ctx: { config: Config }): Promise<TContext>;
initialize(ctx: { config: Config }): TContext;
}
// @public (undocumented)
plugins/auth-node/src/proxy/types.ts
+1 -1
View File
@@ -21,7 +21,7 @@ import { ProfileTransform } from '../types';
/** @public */
export interface ProxyAuthenticator<TContext, TResult> {
defaultProfileTransform: ProfileTransform<TResult>;
initialize(ctx: { config: Config }): Promise<TContext>;
initialize(ctx: { config: Config }): TContext;
authenticate(
options: { req: Request },
ctx: TContext,