Patrik Oldsberg
812700e590
Merge pull request #20580 from ataylorme/feat/okta-auth-scope-option
...
Allow user-defined scopes for Okta auth in config yaml
2023-11-14 11:45:20 +01:00
Alex Crome
11153a019d
Merge remote-tracking branch 'upstream/master' into entra-rename
2023-10-28 10:39:42 +01:00
ataylorme
5ae8214a4d
Better naming of variable
...
Signed-off-by: ataylorme <andrew@ataylor.me >
2023-10-26 08:05:13 -07:00
ataylorme
8466307819
Use additionalScopes for Okta auth instead of overriding scope entirely
...
Signed-off-by: ataylorme <andrew@ataylor.me >
2023-10-26 05:36:02 -07:00
Patrik Oldsberg
664e86f7f9
Merge pull request #19649 from rtriesscheijn/feature/fixed-token-issuer
...
feature(auth-backend): add a stable token issuer
2023-10-24 11:58:13 +02:00
Patrik Oldsberg
96c4f54bf6
auth-backend: revert microsoft auth implementation
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-10-23 12:25:17 +02:00
Alex Crome
243c655a68
Updated Azure Active Directory to Entra ID
...
Microsoft have renamed Azure Active Directory to Entra ID. https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/new-name . This PR updates references to AAD to refer to Entra ID.
* On each documentation page, I include `formerly Azure Active Directory` in the first non heading reference to Entra ID. This will help anyone unfaimiliar withthe name change, and will also mean the page continues to show up in search results if people search for the old name.
* I didn't correct references in file names, as this would cause broken links. If we have a way of redirecting those to new urls I can look at doign that, but if not, I think it's better to leave existing links working.
* There were a few references to AAD in release notes for older versions - I left these alone as the product naming was correct at the time of the release notes.
* LDAP provider still has references to "Active Directory" as these reference to the on premise Active Directory, not Azure Active Directory
Signed-off-by: Alex Crome <afscrome@users.noreply.github.com >
2023-10-19 23:11:35 +01:00
Fredrik Adelöw
1600baf59d
Merge pull request #20558 from backstage/freben/usehotmemoize
...
stop using `useHotMemoize`
2023-10-17 13:41:50 +02:00
rtriesscheijn
4bbde87a2e
fix: pass full config to StaticTokenIssuer, documentation and test tweaks
...
Signed-off-by: rtriesscheijn <rtriesscheijn@bol.com >
2023-10-17 09:08:42 +02:00
rtriesscheijn
d120af630c
feat: read static key store config safely
...
Signed-off-by: rtriesscheijn <rtriesscheijn@bol.com >
2023-10-16 13:25:34 +02:00
rtriesscheijn
bdf08ad04a
feat: add static token issuer
...
Signed-off-by: rtriesscheijn <rtriesscheijn@bol.com >
2023-10-16 10:48:48 +02:00
ataylorme
1185e30cb4
Add test for okta auth custom scope
...
Signed-off-by: ataylorme <andrew@ataylor.me >
2023-10-13 15:11:11 -07:00
ataylorme
609a95492e
Allow user-defined scopes for Okta auth in config yaml
...
- Accept a new scope option during okta creation with `createAuthProviderIntegration`
- Pass the user-defined `scope` as an option to `OktaAuthProvider`
- Add `scope` as an option for `OktaAuthProvider`
- Set `scope` in `OktaAuthProvider` to the `scope` passed as an `option` or a default of `'openid email profile offline_access'` if a user-defined option is not provided
- Update the `start` and `refresh` methods to use `scope` from `OktaAuthProvider` rather than `scope` from the request
Signed-off-by: ataylorme <andrew@ataylor.me >
2023-10-13 11:43:39 -07:00
Markus
c58f8264f1
fix: empty scope in oidc client response
...
Signed-off-by: Markus <mail@markussiebert.com >
2023-10-12 17:56:49 +02:00
Fredrik Adelöw
dd0350379b
stop using useHotMemoize
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2023-10-12 10:03:58 +02:00
Fredrik Adelöw
ba9c46bdd7
stop using SingleHostDiscovery
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2023-10-12 09:22:23 +02:00
Chris Gemmell
2dfeb4b612
fixed
...
Signed-off-by: Chris Gemmell <chris.gemmell8@gmail.com >
2023-09-23 16:42:43 +10:00
Chris
2d8f7e82c1
auth-backend: migrate microsoft provider to separate module
...
