Patrik Oldsberg
d2085641c4
Merge pull request #17191 from go-xman/feat/export-common-identify-resolver
...
chore: add common identify resolvers for `oidc` auth provider
2023-04-05 12:42:56 +02:00
mingfu
6a90095133
chore: add common identify resolvers for oidc auth provider
...
Signed-off-by: mingfu <mingfu@alauda.io >
2023-04-05 18:17:03 +08:00
Johan Haals
0db9d8c10d
Merge pull request #17108 from afscrome/easyauthexport
...
Properly expose easy auth provider
2023-04-05 10:07:00 +02:00
Patrik Oldsberg
715dcb7627
Merge pull request #16323 from jamieklassen/multiaudience-microsoft
...
Microsoft auth provider manages tokens for multiple resources
2023-04-04 17:48:53 +02:00
Fredrik Adelöw
e0c6e8b9c3
get rid of majority of peer dependency warnings in yarn
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2023-03-27 12:26:23 +02:00
Alex Crome
7019734333
Fix Api Report
...
Signed-off-by: Alex Crome <afscrome@users.noreply.github.com >
2023-03-27 00:53:19 +01:00
Alex Crome
a0ef1ec734
Properly expose easy auth provider
...
16108 added support for Azure easy auth, however the provider wasn't properly exposed so it can't be used.
This PR fixes that by properly exposing the provider
Signed-off-by: Alex Crome <afscrome@users.noreply.github.com >
2023-03-27 00:20:48 +01:00
Jamie Klassen
475abd1dc3
support non-microsoft graph scopes
...
Signed-off-by: Jamie Klassen <jklassen@vmware.com >
2023-03-24 17:10:25 -04:00
Jamie Klassen
646025786e
construct test subject via factory function
...
Rather than using the MicrosoftAuthProvider constructor directly -- this is
more faithful to how this object is instantiated in practice.
Also, introduce FakeMicrosoftAPI to simulate negotiating scopes, authorization
codes, access tokens, and refresh tokens with Azure.
Signed-off-by: Jamie Klassen <jklassen@vmware.com >
2023-03-24 17:10:17 -04:00
Jamie Klassen
3b0ac0d7e2
convert module mock to msw
...
This should allow for easier refactoring and adding new microsoft-specific
features.
Signed-off-by: Jamie Klassen <jklassen@vmware.com >
2023-03-24 16:48:41 -04:00
Patrik Oldsberg
5ae279d283
Merge pull request #15841 from headphonejames/redirect-oauth-flow
...
Oauth2 redirect flow for authentication (instead of using popup)
2023-03-21 11:02:42 +01:00
Adi Krhan
e262738b8a
Handle token difference in Microsoft provider
...
Signed-off-by: Adi Krhan <adikrhan43@gmail.com >
2023-03-13 09:23:59 +01:00
headphonejames
57ec7e2250
minor clean up
...
Signed-off-by: headphonejames <generalfuzz@gmail.com >
2023-02-28 17:20:23 -08:00
headphonejames
d7e856ad55
simplify code and test cases. clean up rendering.
...
Signed-off-by: headphonejames <generalfuzz@gmail.com >
2023-02-28 17:05:11 -08:00
headphonejames
5177a7f2b4
Merge branch 'master' into redirect-oauth-flow
2023-02-27 17:20:37 -08:00
headphonejames
5acc047748
Move configuration of redirect authentication flow to a global parameter named "enableExperimentalRedirectFlow". Pass the configApi instance into authentication providers to read new configuration parameter.
...
Signed-off-by: headphonejames <generalfuzz@gmail.com >
2023-02-27 16:34:30 -08:00
Katharina Sick
be3cddaab5
fix: fix getting credentials for Bitbucket Server in the RepoUrlPicker
...
Signed-off-by: Katharina Sick <katharina.sick@dynatrace.com >
2023-02-22 15:51:47 +01:00
headphonejames
ad15aaa285
Add onSignInStarted() and onSignInFailure() hooks. Clean up and renaming.
...
Signed-off-by: headphonejames <generalfuzz@gmail.com >
2023-02-21 18:45:50 -08:00
Alex Crome
b84349e2f6
PR Feedback
...
Signed-off-by: Alex Crome <afscrome@users.noreply.github.com >
2023-02-14 14:50:37 +00:00
Alex Crome
aa721158d1
Merge remote-tracking branch 'upstream/master' into easyauth
2023-02-14 14:47:01 +00:00
Patrik Oldsberg
63421b1729
Merge pull request #16186 from KatharinaSick/feature/bitbucket-server-auth-provider
...
feat(auth): add auth provider for Bitbucket Server
2023-02-13 23:06:01 +01:00
Katharina Sick
1fad33684e
use node-fetch
...
Signed-off-by: Katharina Sick <katharina.sick@dynatrace.com >
2023-02-13 16:31:49 +01:00
Katharina Sick
0c1d0229aa
remove not needed test dependencies
...
Signed-off-by: Katharina Sick <katharina.sick@dynatrace.com >
2023-02-13 13:46:03 +01:00
Patrik Oldsberg
5febb216fe
backend-plugin-api: refactor CacheService to lift up client methods to the service
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-02-10 10:19:44 +01:00
Katharina Sick
bb3e4c3f8d
use msw for tests & fix resolver type
...
Signed-off-by: Katharina Sick <katharina.sick@dynatrace.com >
2023-02-07 17:33:31 +01:00
Katharina Sick
d19c77cc41
fixed API report errors and regenerated the reports
...
