b6702ea5a2
auth-backend: move getDefaultOwnershipEntityRefs to resolver context
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2025-02-27 13:38:19 +01:00
620de76e57
Merge pull request #28800 from jmadureira/oauth_authenticate_errors
...
Handle errors during an oauth start stage
2025-02-18 15:34:57 +01:00
ab9a6fb321
auth-node: add scopeAlreadyGranted field
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2025-02-12 12:39:54 +01:00
5838e02101
Fixed some styling issues
...
Signed-off-by: João Madureira <jpmadureira@gmail.com >
2025-02-11 13:47:22 +00:00
3b494fa900
Handle errors during an oauth start stage
...
Signed-off-by: João Madureira <jpmadureira@gmail.com >
2025-02-11 13:21:39 +00:00
61f464e864
support user configuration of auth cookie max age
...
Signed-off-by: Jessica He <jhe@redhat.com >
2025-01-28 12:07:03 -05:00
f5de08bca8
Merge pull request #28241 from backstage/rugvip/fixes
...
internal type fixes
2024-12-24 10:44:37 +01:00
8379bf4a80
remove PluginDatabaseManager and PluginEndpointDiscovery
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-12-21 20:49:21 +01:00
d9d62ef90c
remove usages of some backend-common helpers
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-12-21 20:39:23 +01:00
b664b2ae09
internal type fixes
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-12-19 22:04:20 +01:00
c907440f8a
auth-{backend,node}: improved error forwarding from passport helpers
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-11-26 19:03:49 +01:00
89401bc74f
Merge pull request #25952 from allegro-dbargowski/cookie-chunking-for-too-big-cookies-auth-node
...
Fix support for cookies bigger than 4KB in size in plugin-auth-node
2024-10-22 11:27:18 +02:00
387acc4130
Merge pull request #25823 from stephenglass/fix-redirect-error-handling
...
Fix error handling using auth redirect flow
2024-10-14 16:26:23 +02:00
5e5e4a850c
fix redirect error encoding
...
Signed-off-by: Stephen Glass <stephen@stephen.glass >
2024-10-08 09:25:02 -04:00
217458a9a8
auth-node: add allowedDomains options for emailLocalPartMatchingUserEntityName + fixes
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-10-08 01:12:10 +02:00
bbc261bb10
Merge branch 'master' of https://github.com/backstage/backstage into fix-redirect-error-handling
2024-10-01 23:12:47 -04:00
4935d29d15
change code to use search params instead of cookie
...
Signed-off-by: Stephen Glass <stephen@stephen.glass >
2024-10-01 23:12:10 -04:00
f5276a21c7
Adapted to PR feedback
...
Signed-off-by: Gustaf Räntilä <g.rantila@gmail.com >
2024-09-13 16:02:29 +02:00
6f409b7942
fix: Try matching emails without plus addressing
...
Signed-off-by: Gustaf Räntilä <g.rantila@gmail.com >
2024-09-13 11:27:15 +02:00
d908d8c246
feat: migrate auth0 provider to nbs
...
Signed-off-by: Camila Belo <camilaibs@gmail.com >
2024-09-09 10:53:31 +02:00
7c22e9458c
Handle edge cases related to refresh token cookie going under/over the limit.
...
Signed-off-by: Dominik Bargowski <dominik.bargowski@allegro.com >
2024-09-04 11:01:57 +02:00
c46eb0fed2
Extend the "unable to resolve user identity" message
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-09-02 10:43:50 +02:00
a0a9a4a8f5
Fix support for cookies bigger than 4KB in size (i.e. refresh tokens).
...
Signed-off-by: Dominik Bargowski <dominik.bargowski@allegro.com >
2024-08-08 17:52:14 +02:00
b8bbf061fd
Merge pull request #25254 from Zaperex/update-auth-node-signin-resolver
...
chore(auth-node): allow declarative signin resolvers to take precedence
2024-08-06 13:43:56 +02:00
155b901898
update test name
...
Signed-off-by: Stephen Glass <stephen@stephen.glass >
2024-07-29 00:47:32 -04:00
17c9a1a330
add test
...
Signed-off-by: Stephen Glass <stephen@stephen.glass >
2024-07-29 00:45:41 -04:00
5d8649d775
update param name
...
Signed-off-by: Stephen Glass <stephen@stephen.glass >
2024-07-28 23:28:13 -04:00
8542af998a
fix errors with auth redirect flow
...
