paulononato/backstage
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

changesets: split changeset for new dangerousEntityRefFallback option

Browse Source 
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com>
This commit is contained in:
Patrik Oldsberg
2025-05-13 12:03:29 +02:00
parent 5cc1f7f3ed
commit ab53e6fed4
3 changed files with 44 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.changeset/tall-suits-share-auth-backend.md
+5
View File
@@ -0,0 +1,5 @@
---
'@backstage/plugin-auth-backend': patch
---
Added support for the new `dangerousEntityRefFallback` option for `signInWithCatalogUser` in `AuthResolverContext`.
.changeset/tall-suits-share-auth-node.md
+38
View File
@@ -0,0 +1,38 @@
---
'@backstage/plugin-auth-node': patch
---
Added a new `dangerousEntityRefFallback` option to the `signInWithCatalogUser` method in `AuthResolverContext`. The option will cause the provided entity reference to be used as a fallback in case the user is not found in the catalog. It is up to the caller to provide the fallback entity reference.
Auth providers that include pre-defined sign-in resolvers are encouraged to define a flag named `dangerouslyAllowSignInWithoutUserInCatalog` in their config, which in turn enables use of the `dangerousEntityRefFallback` option. For example:
```ts
export const usernameMatchingUserEntityName = createSignInResolverFactory({
optionsSchema: z
.object({
dangerouslyAllowSignInWithoutUserInCatalog: z.boolean().optional(),
})
.optional(),
create(options = {}) {
return async (
info: SignInInfo<OAuthAuthenticatorResult<PassportProfile>>,
ctx,
) => {
const { username } = info.result.fullProfile;
if (!username) {
throw new Error('User profile does not contain a username');
}
return ctx.signInWithCatalogUser(
{ entityRef: { name: username } },
{
dangerousEntityRefFallback:
options?.dangerouslyAllowSignInWithoutUserInCatalog
? { entityRef: { name: username } }
: undefined,
},
);
};
},
});
```
.changeset/tall-suits-share.md
+1 -3
View File
@@ -16,8 +16,6 @@
'@backstage/plugin-auth-backend-module-oauth2-provider': patch
'@backstage/plugin-auth-backend-module-oidc-provider': patch
'@backstage/plugin-auth-backend-module-okta-provider': patch
'@backstage/plugin-auth-backend': patch
'@backstage/plugin-auth-node': patch
---
introduce dangerouslyAllowSignInWithoutUserInCatalog auth resolver config
Introduce `dangerouslyAllowSignInWithoutUserInCatalog` auth resolver config.