Signed-off-by: Chris Gemmell <chris.gemmell8@gmail.com >
2023-09-23 15:26:40 +10:00
Andre Wanlin
ee8f53966f
Changed to address feedback
...
Signed-off-by: Andre Wanlin <67169551+awanlin@users.noreply.github.com >
2023-09-11 12:37:31 -05:00
Patrik Oldsberg
71114ac50e
plugins: refactory to use default export for new backend system
...
Co-authored-by: Fredrik Adelöw <freben@gmail.com >
Co-authored-by: Camila Belo <camilaibs@gmail.com >
Co-authored-by: Johan Haals <johan.haals@gmail.com >
Co-authored-by: Philipp Hugenroth <philipph@spotify.com >
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-09-07 18:53:48 +02:00
Fredrik Adelöw
f57281bc7e
revert #19602
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2023-08-29 13:07:51 +02:00
Patrick Jungermann
0fa3a43d87
chore(deps): replace passport-saml with @node-saml/passport-saml
...
`passport-saml` was deprecated and replaced by `@node-saml/passport-saml`
since version 4.0.0.
Relates-to: #18083
Signed-off-by: Patrick Jungermann <Patrick.Jungermann@gmail.com >
2023-08-25 15:16:52 +02:00
Patrik Oldsberg
080cc77947
auth-backend: migrate gitlab provider to separate module
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-22 13:44:42 +02:00
Patrik Oldsberg
72f7979fd2
auth-backend: migrate github provider
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-20 16:02:55 +02:00
Patrik Oldsberg
18619f793c
auth-backend: track backstage session expiration separately
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-19 13:39:02 +02:00
Patrik Oldsberg
7944d43f47
auth-backend: add plugin export for new backend system
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-18 15:06:41 +02:00
Patrik Oldsberg
0f0e2a378b
auth-backend: fix oauth state test
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:25 +02:00
Patrik Oldsberg
961179c533
auth-backend: deprecate more types that have been indirectly moved to auth-node
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:25 +02:00
Patrik Oldsberg
9ae287521a
auth-backend: fix legacy adaopter test
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:25 +02:00
Patrik Oldsberg
258b410cad
auth refactor type fixes
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:25 +02:00
Patrik Oldsberg
3db911fc98
auth-backend: pass through global config values at top-level
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:25 +02:00
Patrik Oldsberg
7ab7ad5c79
auth-backend: refactor google provider tests
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:25 +02:00
Patrik Oldsberg
0d078740e8
auth-backend: move gcp-iap provider test
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:25 +02:00
Patrik Oldsberg
9aeb35adce
auth-backend: migrate gcp-iap provider to use new system
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:24 +02:00
Patrik Oldsberg
647929a483
auth-backend: migrate google provider to use new system
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:24 +02:00
Patrik Oldsberg
23a8fa5025
auth-backend: spelling fix
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:24 +02:00
Patrik Oldsberg
549dd6db12
auth-backend: added new to legacy sign-in resolvers transform
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:24 +02:00
Patrik Oldsberg
7d29ca8e8c
auth-backend: added legacy sign-in resolver transform
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:24 +02:00
Patrik Oldsberg
705ac88dcc
auth-backend: added legacy authHandler transform
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:24 +02:00
Patrik Oldsberg
a4d47d29ad
auth-backend: more deprecations in lib
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:24 +02:00
Patrik Oldsberg
2f214950a3
add auth-backend-module-iap-provider
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:24 +02:00
Patrik Oldsberg
969f9f2553
auth-backend: deprecate OAuth types
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:24 +02:00
Patrik Oldsberg
afdfeb7974
auth-backend: deprecate OAuthAdapter
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:23 +02:00
Patrik Oldsberg
112e45e37f
auth-backend: move OAuthEnvironmentHandler to auth-node
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:23 +02:00
Patrik Oldsberg
48793dfc95
auth-backend: move prepareBackstageIdentityResponse to auth-node
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:23 +02:00
Patrik Oldsberg
b62b47a6dd
auth-backend: move a couple more types to auth-node
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:23 +02:00
Patrik Oldsberg
6c7952ee85
auth-backend: move CookieConfigurer to auth-node
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:23 +02:00
Patrik Oldsberg
318816cef9
auth-backend: move a few types to auth-node
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:22 +02:00
Patrik Oldsberg
747712f930
auth-backend: add optional token_type field in OAuthResult
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:22 +02:00
Patrik Oldsberg
1c522713cd
auth-backend: throw error if sign-in result does not contain token when preparting identity response
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-09 10:42:22 +02:00