Signed-off-by: Katharina Sick <katharina.sick@dynatrace.com >
2023-02-07 08:55:10 +01:00
Katharina Sick
db10b6ef65
feat(auth): add auth provider for Bitbucket Server
...
Signed-off-by: Katharina Sick <katharina.sick@dynatrace.com >
2023-02-06 11:10:58 +01:00
headphonejames
167f457803
fix missing code fixes from update after PR review.
...
Signed-off-by: headphonejames <generalfuzz@gmail.com >
2023-02-03 12:18:50 -08:00
headphonejames
ae4d826fb2
Updates to redirect implementation after initial PR review.
...
Signed-off-by: headphonejames <generalfuzz@gmail.com >
2023-02-03 12:03:01 -08:00
Alex Crome
f79df8ab24
Initial easyauth work
...
Signed-off-by: Alex Crome <afscrome@users.noreply.github.com >
2023-02-01 12:02:24 +00:00
headphonejames
9a9170047b
Implementation for oauth2 authentication using a redirect flow (without window popup) from frontend to backend API, followed by a redirect back to the fronted. A localstorage provider token is added before the redirect to the backend auth API.
...
During the subsequent front end refresh an asynchronous backstage session refresh is triggered when the provider token is put in localstorage. The session refresh will return a backstage authentication token if authentication succeeded during the previous backend auth API execution.
Addresses https://github.com/backstage/backstage/issues/9582
Signed-off-by: headphonejames <generalfuzz@gmail.com >
2023-01-18 14:32:00 -08:00
Fredrik Adelöw
9bafcfc209
update tests to be more robust against catalog-client changes
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2022-11-14 16:55:48 +01:00
Adam Kunicki
89d705e806
Permit customizing the header name for the IAP jwt
...
This creates a new configuration parameter `jwtHeader` for the gcp-iap
auth provider. This allows setting a custom header to look in for the
IAP issued JWT.
Signed-off-by: Adam Kunicki <kunickiaj@gmail.com >
2022-11-11 21:02:55 -08:00
kvmw
24152c0c52
Inject optional CatalogApi in auth-backend router
...
Signed-off-by: kvmw <mshamsi@vmware.com >
2022-11-07 16:13:15 +01:00
Patrick Jungermann
abaed9770e
chore(auth): improve logging
...
Make the logging more clear as "provider" is ambiguous.
Signed-off-by: Patrick Jungermann <Patrick.Jungermann@gmail.com >
2022-10-28 11:58:34 +02:00
Johan Haals
35438ef744
Merge pull request #13670 from fabuloso/secure-google-oauth-logout
...
Revoke Google OAuth refresh token on logout
2022-10-04 10:36:00 +02:00
Leonardo Cardoso de Almeida
b1f9a031aa
style: prettify auth0 provider codestyle
...
Signed-off-by: Leonardo Cardoso de Almeida <leozzito@Leonardos-MacBook-Pro.local >
2022-09-29 12:14:14 -03:00
Leonardo Cardoso de Almeida
9ad307a07c
feat: add connection/connection scope options to auth0 provider
...
Signed-off-by: Leonardo Cardoso de Almeida <leozzito@Leonardos-MacBook-Pro.local >
2022-09-29 11:31:12 -03:00
Alessandro Dalfovo
7289b5ec4e
Call logout OAuth handler in OAuthAdapter
...
Signed-off-by: Alessandro Dalfovo <dalfovo.alessandro@gmail.com >
2022-09-27 13:06:02 +02:00
ahmed
3e0f0c0285
oauth: consider hosted gitlab with relative path
...
Signed-off-by: ahmed <ahmed@planet.com >
2022-09-26 22:07:11 +02:00
Patrik Oldsberg
8360315ca5
Merge pull request #13559 from backstage/rugvip/jest29
...
cli: switch to Jest 29
2022-09-20 18:48:50 +02:00
Patrik Oldsberg
272fce8325
Merge pull request #13556 from backstage/eide/allow-third-party-cookies
...
[auth-backend]: Calculate `SameSite` cookie attribute in defaultCookieConfigurer and default to `none`
2022-09-20 17:20:22 +02:00
Marcus Eide
d0f7bb0291
Use origin from request when calculating cookie config in start
...
Signed-off-by: Marcus Eide <eide@spotify.com >
2022-09-20 15:16:26 +02:00
Patrik Oldsberg
2e4e6c3500
test fixes to support Jest 29
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2022-09-20 14:51:19 +02:00
Ben Lambert
d2dc96e4d0
Merge pull request #13595 from DavidZemon/feature/allow-more-jwt-claims
...
feat: Allow passing additional JWT claims to `TokenIssuer`
2022-09-20 11:08:34 +02:00
David Zemon
c8e837da5b
feat: Use JsonValue for JWT claim values
...
Signed-off-by: David Zemon <david@zemon.name >
2022-09-19 08:01:14 -05:00
Marcus Eide
04c50e297d
Resolve cookie configuration per request
...
Signed-off-by: Marcus Eide <eide@spotify.com >
2022-09-16 09:57:44 +02:00
Marcus Eide
12943d1ade
Calculate SameSite attribute more carefully, defaulting to lax in most cases
...
Signed-off-by: Marcus Eide <eide@spotify.com >
2022-09-09 11:16:04 +02:00
Joe Patterson
69d478d5b4
Merge branch 'backstage:master' into master
2022-09-09 10:31:27 +10:00
David Zemon
19ac96e4c2
feat: Allow passing additional JWT claims to TokenIssuer
...
Signed-off-by: David Zemon <david@zemon.name >
2022-09-08 11:36:49 -05:00