Skip to content

Commit 836cc5e

Browse files
authored
fix: refactor authProviderModule and dangerouslyAllowSignInWithoutUserInCatalog config (#2354)
* fix dangerouslyAllowSignInWithoutUserInCatalog with OIDC Signed-off-by: Jessica He <[email protected]> * fix/patch rest of auth providers Signed-off-by: Jessica He <[email protected]> * update auth provider e2e tests Signed-off-by: Jessica He <[email protected]> --------- Signed-off-by: Jessica He <[email protected]>
1 parent 466367a commit 836cc5e

File tree

28 files changed

+1714
-357
lines changed

28 files changed

+1714
-357
lines changed
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,62 @@
1+
diff --git a/dist/index.d.ts b/dist/index.d.ts
2+
index 48136a1320584e3af0abfd4b7e5d28bfc77368f6..bde4ec87b64984d49397a85564264bbbd98f7f72 100644
3+
--- a/dist/index.d.ts
4+
+++ b/dist/index.d.ts
5+
@@ -17,7 +17,9 @@ declare namespace atlassianSignInResolvers {
6+
/**
7+
* Looks up the user by matching their Atlassian username to the entity name.
8+
*/
9+
- const usernameMatchingUserEntityName: _backstage_plugin_auth_node.SignInResolverFactory<OAuthAuthenticatorResult<PassportProfile>, unknown>;
10+
+ const usernameMatchingUserEntityName: _backstage_plugin_auth_node.SignInResolverFactory<OAuthAuthenticatorResult<PassportProfile>, {
11+
+ dangerouslyAllowSignInWithoutUserInCatalog?: boolean | undefined;
12+
+ } | undefined>;
13+
}
14+
15+
export { atlassianAuthenticator, atlassianSignInResolvers, authModuleAtlassianProvider as default };
16+
diff --git a/dist/resolvers.cjs.js b/dist/resolvers.cjs.js
17+
index 58621485a7d045b7c26dc1e28814c8f5c9f15729..326f6070dfbb4b7e5fe854d7f497d916d75c0a3a 100644
18+
--- a/dist/resolvers.cjs.js
19+
+++ b/dist/resolvers.cjs.js
20+
@@ -1,18 +1,31 @@
21+
'use strict';
22+
23+
var pluginAuthNode = require('@backstage/plugin-auth-node');
24+
+var zod = require('zod');
25+
26+
exports.atlassianSignInResolvers = void 0;
27+
((atlassianSignInResolvers2) => {
28+
atlassianSignInResolvers2.usernameMatchingUserEntityName = pluginAuthNode.createSignInResolverFactory({
29+
- create() {
30+
+ optionsSchema: zod.z.object({
31+
+ dangerouslyAllowSignInWithoutUserInCatalog: zod.z.boolean().optional()
32+
+ }).optional(),
33+
+ create(options = {}) {
34+
return async (info, ctx) => {
35+
const { result } = info;
36+
const id = result.fullProfile.username;
37+
if (!id) {
38+
throw new Error(`Atlassian user profile does not contain a username`);
39+
}
40+
- return ctx.signInWithCatalogUser({ entityRef: { name: id } });
41+
+ try {
42+
+ return await ctx.signInWithCatalogUser({ entityRef: { name: id } });
43+
+ } catch (error) {
44+
+ return await pluginAuthNode.handleSignInUserNotFound({
45+
+ ctx,
46+
+ error,
47+
+ userEntityName: id,
48+
+ dangerouslyAllowSignInWithoutUserInCatalog: options?.dangerouslyAllowSignInWithoutUserInCatalog
49+
+ });
50+
+ }
51+
};
52+
}
53+
});
54+
