Fredrik Adelöw
0329b2514b
add test
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-04-25 09:57:53 +02:00
Fredrik Adelöw
09f89885bb
Remove explicit alg check for user tokens in verifyToken
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-04-24 18:36:24 +02:00
Fredrik Adelöw
65a9c6c7cb
remove alphas
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-04-24 14:12:08 +02:00
Fredrik Adelöw
07e36af4d4
sort
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-04-24 14:10:10 +02:00
github-actions[bot]
46046059b4
Version Packages (next)
2024-04-23 14:53:09 +00:00
blam
5f0c46fa23
feat: reworking
...
Signed-off-by: blam <ben@blam.sh >
2024-04-23 15:06:15 +02:00
blam
8fa9cb6a08
chore: make sure to redact secrets in meta fields
...
Signed-off-by: blam <ben@blam.sh >
2024-04-23 12:56:02 +02:00
Fredrik Adelöw
b0aced8113
Merge pull request #24321 from backstage/freben/one-ext
...
only create one external token handler
2024-04-22 13:23:04 +02:00
Fredrik Adelöw
1df9e84a40
Merge pull request #24316 from alecjacobs5401/rootHttpRouter-server-configuration
...
feat(backend-app-api): enable Node.js server configuration in the rootHttpRouter service
2024-04-22 11:21:03 +02:00
Patrik Oldsberg
dc8c5ddbae
backend-app-api: stop requiring keys to be configured for the token manager
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-04-21 12:31:44 +02:00
Fredrik Adelöw
e8199b1684
Move the jwks registration outside of the lifecycle middleware
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-04-19 13:35:39 +02:00
Fredrik Adelöw
5863e025af
only create one external token handler
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-04-17 12:32:34 +02:00
Alec Jacobs
fbecb2ebda
feat(backend-app-api): add ability to configure node server in root http router
...
Signed-off-by: Alec Jacobs <cajacobs5401@gmail.com >
2024-04-16 16:10:29 -07:00
github-actions[bot]
0e48f5a289
Version Packages
2024-04-16 12:20:53 +00:00
Fredrik Adelöw
edf54fdca5
test updates etc
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-04-15 16:59:46 +02:00
Fredrik Adelöw
00fca28b41
implement external token access
...
Co-authored-by: Vincenzo Scamporlino <vincenzos@spotify.com >
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-04-15 15:37:12 +02:00
Patrik Oldsberg
e297ea7611
Merge branch 'master' into logger_service
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-04-14 18:27:16 +02:00
Patrik Oldsberg
12b9fb02a3
Merge pull request #24139 from kuangp/fix/cookieAuth
...
fix(cookieAuth): prefer issuing cookies against target host instead of origin
2024-04-14 13:31:24 +02:00
Heikki Hellgren
d5a1fe189b
chore: change most of plugins to use LoggerService
...
quite a big PR for this but the changes are pretty stright forward.
hopefully gets merged before most of these plugins move to the community
repository.
Signed-off-by: Heikki Hellgren <heikki.hellgren@op.fi >
2024-04-13 02:10:13 +03:00
Phil Kuang
438245968b
refactor(cookieAuth): set cookie domain against discovery base url
...
Signed-off-by: Phil Kuang <pkuang@factset.com >
2024-04-11 09:00:42 -04:00
Phil Kuang
2706c3b181
fix(cookieAuth): set cookie against request host instead of origin
...
Signed-off-by: Phil Kuang <pkuang@factset.com >
2024-04-10 16:06:23 -04:00
Fredrik Adelöw
25ea3d22df
break authServiceFactory.ts into smaller bits
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-04-10 15:13:53 +02:00
Fredrik Adelöw
4621ad0fc7
Merge pull request #24145 from backstage/fix/permission-obo
...
ServerPermissionClient: fix targetPluginId
2024-04-10 13:07:22 +02:00
Vincenzo Scamporlino
e20ff0017a
backend-app-api: improve obo not supported error
...
Signed-off-by: Vincenzo Scamporlino <vincenzos@spotify.com >
2024-04-10 11:51:09 +02:00
Phil Kuang
2c50516d51
fix(cookieAuth): prefer issuing cookies against target host instead of origin
...
Signed-off-by: Phil Kuang <pkuang@factset.com >
2024-04-09 17:48:36 -04:00
github-actions[bot]
036b9b3434
Version Packages (next)
2024-04-09 15:55:28 +00:00
Patrik Oldsberg
df279de594
Merge pull request #23719 from backstage/rugvip/app-auth
...
