Commit Graph

696 Commits

Author SHA1 Message Date
Alex Crome b84349e2f6 PR Feedback
Signed-off-by: Alex Crome <afscrome@users.noreply.github.com>
2023-02-14 14:50:37 +00:00
Alex Crome aa721158d1 Merge remote-tracking branch 'upstream/master' into easyauth 2023-02-14 14:47:01 +00:00
Patrik Oldsberg 63421b1729 Merge pull request #16186 from KatharinaSick/feature/bitbucket-server-auth-provider
feat(auth): add auth provider for Bitbucket Server
2023-02-13 23:06:01 +01:00
Katharina Sick 1fad33684e use node-fetch
Signed-off-by: Katharina Sick <katharina.sick@dynatrace.com>
2023-02-13 16:31:49 +01:00
Katharina Sick 0c1d0229aa remove not needed test dependencies
Signed-off-by: Katharina Sick <katharina.sick@dynatrace.com>
2023-02-13 13:46:03 +01:00
Patrik Oldsberg 5febb216fe backend-plugin-api: refactor CacheService to lift up client methods to the service
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com>
2023-02-10 10:19:44 +01:00
Katharina Sick bb3e4c3f8d use msw for tests & fix resolver type
Signed-off-by: Katharina Sick <katharina.sick@dynatrace.com>
2023-02-07 17:33:31 +01:00
Katharina Sick d19c77cc41 fixed API report errors and regenerated the reports
Signed-off-by: Katharina Sick <katharina.sick@dynatrace.com>
2023-02-07 08:55:10 +01:00
Katharina Sick db10b6ef65 feat(auth): add auth provider for Bitbucket Server
Signed-off-by: Katharina Sick <katharina.sick@dynatrace.com>
2023-02-06 11:10:58 +01:00
Alex Crome f79df8ab24 Initial easyauth work
Signed-off-by: Alex Crome <afscrome@users.noreply.github.com>
2023-02-01 12:02:24 +00:00
Fredrik Adelöw 9bafcfc209 update tests to be more robust against catalog-client changes
Signed-off-by: Fredrik Adelöw <freben@gmail.com>
2022-11-14 16:55:48 +01:00
Adam Kunicki 89d705e806 Permit customizing the header name for the IAP jwt
This creates a new configuration parameter `jwtHeader` for the gcp-iap
auth provider. This allows setting a custom header to look in for the
IAP issued JWT.

Signed-off-by: Adam Kunicki <kunickiaj@gmail.com>
2022-11-11 21:02:55 -08:00
kvmw 24152c0c52 Inject optional CatalogApi in auth-backend router
Signed-off-by: kvmw <mshamsi@vmware.com>
2022-11-07 16:13:15 +01:00
Patrick Jungermann abaed9770e chore(auth): improve logging
Make the logging more clear as "provider" is ambiguous.