diff --git a/dist/resolvers.cjs.js.map b/dist/resolvers.cjs.js.map
55+
index 050a899e3e01fa6023a99fc63ce5fbcbfb14450e..89e1c3f72e24ae552f8a944953d16633a37deb54 100644
56+
--- a/dist/resolvers.cjs.js.map
57+
+++ b/dist/resolvers.cjs.js.map
58+
@@ -1 +1 @@
59+
-{"version":3,"file":"resolvers.cjs.js","sources":["../src/resolvers.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n createSignInResolverFactory,\n OAuthAuthenticatorResult,\n PassportProfile,\n SignInInfo,\n} from '@backstage/plugin-auth-node';\n\n/**\n * Available sign-in resolvers for the Atlassian auth provider.\n *\n * @public\n */\nexport namespace atlassianSignInResolvers {\n /**\n * Looks up the user by matching their Atlassian username to the entity name.\n */\n export const usernameMatchingUserEntityName = createSignInResolverFactory({\n create() {\n return async (\n info: SignInInfo<OAuthAuthenticatorResult<PassportProfile>>,\n ctx,\n ) => {\n const { result } = info;\n\n const id = result.fullProfile.username;\n if (!id) {\n throw new Error(`Atlassian user profile does not contain a username`);\n }\n\n return ctx.signInWithCatalogUser({ entityRef: { name: id } });\n };\n },\n });\n}\n"],"names":["atlassianSignInResolvers","createSignInResolverFactory"],"mappings":";;;;AA4BiBA;AAAA,CAAV,CAAUA,yBAAV,KAAA;AAIE,EAAMA,yBAAAA,CAAA,iCAAiCC,0CAA4B,CAAA;AAAA,IACxE,MAAS,GAAA;AACP,MAAO,OAAA,OACL,MACA,GACG,KAAA;AACH,QAAM,MAAA,EAAE,QAAW,GAAA,IAAA;AAEnB,QAAM,MAAA,EAAA,GAAK,OAAO,WAAY,CAAA,QAAA;AAC9B,QAAA,IAAI,CAAC,EAAI,EAAA;AACP,UAAM,MAAA,IAAI,MAAM,CAAoD,kDAAA,CAAA,CAAA;AAAA;AAGtE,QAAO,OAAA,GAAA,CAAI,sBAAsB,EAAE,SAAA,EAAW,EAAE,IAAM,EAAA,EAAA,IAAM,CAAA;AAAA,OAC9D;AAAA;AACF,GACD,CAAA;AAAA,CApBc,EAAAD,gCAAA,KAAAA,gCAAA,GAAA,EAAA,CAAA,CAAA;;"}
60+
\ No newline at end of file
61+
+{"version":3,"file":"resolvers.cjs.js","sources":["../src/resolvers.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n createSignInResolverFactory,\n handleSignInUserNotFound,\n OAuthAuthenticatorResult,\n PassportProfile,\n SignInInfo,\n} from '@backstage/plugin-auth-node';\nimport { z } from 'zod';\n\n/**\n * Available sign-in resolvers for the Atlassian auth provider.\n *\n * @public\n */\nexport namespace atlassianSignInResolvers {\n /**\n * Looks up the user by matching their Atlassian username to the entity name.\n */\n export const usernameMatchingUserEntityName = createSignInResolverFactory({\n optionsSchema: z\n .object({\n dangerouslyAllowSignInWithoutUserInCatalog: z.boolean().optional(),\n })\n .optional(),\n create(options = {}) {\n return async (\n info: SignInInfo<OAuthAuthenticatorResult<PassportProfile>>,\n ctx,\n ) => {\n const { result } = info;\n\n const id = result.fullProfile.username;\n if (!id) {\n throw new Error(`Atlassian user profile does not contain a username`);\n }\n\n try {\n return await ctx.signInWithCatalogUser({ entityRef: { name: id } });\n } catch (error) {\n return await