auth-backend(fix): Add basicAuth option to OAuth provider
Signed-off-by: Johan Haals <johan.haals@gmail.com>
This commit is contained in:
@@ -0,0 +1,6 @@
|
||||
---
|
||||
'@backstage/plugin-auth-backend': patch
|
||||
---
|
||||
|
||||
Fixes potential bug introduced in `0.4.10` which causes `OAuth2AuthProvider` to authenticate using credentials in both POST payload and headers.
|
||||
This might break some stricter OAuth2 implementations so there is now a `basicAuth` config option that can manually be set to `true` to enable this behavior.
|
||||
@@ -59,6 +59,7 @@ export type OAuth2AuthProviderOptions = OAuthProviderOptions & {
|
||||
tokenUrl: string;
|
||||
scope?: string;
|
||||
logger: Logger;
|
||||
basicAuth?: boolean;
|
||||
};
|
||||
|
||||
export class OAuth2AuthProvider implements OAuthHandlers {
|
||||
@@ -85,12 +86,14 @@ export class OAuth2AuthProvider implements OAuthHandlers {
|
||||
tokenURL: options.tokenUrl,
|
||||
passReqToCallback: false as true,
|
||||
scope: options.scope,
|
||||
customHeaders: {
|
||||
Authorization: `Basic ${this.encodeClientCredentials(
|
||||
options.clientId,
|
||||
options.clientSecret,
|
||||
)}`,
|
||||
},
|
||||
customHeaders: options.basicAuth
|
||||
? {
|
||||
Authorization: `Basic ${this.encodeClientCredentials(
|
||||
options.clientId,
|
||||
options.clientSecret,
|
||||
)}`,
|
||||
}
|
||||
: undefined,
|
||||
},
|
||||
(
|
||||
accessToken: any,
|
||||
@@ -244,6 +247,7 @@ export const createOAuth2Provider = (
|
||||
const authorizationUrl = envConfig.getString('authorizationUrl');
|
||||
const tokenUrl = envConfig.getString('tokenUrl');
|
||||
const scope = envConfig.getOptionalString('scope');
|
||||
const basicAuth = envConfig.getOptionalBoolean('basicAuth');
|
||||
const disableRefresh =
|
||||
envConfig.getOptionalBoolean('disableRefresh') ?? false;
|
||||
|
||||
@@ -280,6 +284,7 @@ export const createOAuth2Provider = (
|
||||
tokenUrl,
|
||||
scope,
|
||||
logger,
|
||||
basicAuth,
|
||||
});
|
||||
|
||||
return OAuthAdapter.fromConfig(globalConfig, provider, {
|
||||
|
||||
Reference in New Issue
Block a user