Camila Belo
b82aff92aa
refactor(test-utils): deprecate the isDockerDisabledForTests function
...
Signed-off-by: Camila Belo <camilaibs@gmail.com >
2024-07-10 17:06:00 +02:00
Camila Belo
95a3a0b91c
refactor(test-utils): rename setupRequestMockHandlers to setupMswHandler
...
Signed-off-by: Camila Belo <camilaibs@gmail.com >
2024-07-10 15:45:49 +02:00
Fredrik Adelöw
78c777b85a
Merge pull request #24729 from kuangp/feat/userInfo
...
feat(userInfo): implement persisting user info to support limited tokens
2024-06-17 13:03:53 +02:00
Phil Kuang
4a50a87364
refactor(userInfo): minor updates
...
Signed-off-by: Phil Kuang <pkuang@factset.com >
2024-06-16 10:52:53 -04:00
Fredrik Adelöw
d00af0915c
Merge pull request #24353 from matteosilv/onelogin-provider
...
New OneLogin auth backend module
2024-06-10 16:10:44 +02:00
Phil Kuang
79b0b1f3d3
refactor(userInfo): store full claims
...
Signed-off-by: Phil Kuang <pkuang@factset.com >
2024-06-07 18:21:33 -04:00
Camila Belo
737f3ae5ef
Merge branch 'master' into camilaibs/nbs10-deprecate-legacy-system-commons
...
Signed-off-by: Camila Belo <camilaibs@gmail.com >
2024-05-21 15:12:02 +02:00
Fredrik Adelöw
3e1bb15674
fixup
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-05-21 10:35:44 +02:00
Matteo Silvestri
dab4cf2814
drafting onelogin auth backend module
...
Signed-off-by: Matteo Silvestri <matteosilv@gmail.com >
2024-05-21 10:35:44 +02:00
Camila Belo
8869b8ef30
refactor: stop using the legacy standalone server
...
Signed-off-by: Camila Belo <camilaibs@gmail.com >
2024-05-17 11:37:04 +02:00
Camila Belo
eb34b87d5a
refactor: stop using getVoidLogger in tests
...
Signed-off-by: Camila Belo <camilaibs@gmail.com >
2024-05-16 09:21:54 +02:00
Phil Kuang
3e823d3e14
feat(userInfo): implement persisting user info to support limited tokens
...
Signed-off-by: Phil Kuang <pkuang@factset.com >
2024-05-13 13:09:43 -04:00
Camila Belo
d229dc49ad
refator(backend-common): extract path utilities to plugin api
...
Signed-off-by: Camila Belo <camilaibs@gmail.com >
2024-05-13 13:23:45 +02:00
Patrik Oldsberg
ee5173fd5e
Merge pull request #22765 from drodil/auth_resolver_override
...
feat: allow overriding default ownership resolving
2024-04-23 16:44:50 +02:00
Patrick Jungermann
ba763b6d86
feat(auth): migrate Bitbucket auth provider to module package
...
Migrate the Bitbucket auth provider to the new `@backstage/plugin-auth-backend-module-bitbucket-provider` module package.
Relates-to: #19476
Signed-off-by: Patrick Jungermann <Patrick.Jungermann@gmail.com >
2024-04-16 12:48:16 +02:00
YAEGASHI Takeshi
f02fe79de0
Refactor auth-backend azure-easyauth provider
...
Signed-off-by: YAEGASHI Takeshi <yaegashi@gmail.com >
2024-04-16 11:55:35 +02:00
Heikki Hellgren
776ec144ed
fix: review comments and naming
...
Signed-off-by: Heikki Hellgren <heikki.hellgren@op.fi >
2024-04-15 08:44:56 +03:00
Heikki Hellgren
b0ae9ccac4
feat: support for new backend system via extension point
...
Signed-off-by: Heikki Hellgren <heikki.hellgren@op.fi >
2024-04-15 08:21:16 +03:00
Heikki Hellgren
ea9262bc9f
feat: allow overriding default ownership resolving
...
This allows to modify the ownership resolving in the auth resolve
context. For example if user wants to include parent groups also to
the ownershipEntityRefs, it's not possible unless the built-in
auth providers are forked and rewritten.
Signed-off-by: Heikki Hellgren <heikki.hellgren@op.fi >
2024-04-15 08:21:16 +03:00
Fredrik Adelöw
c26218d351
extract the cloudflare access auth provider
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-04-14 11:39:33 +02:00
Patrik Oldsberg
bf4d71a729
auth-backend: add initial userinfo endpoint
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-04-08 17:11:46 +02:00
Camila Belo
ff681360cc
refactor: make token types internal
...
Co-authored-by: Patrik Oldsberg <poldsberg@gmail.com >
Signed-off-by: Camila Belo <camilaibs@gmail.com >
2024-04-03 13:43:54 +02:00
Patrik Oldsberg
0d2a05418b
backend-app-api,auth: move token typ claim to be a header param
...
Co-authored-by: Camila Belo <camilaibs@gmail.com >
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-04-03 13:12:54 +02:00
Patrik Oldsberg
018b0910e0
backend-app-api,auth: add ent claim to user identity proof
...
Co-authored-by: Camila Belo <camilaibs@gmail.com >
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-04-03 13:12:54 +02:00
Fredrik Adelöw
4194ac7200
auth: issue user identity claims and create limited user tokens from them
...