handleSignInUserNotFound({\n ctx,\n error,\n userEntityName: id,\n dangerouslyAllowSignInWithoutUserInCatalog:\n options?.dangerouslyAllowSignInWithoutUserInCatalog,\n });\n }\n };\n },\n });\n}\n"],"names":["atlassianSignInResolvers","createSignInResolverFactory","z","handleSignInUserNotFound"],"mappings":";;;;;AA8BiBA;AAAA,CAAV,CAAUA,yBAAV,KAAA;AAIE,EAAMA,yBAAAA,CAAA,iCAAiCC,0CAA4B,CAAA;AAAA,IACxE,aAAA,EAAeC,MACZ,MAAO,CAAA;AAAA,MACN,0CAA4C,EAAAA,KAAA,CAAE,OAAQ,EAAA,CAAE,QAAS;AAAA,KAClE,EACA,QAAS,EAAA;AAAA,IACZ,MAAA,CAAO,OAAU,GAAA,EAAI,EAAA;AACnB,MAAO,OAAA,OACL,MACA,GACG,KAAA;AACH,QAAM,MAAA,EAAE,QAAW,GAAA,IAAA;AAEnB,QAAM,MAAA,EAAA,GAAK,OAAO,WAAY,CAAA,QAAA;AAC9B,QAAA,IAAI,CAAC,EAAI,EAAA;AACP,UAAM,MAAA,IAAI,MAAM,CAAoD,kDAAA,CAAA,CAAA;AAAA;AAGtE,QAAI,IAAA;AACF,UAAO,OAAA,MAAM,IAAI,qBAAsB,CAAA,EAAE,WAAW,EAAE,IAAA,EAAM,EAAG,EAAA,EAAG,CAAA;AAAA,iBAC3D,KAAO,EAAA;AACd,UAAA,OAAO,MAAMC,uCAAyB,CAAA;AAAA,YACpC,GAAA;AAAA,YACA,KAAA;AAAA,YACA,cAAgB,EAAA,EAAA;AAAA,YAChB,4CACE,OAAS,EAAA;AAAA,WACZ,CAAA;AAAA;AACH,OACF;AAAA;AACF,GACD,CAAA;AAAA,CAnCc,EAAAH,gCAAA,KAAAA,gCAAA,GAAA,EAAA,CAAA,CAAA;;"}
62+
\ No newline at end of file
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,71 @@
1+
diff --git a/dist/index.d.ts b/dist/index.d.ts
2+
index d10c3f272d0d204402a70d8ce848b745eb9d17c4..fa9d82893de040aa056e3e34cf6ba791b5a30369 100644
3+
--- a/dist/index.d.ts
4+
+++ b/dist/index.d.ts
5+
@@ -18,7 +18,9 @@ declare const azureEasyAuthAuthenticator: _backstage_plugin_auth_node.ProxyAuthe
6+
7+
/** @public */
8+
declare namespace azureEasyAuthSignInResolvers {
9+
- const idMatchingUserEntityAnnotation: _backstage_plugin_auth_node.SignInResolverFactory<AzureEasyAuthResult, unknown>;
10+
+ const idMatchingUserEntityAnnotation: _backstage_plugin_auth_node.SignInResolverFactory<AzureEasyAuthResult, {
11+
+ dangerouslyAllowSignInWithoutUserInCatalog?: boolean | undefined;
12+
+ } | undefined>;
13+
}
14+
15+
export { type AzureEasyAuthResult, azureEasyAuthAuthenticator, azureEasyAuthSignInResolvers, authModuleAzureEasyAuthProvider as default };
16+
diff --git a/dist/resolvers.cjs.js b/dist/resolvers.cjs.js
17+
index 3da68275e976cc5550755d31c753ad51290a1a8a..907923a989c73acd2d2880e041d3c3d0923e645e 100644
18+
--- a/dist/resolvers.cjs.js
19+
+++ b/dist/resolvers.cjs.js
20+
@@ -1,11 +1,15 @@
21+
'use strict';
22+
23+
var pluginAuthNode = require('@backstage/plugin-auth-node');
24+
+var zod = require('zod');
25+
26+
exports.azureEasyAuthSignInResolvers = void 0;
27+
((azureEasyAuthSignInResolvers2) => {
28+
azureEasyAuthSignInResolvers2.idMatchingUserEntityAnnotation = pluginAuthNode.createSignInResolverFactory({
29+
- create() {
30+
+ optionsSchema: zod.z.object({
31+
+ dangerouslyAllowSignInWithoutUserInCatalog: zod.z.boolean().optional()
32+
+ }).optional(),
33+
+ create(options = {}) {
34+
return async (info, ctx) => {
35+
const {
36+
fullProfile: { id }
37+
