From 4d74ec0b22b89228541b787ce397104aedfa6db7 Mon Sep 17 00:00:00 2001
From: Patrik Oldsberg <poldsberg@gmail.com>
Date: Fri, 17 Jun 2022 12:44:24 +0200
Subject: [PATCH] auth-backend: remove direct provider exports

Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com>
---
 plugins/auth-backend/api-report.md            | 263 ------------------
 .../src/providers/atlassian/index.ts          |   3 +-
 .../src/providers/atlassian/provider.ts       |   1 +
 plugins/auth-backend/src/providers/index.ts   |  26 +-
 4 files changed, 13 insertions(+), 280 deletions(-)

diff --git a/plugins/auth-backend/api-report.md b/plugins/auth-backend/api-report.md
index 136f9a664d..9e567cc6ab 100644
--- a/plugins/auth-backend/api-report.md
+++ b/plugins/auth-backend/api-report.md
@@ -23,25 +23,6 @@ import { TokenSet } from 'openid-client';
 import { UserEntity } from '@backstage/catalog-model';
 import { UserinfoResponse } from 'openid-client';
 
-// @public
-export const atlassian: Readonly<{
-  create: (
-    options?:
-      | {
-          authHandler?: AuthHandler<OAuthResult> | undefined;
-          signIn?:
-            | {
-                resolver: SignInResolver<OAuthResult>;
-              }
-            | undefined;
-        }
-      | undefined,
-  ) => AuthProviderFactory;
-  resolvers: never;
-}>;
-
-// Warning: (ae-missing-release-tag) "AtlassianAuthProvider" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal)
-//
 // @public @deprecated (undocumented)
 export class AtlassianAuthProvider implements OAuthHandlers {
   // Warning: (ae-forgotten-export) The symbol "AtlassianAuthProviderOptions" needs to be exported by the entry point index.d.ts
@@ -62,23 +43,6 @@ export class AtlassianAuthProvider implements OAuthHandlers {
   start(req: OAuthStartRequest): Promise<RedirectInfo>;
 }
 
-// @public
-export const auth0: Readonly<{
-  create: (
-    options?:
-      | {
-          authHandler?: AuthHandler<OAuthResult> | undefined;
-          signIn?:
-            | {
-                resolver: SignInResolver<OAuthResult>;
-              }
-            | undefined;
-        }
-      | undefined,
-  ) => AuthProviderFactory;
-  resolvers: never;
-}>;
-
 // @public
 export type AuthHandler<TAuthResult> = (
   input: TAuthResult,
@@ -157,21 +121,6 @@ export type AuthResponse<ProviderInfo> = {
   backstageIdentity?: BackstageIdentityResponse;
 };
 
-// @public
-export const awsAlb: Readonly<{
-  create: (
-    options?:
-      | {
-          authHandler?: AuthHandler<AwsAlbResult> | undefined;
-          signIn: {
-            resolver: SignInResolver<AwsAlbResult>;
-          };
-        }
-      | undefined,
-  ) => AuthProviderFactory;
-  resolvers: never;
-}>;
-
 // @public (undocumented)
 export type AwsAlbResult = {
   fullProfile: Profile;
@@ -179,26 +128,6 @@ export type AwsAlbResult = {
   accessToken: string;
 };
 
-// @public
-export const bitbucket: Readonly<{
-  create: (
-    options?:
-      | {
-          authHandler?: AuthHandler<OAuthResult> | undefined;
-          signIn?:
-            | {
-                resolver: SignInResolver<OAuthResult>;
-              }
-            | undefined;
-        }
-      | undefined,
-  ) => AuthProviderFactory;
-  resolvers: Readonly<{
-    usernameMatchingUserEntityAnnotation(): SignInResolver<OAuthResult>;
-    userIdMatchingUserEntityAnnotation(): SignInResolver<OAuthResult>;
-  }>;
-}>;
-
 // Warning: (ae-missing-release-tag) "BitbucketOAuthResult" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal)
 //
 // @public (undocumented)
@@ -277,17 +206,6 @@ export const encodeState: (state: OAuthState) => string;
 // @public (undocumented)
 export const ensuresXRequestedWith: (req: express.Request) => boolean;
 