Co-authored-by: Camila Belo <camilaibs@gmail.com >
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-04-03 13:12:54 +02:00
Patrik Oldsberg
9966baab13
Merge pull request #23308 from Roshick/patch-2
...
fix(auth): filter only for users in emailMatchingUserEntityProfileEmail resolver
2024-03-25 16:02:01 +01:00
Ben Lambert
2c61fae153
Merge pull request #23582 from manuelfalcon/fixing-refresh-onelogin-auth-provider
...
OneLogin auth provider refresh method fixing scope as start method
2024-03-19 14:31:41 +01:00
Patrik Oldsberg
d202a258d1
Merge pull request #23265 from swnia/master
...
Fix for atlassian OAuth flow
2024-03-19 10:05:16 +01:00
manuel.falcon
7c29e7fdbe
OneLogin auth provider refresh method fixing scope as start method
...
Signed-off-by: manuel.falcon <manuel.falcon@glovoapp.com >
2024-03-15 15:29:45 +01:00
Elias Rieb
002bc3bf74
fix code and add test
...
Signed-off-by: Elias Rieb <e.rieb@posteo.de >
2024-03-12 18:04:42 +01:00
Fredrik Adelöw
469c9c59e8
prettier
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-03-12 13:17:57 +01:00
Fredrik Adelöw
5a146a15fc
Update plugins/auth-backend/src/lib/resolvers/CatalogAuthResolverContext.ts
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-03-12 12:12:33 +01:00
Elias Rieb
038b2e6894
fix(auth): consider only entities of kind user when using findCatalogUser with filter query
...
Signed-off-by: Elias Rieb <e.rieb@posteo.de >
2024-03-05 09:05:02 +01:00
Severin Wischmann
10268db725
Removed unused config value
...
The config value `audience` was used to set the baseUrl which has a static value.
The audience parameter is static in the used library. Therefore, the reading of the config value was removed.
Signed-off-by: Severin Wischmann <severinwischmann@nianticlabs.com >
2024-03-01 10:44:42 +01:00
Fredrik Adelöw
95aee1904e
Merge pull request #22211 from tylerd-canva/tylerd/cfaccess-token-poc
...
Add support for Cloudflare Access Tokens to `cfaccess` Auth Provider
2024-02-27 10:20:32 +01:00
Patrik Oldsberg
492fe83977
auth-backend: migrate to support new auth services
...
Co-authored-by: Fredrik Adelöw <freben@gmail.com >
Co-authored-by: Carl-Erik Bergström <cbergstrom@spotify.com >
Co-authored-by: blam <ben@blam.sh >
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-02-23 10:58:13 +01:00
Tyler Davis
bfd0d62351
update tests
...
Signed-off-by: Tyler Davis <tylerd@canva.com >
2024-02-22 17:31:59 +11:00
Tyler Davis
0d1ad9faf9
PR feedback: change structure of serviceTokens config
...
Signed-off-by: Tyler Davis <tylerd@canva.com >
2024-02-22 17:20:55 +11:00
Tyler Davis
3191d616e8
pr feedback: make service tokens configurable
...
Signed-off-by: Tyler Davis <tylerd@canva.com >
2024-02-22 17:20:55 +11:00
Tyler Davis
293c835e05
Add support for Service Tokens to the cfaccess auth provider
...
Signed-off-by: Tyler Davis <tylerd@canva.com >
2024-02-22 16:30:23 +11:00
Fredrik Adelöw
fa7ea3f2f0
break out the providers router into a separate file
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-02-16 14:33:10 +01:00
Fredrik Adelöw
f5e04e39d2
move away from deprecated types, import from auth-node
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-02-16 12:59:21 +01:00
Patrik Oldsberg
a3b3e1bf8a
Merge pull request #22767 from backstage/rugvip/fix
...
explore: fix GroupsDiagram test
2024-02-06 15:52:39 +01:00
Patrik Oldsberg
0cd6325602
Merge pull request #22580 from secustor/chore/migrate-passport-saml
...
chore(plugins/auth-backend): migrate from passport-saml package to @node-saml/passport-saml
2024-02-06 15:03:51 +01:00
Patrik Oldsberg
a9e0107111
auth-backend: refuse to issue excessively large tokens
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2024-02-06 15:02:24 +01:00
secustor
d589a0488d
expose new needed configuration options
...
Signed-off-by: secustor <sebastian@poxhofer.at >
2024-02-06 10:09:52 +01:00
Aramis
ee3cbed39d
remove symmetric keys
...
Signed-off-by: Aramis <sennyeyaramis@gmail.com >
2024-02-04 10:46:50 -05:00
Aramis
4a89bc48b1
add support for service-to-service auth external callers
...
Signed-off-by: Aramis <sennyeyaramis@gmail.com >
2024-02-04 10:46:50 -05:00
Aramis
f6dfb17b78
add additional scopes
...
Signed-off-by: Aramis <sennyeyaramis@gmail.com >
2024-02-04 10:46:49 -05:00
Aramis
c3a91f8213
fix(auth): add support for additional alg values
...
Signed-off-by: Aramis <sennyeyaramis@gmail.com >
2024-02-04 10:46:49 -05:00