[Auth] Migrate `app-backend` to use new auth services
2024-04-09 17:45:46 +02:00
Patrik Oldsberg
30c7ed4bad
backend-app-api: fix cookie delete response
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-04-09 15:42:25 +02:00
Patrik Oldsberg
d3344eec6f
backend-app-api: use promise router in cookie auth middleware
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-04-09 12:18:32 +02:00
Camila Belo
b01e709ead
refactor: more review refinements
...
Signed-off-by: Camila Belo <camilaibs@gmail.com >
2024-04-08 16:47:25 +02:00
Camila Belo
ffd71105a6
refactor: apply review suggestions
...
Co-authored-by: Patrik Oldsberg <poldsberg@gmail.com >
Signed-off-by: Camila Belo <camilaibs@gmail.com >
2024-04-08 16:47:16 +02:00
Camila Belo
a1950ad5e6
feat: remove cookie on sign out
...
Signed-off-by: Camila Belo <camilaibs@gmail.com >
2024-04-08 16:47:15 +02:00
Camila Belo
f17da85b08
refactor: extract a create cookie middleware
...
Signed-off-by: Camila Belo <camilaibs@gmail.com >
2024-04-08 16:47:05 +02:00
Camila Belo
7b77befdfb
feat: create default get cookie endpoint
...
Signed-off-by: Camila Belo <camilaibs@gmail.com >
2024-04-08 16:47:05 +02:00
Patrik Oldsberg
be5b958ed0
backend-app-api: fix plugin token public key expiration
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-04-08 16:18:32 +02:00
Patrik Oldsberg
ec76818cbd
Merge pull request #24024 from backstage/mob/create-obo-tokens
...
backend-app-api: add support for OBO tokens
2024-04-08 15:28:40 +02:00
Patrik Oldsberg
7978a58ded
backend-app-api: use minimum exp of plugin and obo token
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-04-08 14:21:35 +02:00
Patrik Oldsberg
3b3d9730e8
backend-app-api: added root router test for case without index path
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-04-08 13:54:37 +02:00
Patrik Oldsberg
10327fb855
backend-app-api: deprecate plugin path configuration and fix /api/* 404
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-04-06 15:47:53 +02:00
Patrik Oldsberg
40548a634d
backend-app-api: add routing test for DefaultRootHttpRouter
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-04-06 11:57:11 +02:00
Patrik Oldsberg
d627a67acf
backend-app-api: fix race end DatabaseKeyStore tests
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-04-05 17:01:49 +02:00
Patrik Oldsberg
a5f71d00ff
backend-app-api: reorder auth service methods in implementation
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-04-05 16:17:49 +02:00
Patrik Oldsberg
ae38fbb6b8
backend-app-api: update DatabaseKeyStore to store expiration as string
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-04-05 16:04:37 +02:00
Patrik Oldsberg
4f2aafb86c
backend-app-api: update DatabaseKeyStore to trim expired keys
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-04-05 15:12:45 +02:00
Camila Belo
9920e8f0d5
feat: add support for service obo tokens
...
Signed-off-by: Camila Belo <camilaibs@gmail.com >
Co-authored-by: Patrik Oldsberg <poldsberg@gmail.com >
Co-authored-by: Vincenzo Scamporlino <vinzscam@users.noreply.github.com >
2024-04-05 14:32:34 +02:00
Vincenzo Scamporlino
39de4a7924
backend-app-api: detect legacy auth
...
Co-authored-by: Patrik Oldsberg <poldsberg@gmail.com >
Signed-off-by: Vincenzo Scamporlino <vincenzos@spotify.com >
2024-04-04 14:40:41 +02:00
Vincenzo Scamporlino
ad8f173b78
backend-app-api: move jwks to JwksClient
...
Co-authored-by: Patrik Oldsberg <poldsberg@gmail.com >
Signed-off-by: Vincenzo Scamporlino <vincenzos@spotify.com >
2024-04-04 14:40:41 +02:00
Vincenzo Scamporlino
130b215629
backend-app-api: final service to service refactoring
...
Co-authored-by: Patrik Oldsberg <poldsberg@gmail.com >
Signed-off-by: Vincenzo Scamporlino <vincenzos@spotify.com >
2024-04-04 14:40:41 +02:00
Vincenzo Scamporlino
e1afe84d75
backend-app-api: return valid subject
...
Signed-off-by: Vincenzo Scamporlino <vincenzos@spotify.com >
2024-04-04 14:40:41 +02:00
Vincenzo Scamporlino
701c51abc9
backend-app-api: verify service-to-service token
...
Signed-off-by: Vincenzo Scamporlino <vincenzos@spotify.com >
2024-04-04 14:40:40 +02:00