-// @public
-export const gcpIap: Readonly<{
-  create: (options: {
-    authHandler?: AuthHandler<GcpIapResult> | undefined;
-    signIn: {
-      resolver: SignInResolver<GcpIapResult>;
-    };
-  }) => AuthProviderFactory;
-  resolvers: never;
-}>;
-
 // @public
 export type GcpIapResult = {
   iapToken: GcpIapTokenInfo;
@@ -303,26 +221,6 @@ export type GcpIapTokenInfo = {
 // @public
 export function getDefaultOwnershipEntityRefs(entity: Entity): string[];
 
-// @public
-export const github: Readonly<{
-  create: (
-    options?:
-      | {
-          authHandler?: AuthHandler<GithubOAuthResult> | undefined;
-          signIn?:
-            | {
-                resolver: SignInResolver<GithubOAuthResult>;
-              }
-            | undefined;
-          stateEncoder?: StateEncoder | undefined;
-        }
-      | undefined,
-  ) => AuthProviderFactory;
-  resolvers: Readonly<{
-    usernameMatchingUserEntityName: () => SignInResolver<GithubOAuthResult>;
-  }>;
-}>;
-
 // Warning: (ae-missing-release-tag) "GithubOAuthResult" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal)
 //
 // @public (undocumented)
@@ -337,93 +235,6 @@ export type GithubOAuthResult = {
   refreshToken?: string;
 };
 
-// @public
-export const gitlab: Readonly<{
-  create: (
-    options?:
-      | {
-          authHandler?: AuthHandler<OAuthResult> | undefined;
-          signIn?:
-            | {
-                resolver: SignInResolver<OAuthResult>;
-              }
-            | undefined;
-        }
-      | undefined,
-  ) => AuthProviderFactory;
-  resolvers: never;
-}>;
-
-// @public
-export const google: Readonly<{
-  create: (
-    options?:
-      | {
-          authHandler?: AuthHandler<OAuthResult> | undefined;
-          signIn?:
-            | {
-                resolver: SignInResolver<OAuthResult>;
-              }
-            | undefined;
-        }
-      | undefined,
-  ) => AuthProviderFactory;
-  resolvers: Readonly<{
-    emailLocalPartMatchingUserEntityName: () => SignInResolver<unknown>;
-    emailMatchingUserEntityProfileEmail: () => SignInResolver<unknown>;
-    emailMatchingUserEntityAnnotation(): SignInResolver<OAuthResult>;
-  }>;
-}>;
-
-// @public
-export const microsoft: Readonly<{
-  create: (
-    options?:
-      | {
-          authHandler?: AuthHandler<OAuthResult> | undefined;
-          signIn?:
-            | {
-                resolver: SignInResolver<OAuthResult>;
-              }
-            | undefined;
-        }
-      | undefined,
-  ) => AuthProviderFactory;
-  resolvers: Readonly<{
-    emailLocalPartMatchingUserEntityName: () => SignInResolver<unknown>;
-    emailMatchingUserEntityProfileEmail: () => SignInResolver<unknown>;
-    emailMatchingUserEntityAnnotation(): SignInResolver<OAuthResult>;
-  }>;
-}>;
-
-// @public
-export const oauth2: Readonly<{
-  create: (
-    options?:
-      | {
-          authHandler?: AuthHandler<OAuthResult> | undefined;
-          signIn?:
-            | {
-                resolver: SignInResolver<OAuthResult>;
-              }
-            | undefined;
-        }
-      | undefined,
-  ) => AuthProviderFactory;
-  resolvers: never;
-}>;
-
-// @public
-export const oauth2Proxy: Readonly<{
-  create: (options: {
-    authHandler?: AuthHandler<OAuth2ProxyResult<unknown>> | undefined;
-    signIn: {
-      resolver: SignInResolver<OAuth2ProxyResult<unknown>>;
-    };
-  }) => AuthProviderFactory;
-  resolvers: never;
-}>;
-
 // @public
 export type OAuth2ProxyResult<JWTPayload = {}> = {
   fullProfile: JWTPayload;
@@ -555,67 +366,12 @@ export type OAuthState = {
   scope?: string;
 };
 
-// @public
-export const oidc: Readonly<{
-  create: (
-    options?:
-      | {
-          authHandler?: AuthHandler<OidcAuthResult> | undefined;
-          signIn?:
-            | {
-                resolver: SignInResolver<OidcAuthResult>;
-              }
-            | undefined;
-        }
-      | undefined,
-  ) => AuthProviderFactory;
-  resolvers: never;
-}>;
-
 // @public
 export type OidcAuthResult = {
   tokenset: TokenSet;
   userinfo: UserinfoResponse;
 };
 
