Patrik OldsbergAuth Backend
WORK IN PROGRESS
This is the backend part of the auth plugin.
It responds to auth requests from the frontend, and fulfills them by delegating to the appropriate provider in the backend.
Local development
Choose your OAuth Providers, replace x with actual value and then start backend:
Example for Google Oauth Provider at root directory:
export AUTH_GOOGLE_CLIENT_ID=x
export AUTH_GOOGLE_CLIENT_SECRET=x
yarn --cwd packages/backend start
export AUTH_GOOGLE_CLIENT_ID=x
export AUTH_GOOGLE_CLIENT_SECRET=x
Github
Creating a GitHub OAuth application
Follow this link, Create new OAuth App.
- Set Application Name to
backstage-devor something along those lines. - You can set the Homepage URL to whatever you want to.
- The Authorization Callback URL should match the redirect URI set in Backstage.
- Set this to
http://localhost:7000/auth/githubfor local development. - Set this to
http://{APP_FQDN}:{APP_BACKEND_PORT}/auth/githubfor non-local deployments.
- Set this to
export AUTH_GITHUB_CLIENT_ID=x
export AUTH_GITHUB_CLIENT_SECRET=x
for github enterprise:
export AUTH_GITHUB_CLIENT_ID=x
export AUTH_GITHUB_CLIENT_SECRET=x
export AUTH_GITHUB_ENTERPRISE_INSTANCE_URL=https://x
Gitlab
export GITLAB_BASE_URL=x # default is https://gitlab.com
export AUTH_GITLAB_CLIENT_ID=x
export AUTH_GITLAB_CLIENT_SECRET=x
Okta
export AUTH_OKTA_AUDIENCE=x
export AUTH_OKTA_CLIENT_ID=x
export AUTH_OKTA_CLIENT_SECRET=x
SAML
To try out SAML, you can use the mock identity provider:
./scripts/start-saml-idp.sh
Authentication providers
Links
- (The Backstage homepage)[https://backstage.io]