paulononato/backstage
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Add checks for blank cert and implement logout configs

Browse Source
This commit is contained in:
Joel Low
2021-01-08 13:03:15 +08:00
parent 722ad34067
commit 468579734a
3 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.changeset/smooth-pigs-deny.md
+5
View File
@@ -0,0 +1,5 @@
---
'@backstage/plugin-auth-backend': patch
---
Allow blank certificates and support logout URLs in the SAML provider.
plugins/auth-backend/config.d.ts
Vendored
+1
View File
@@ -46,6 +46,7 @@ export interface Config {
};
saml?: {
entryPoint: string;
logoutUrl?: string;
issuer: string;
cert?: string;
privateKey?: string;
plugins/auth-backend/src/providers/saml/provider.ts
+6
View File
@@ -129,6 +129,7 @@ export const createSamlProvider: AuthProviderFactory = ({
const opts = {
callbackUrl: `${globalConfig.baseUrl}/${providerId}/handler/frame`,
entryPoint: config.getString('entryPoint'),
logoutUrl: config.getOptionalString('logoutUrl'),
issuer: config.getString('issuer'),
cert: config.getOptionalString('cert'),
privateCert: config.getOptionalString('privateKey'),
@@ -142,5 +143,10 @@ export const createSamlProvider: AuthProviderFactory = ({
appUrl: globalConfig.appUrl,
};
// passport-saml will return an error if the `cert` key is set, and the value is empty.
// Since we read from config (such as environment variables) an empty string should be equal to being unset.
if (!opts.cert) {
delete opts.cert;
}
return new SamlAuthProvider(opts);
};