Signed-off-by: Stephen Glass <stephen@stephen.glass >
2024-07-28 03:15:00 -04:00
c5ce79a14c
Merge pull request #25569 from backstage/nbs10/rename-setup-request-handlers
...
[NBS 1.0]Rename `setupRequestMockHandlers` to `registerMswTestHooks`
2024-07-16 11:01:29 +02:00
b82aff92aa
refactor(test-utils): deprecate the isDockerDisabledForTests function
...
Signed-off-by: Camila Belo <camilaibs@gmail.com >
2024-07-10 17:06:00 +02:00
95a3a0b91c
refactor(test-utils): rename setupRequestMockHandlers to setupMswHandler
...
Signed-off-by: Camila Belo <camilaibs@gmail.com >
2024-07-10 15:45:49 +02:00
aca86a6a00
Address review comments
...
Signed-off-by: Olivier Liechti <olivier.liechti@wasabi-tech.com >
2024-07-10 08:11:02 +02:00
55c1a729ac
Simplify the bug fix, by implementing logic in the PassportHelper
...
Signed-off-by: Olivier Liechti <olivier.liechti@wasabi-tech.com >
2024-07-09 16:29:50 +02:00
579afd0d32
chore(auth-node): allow declarative signin resolvers to take precedence
...
Signed-off-by: Frank Kong <frkong@redhat.com >
2024-06-14 18:33:50 -04:00
bdabd9952e
auth-*: test fixes for new CookieScopeManager
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-06-11 11:30:13 +02:00
dd99788e6b
auth-node: allow additonalScopes to be a string too
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-06-11 11:30:13 +02:00
bb7d150937
auth-node: added CookieScopeManager tests + fixes
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-06-11 11:30:13 +02:00
798ec37c1c
auth-node: initial scope manager refactor
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-06-11 11:30:13 +02:00
776ec144ed
fix: review comments and naming
...
Signed-off-by: Heikki Hellgren <heikki.hellgren@op.fi >
2024-04-15 08:44:56 +03:00
b0ae9ccac4
feat: support for new backend system via extension point
...
Signed-off-by: Heikki Hellgren <heikki.hellgren@op.fi >
2024-04-15 08:21:16 +03:00
ea9262bc9f
feat: allow overriding default ownership resolving
...
This allows to modify the ownership resolving in the auth resolve
context. For example if user wants to include parent groups also to
the ownershipEntityRefs, it's not possible unless the built-in
auth providers are forked and rewritten.
Signed-off-by: Heikki Hellgren <heikki.hellgren@op.fi >
2024-04-15 08:21:16 +03:00
130b215629
backend-app-api: final service to service refactoring
...
Co-authored-by: Patrik Oldsberg <poldsberg@gmail.com >
Signed-off-by: Vincenzo Scamporlino <vincenzos@spotify.com >
2024-04-04 14:40:41 +02:00
ff681360cc
refactor: make token types internal
...
Co-authored-by: Patrik Oldsberg <poldsberg@gmail.com >
Signed-off-by: Camila Belo <camilaibs@gmail.com >
2024-04-03 13:43:54 +02:00
0d2a05418b
backend-app-api,auth: move token typ claim to be a header param
...
Co-authored-by: Camila Belo <camilaibs@gmail.com >
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-04-03 13:12:54 +02:00
018b0910e0
backend-app-api,auth: add ent claim to user identity proof
...
Co-authored-by: Camila Belo <camilaibs@gmail.com >
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-04-03 13:12:54 +02:00
4194ac7200
auth: issue user identity claims and create limited user tokens from them
...
Co-authored-by: Camila Belo <camilaibs@gmail.com >
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-04-03 13:12:54 +02:00
038b2e6894
fix(auth): consider only entities of kind user when using findCatalogUser with filter query
...
Signed-off-by: Elias Rieb <e.rieb@posteo.de >
2024-03-05 09:05:02 +01:00
b4fc6e3164
auth-node: deprecate getBearerTokenFromAuthorizationHeader
...
Co-authored-by: Fredrik Adelöw <freben@gmail.com >
Co-authored-by: Carl-Erik Bergström <cbergstrom@spotify.com >
Co-authored-by: blam <ben@blam.sh >
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-02-23 10:58:21 +01:00
b1b012d065
chore: fix tests and add changeset
...
Signed-off-by: blam <ben@blam.sh >
2024-02-21 12:44:45 +01:00
9b810b9a99
feat: treat providerInfo as a seperate return value
...
Signed-off-by: blam <ben@blam.sh >
2024-02-21 11:43:47 +01:00
Patrik Oldsberg