-// @public
-export const okta: Readonly<{
-  create: (
-    options?:
-      | {
-          authHandler?: AuthHandler<OAuthResult> | undefined;
-          signIn?:
-            | {
-                resolver: SignInResolver<OAuthResult>;
-              }
-            | undefined;
-        }
-      | undefined,
-  ) => AuthProviderFactory;
-  resolvers: Readonly<{
-    emailLocalPartMatchingUserEntityName: () => SignInResolver<unknown>;
-    emailMatchingUserEntityProfileEmail: () => SignInResolver<unknown>;
-    emailMatchingUserEntityAnnotation(): SignInResolver<OAuthResult>;
-  }>;
-}>;
-
-// @public
-export const onelogin: Readonly<{
-  create: (
-    options?:
-      | {
-          authHandler?: AuthHandler<OAuthResult> | undefined;
-          signIn?:
-            | {
-                resolver: SignInResolver<OAuthResult>;
-              }
-            | undefined;
-        }
-      | undefined,
-  ) => AuthProviderFactory;
-  resolvers: never;
-}>;
-
 // Warning: (ae-missing-release-tag) "postMessageResponse" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal)
 //
 // @public (undocumented)
@@ -897,25 +653,6 @@ export interface RouterOptions {
   tokenManager: TokenManager;
 }
 
-// @public
-export const saml: Readonly<{
-  create: (
-    options?:
-      | {
-          authHandler?: AuthHandler<SamlAuthResult> | undefined;
-          signIn?:
-            | {
-                resolver: SignInResolver<SamlAuthResult>;
-              }
-            | undefined;
-        }
-      | undefined,
-  ) => AuthProviderFactory;
-  resolvers: Readonly<{
-    nameIdMatchingUserEntityName(): SignInResolver<SamlAuthResult>;
-  }>;
-}>;
-
 // @public (undocumented)
 export type SamlAuthResult = {
   fullProfile: any;
diff --git a/plugins/auth-backend/src/providers/atlassian/index.ts b/plugins/auth-backend/src/providers/atlassian/index.ts
index dc6ce77166..8dff0197a3 100644
--- a/plugins/auth-backend/src/providers/atlassian/index.ts
+++ b/plugins/auth-backend/src/providers/atlassian/index.ts
@@ -14,5 +14,4 @@
  * limitations under the License.
  */
 
-export { atlassian } from './provider';
-export type { AtlassianAuthProvider } from './provider';
+export { atlassian, AtlassianAuthProvider } from './provider';
diff --git a/plugins/auth-backend/src/providers/atlassian/provider.ts b/plugins/auth-backend/src/providers/atlassian/provider.ts
index 82feef5369..b693d226a2 100644
--- a/plugins/auth-backend/src/providers/atlassian/provider.ts
+++ b/plugins/auth-backend/src/providers/atlassian/provider.ts
@@ -59,6 +59,7 @@ export const atlassianDefaultAuthHandler: AuthHandler<OAuthResult> = async ({
 });
 
 /**
+ * @public
  * @deprecated This export is deprecated and will be removed in the future.
  */
 export class AtlassianAuthProvider implements OAuthHandlers {
diff --git a/plugins/auth-backend/src/providers/index.ts b/plugins/auth-backend/src/providers/index.ts
index 778783994f..de410a9407 100644
--- a/plugins/auth-backend/src/providers/index.ts
+++ b/plugins/auth-backend/src/providers/index.ts
@@ -14,21 +14,17 @@
  * limitations under the License.
  */
 
-export * from './atlassian';
-export * from './auth0';
-export * from './aws-alb';
-export * from './bitbucket';
-export * from './github';
-export * from './gitlab';
-export * from './google';
-export * from './microsoft';
-export * from './oauth2';
-export * from './oauth2-proxy';
-export * from './oidc';
-export * from './okta';
-export * from './onelogin';
-export * from './saml';
-export * from './gcp-iap';
+export { AtlassianAuthProvider } from './atlassian';
+export type { AwsAlbResult } from './aws-alb';
+export type {
+  BitbucketOAuthResult,
+  BitbucketPassportProfile,
+} from './bitbucket';
+export type { GithubOAuthResult } from './github';
+export type { OAuth2ProxyResult } from './oauth2-proxy';
+export type { OidcAuthResult } from './oidc';
+export type { SamlAuthResult } from './saml';
+export type { GcpIapResult, GcpIapTokenInfo } from './gcp-iap';
 
 export { providers, defaultAuthProviderFactories } from './providers';