Signed-off-by: Patrick Jungermann <Patrick.Jungermann@gmail.com>
2022-10-28 11:58:34 +02:00
Johan Haals 35438ef744 Merge pull request #13670 from fabuloso/secure-google-oauth-logout
Revoke Google OAuth refresh token on logout
2022-10-04 10:36:00 +02:00
Leonardo Cardoso de Almeida b1f9a031aa style: prettify auth0 provider codestyle
Signed-off-by: Leonardo Cardoso de Almeida <leozzito@Leonardos-MacBook-Pro.local>
2022-09-29 12:14:14 -03:00
Leonardo Cardoso de Almeida 9ad307a07c feat: add connection/connection scope options to auth0 provider
Signed-off-by: Leonardo Cardoso de Almeida <leozzito@Leonardos-MacBook-Pro.local>
2022-09-29 11:31:12 -03:00
Alessandro Dalfovo 7289b5ec4e Call logout OAuth handler in OAuthAdapter
Signed-off-by: Alessandro Dalfovo <dalfovo.alessandro@gmail.com>
2022-09-27 13:06:02 +02:00
ahmed 3e0f0c0285 oauth: consider hosted gitlab with relative path
Signed-off-by: ahmed <ahmed@planet.com>
2022-09-26 22:07:11 +02:00
Patrik Oldsberg 8360315ca5 Merge pull request #13559 from backstage/rugvip/jest29
cli: switch to Jest 29
2022-09-20 18:48:50 +02:00
Patrik Oldsberg 272fce8325 Merge pull request #13556 from backstage/eide/allow-third-party-cookies
[auth-backend]: Calculate `SameSite` cookie attribute in defaultCookieConfigurer and default to `none`
2022-09-20 17:20:22 +02:00
Marcus Eide d0f7bb0291 Use origin from request when calculating cookie config in start
Signed-off-by: Marcus Eide <eide@spotify.com>
2022-09-20 15:16:26 +02:00
Patrik Oldsberg 2e4e6c3500 test fixes to support Jest 29
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com>
2022-09-20 14:51:19 +02:00
Ben Lambert d2dc96e4d0 Merge pull request #13595 from DavidZemon/feature/allow-more-jwt-claims
feat: Allow passing additional JWT claims to `TokenIssuer`
2022-09-20 11:08:34 +02:00
David Zemon c8e837da5b feat: Use JsonValue for JWT claim values
Signed-off-by: David Zemon <david@zemon.name>
2022-09-19 08:01:14 -05:00
Marcus Eide 04c50e297d Resolve cookie configuration per request
Signed-off-by: Marcus Eide <eide@spotify.com>
2022-09-16 09:57:44 +02:00
Marcus Eide 12943d1ade Calculate SameSite attribute more carefully, defaulting to lax in most cases
Signed-off-by: Marcus Eide <eide@spotify.com>
2022-09-09 11:16:04 +02:00
Joe Patterson 69d478d5b4 Merge branch 'backstage:master' into master 2022-09-09 10:31:27 +10:00
David Zemon 19ac96e4c2 feat: Allow passing additional JWT claims to TokenIssuer
Signed-off-by: David Zemon <david@zemon.name>
2022-09-08 11:36:49 -05:00
Joe Patterson 018b7ec1f3 update provider for changes in review and update changeset message
Signed-off-by: Joe Patterson <jrwpatterson@gmail.com>
2022-09-08 20:33:54 +10:00
Joe Patterson 3db53bbfa3 fix prettier error
Signed-off-by: Joe Patterson <jrwpatterson@gmail.com>
2022-09-08 19:49:32 +10:00
Joe Patterson 644b267bde fix the session issue by copying okta
Signed-off-by: Joe Patterson <jrwpatterson@gmail.com>
2022-09-08 18:41:15 +10:00
Joe Patterson 3152ca4b74 run prettier
Signed-off-by: Joe Patterson <jrwpatterson@gmail.com>
2022-09-08 14:25:20 +10:00
Joe Patterson 64fe8e1213 change auth0 passport to the correct passport-auth0 package and allow passing the audience into the auth for api
Signed-off-by: Joe Patterson <jrwpatterson@gmail.com>
2022-09-08 13:52:34 +10:00
Taras 93a1072a0a Updated tests to include validateEntity in mocks
Signed-off-by: Taras <tarasm@gmail.com>
2022-09-07 18:12:01 -04:00
Marcus Eide 5fa831ce55 Add optional SameSite attribute to CookieConfigurer and return from defaultCookieConfigurer for secure contexts.
Signed-off-by: Marcus Eide <eide@spotify.com>
2022-09-06 13:12:50 +02:00
Fredrik Adelöw aaab1e34da Fix linting errors after #13392
Signed-off-by: Fredrik Adelöw <freben@gmail.com>
2022-08-30 13:44:09 +02:00
Fredrik Adelöw 2881c53cb3 Merge pull request #13252 from backstage/freben/api-well-ok-then
When the 🧹 s go marching in
2022-08-23 13:55:58 +02:00
Fredrik Adelöw 46eecb9a3f Merge pull request #13237 from tylerd-canva/cfaccess-jwt-pass
Auth Backend: Add JWT to CloudflareAccessResult
2022-08-23 13:45:52 +02:00
blam 9b37fc59ed chore: reworking tests
Signed-off-by: blam <ben@blam.sh>
2022-08-23 10:53:05 +02:00
Tyler Davis fce5333d15 prettier
Signed-off-by: Tyler Davis <tylerd@canva.com>
2022-08-23 10:50:26 +10:00
Tyler Davis 5296f719f5 add verification to test authHandler and signInResolver
Signed-off-by: Tyler Davis <tylerd@canva.com>
2022-08-23 10:49:38 +10:00
Tyler Davis 477d05d9c7 prettier
Signed-off-by: Tyler Davis <tylerd@canva.com>
2022-08-22 09:08:46 +10:00
Tyler Davis 1b66ad8c3b review comments
Signed-off-by: Tyler Davis <tylerd@canva.com>
2022-08-22 08:38:04 +10:00
Fredrik Adelöw a291688bc5 Renamed the RedirectInfo type to OAuthStartResponse
Signed-off-by: Fredrik Adelöw <freben@gmail.com>
2022-08-19 16:35:20 +02:00
Fredrik Adelöw 2fc41ebf07 auth-backend
Signed-off-by: Fredrik Adelöw <freben@gmail.com>
2022-08-19 13:54:05 +02:00
Tyler Davis e1ebaeb332 Add the JWT to the CloudflareAccessResult
Signed-off-by: Tyler Davis <tylerd@canva.com>
2022-08-19 11:34:42 +10:00
Daniel Dias Branco Arthaud c676a9e07b fix(auth-plugin-backend): Allow it to skip migrations
When auth plugin is using database provider it verify if needs to skip migrations

Signed-off-by: Daniel Dias Branco Arthaud <arthaud@gmail.com>
2022-08-11 22:13:13 -03:00
Renlord Yang 154544f43e Properly export CloudflareAccessClaims and CloudflareAccessIdentityProfile types
This allows these types to be used externally when injecting a custom auth handler.

Signed-off-by: Renlord Yang <me@renlord.com>
2022-07-18 21:49:56 +08:00
Renlord Yang 339a4213b8 return cloudflare access claims directly
Signed-off-by: Renlord Yang <renlord@cloudflare.com>
Signed-off-by: Renlord Yang <me@renlord.com>
2022-07-14 22:54:26 +08:00