@@ -13,11 +17,20 @@ exports.azureEasyAuthSignInResolvers = void 0;
38+
if (!id) {
39+
throw new Error("User profile contained no id");
40+
}
41+
- return await ctx.signInWithCatalogUser({
42+
- annotations: {
43+
- "graph.microsoft.com/user-id": id
44+
- }
45+
- });
46+
+ try {
47+
+ return await ctx.signInWithCatalogUser({
48+
+ annotations: {
49+
+ "graph.microsoft.com/user-id": id
50+
+ }
51+
+ });
52+
+ } catch (error) {
53+
+ return await pluginAuthNode.handleSignInUserNotFound({
54+
+ ctx,
55+
+ error,
56+
+ userEntityName: id,
57+
+ dangerouslyAllowSignInWithoutUserInCatalog: options?.dangerouslyAllowSignInWithoutUserInCatalog
58+
+ });
59+
+ }
60+
};
61+
}
62+
});
63+
diff --git a/dist/resolvers.cjs.js.map b/dist/resolvers.cjs.js.map
64+
index 4bbdf9fca4676bed9a1545d4208071414aaec854..3680d98a7b72c83224b51f8371869dbe2cf1c5b4 100644
65+
--- a/dist/resolvers.cjs.js.map
66+
+++ b/dist/resolvers.cjs.js.map
67+
@@ -1 +1 @@
68+
-{"version":3,"file":"resolvers.cjs.js","sources":["../src/resolvers.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n createSignInResolverFactory,\n SignInInfo,\n} from '@backstage/plugin-auth-node';\nimport { AzureEasyAuthResult } from './types';\n\n/** @public */\nexport namespace azureEasyAuthSignInResolvers {\n export const idMatchingUserEntityAnnotation = createSignInResolverFactory({\n create() {\n return async (info: SignInInfo<AzureEasyAuthResult>, ctx) => {\n const {\n fullProfile: { id },\n } = info.result;\n\n if (!id) {\n throw new Error('User profile contained no id');\n }\n\n return await ctx.signInWithCatalogUser({\n annotations: {\n 'graph.microsoft.com/user-id': id,\n },\n });\n };\n },\n });\n}\n"],"names":["azureEasyAuthSignInResolvers","createSignInResolverFactory"],"mappings":";;;;AAuBiBA;AAAA,CAAV,CAAUA,6BAAV,KAAA;AACE,EAAMA,6BAAAA,CAAA,iCAAiCC,0CAA4B,CAAA;AAAA,IACxE,MAAS,GAAA;AACP,MAAO,OAAA,OAAO,MAAuC,GAAQ,KAAA;AAC3D,QAAM,MAAA;AAAA,UACJ,WAAA,EAAa,EAAE,EAAG;AAAA,YAChB,IAAK,CAAA,MAAA;AAET,QAAA,IAAI,CAAC,EAAI,EAAA;AACP,UAAM,MAAA,IAAI,MAAM,8BAA8B,CAAA;AAAA;AAGhD,QAAO,OAAA,MAAM,IAAI,qBAAsB,CAAA;AAAA,UACrC,WAAa,EAAA;AAAA,YACX,6BAA+B,EAAA;AAAA;AACjC,SACD,CAAA;AAAA,OACH;AAAA;AACF,GACD,CAAA;AAAA,CAnBc,EAAAD,oCAAA,KAAAA,oCAAA,GAAA,EAAA,CAAA,CAAA;;"}
69+
\ No newline at end of file
70+
+{"version":3,"file":"resolvers.cjs.js","sources":["../src/resolvers.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n createSignInResolverFactory,\n handleSignInUserNotFound,\n SignInInfo,\n} from '@backstage/plugin-auth-node';\nimport { AzureEasyAuthResult } from './types';\nimport { z } from 'zod';\n\n/** @public */\nexport namespace azureEasyAuthSignInResolvers {\n export const idMatchingUserEntityAnnotation = createSignInResolverFactory({\n optionsSchema: z\n .object({\n dangerouslyAllowSignInWithoutUserInCatalog: z.boolean().optional(),\n })\n .optional(),\n create(options = {}) {\n return async (info: SignInInfo<AzureEasyAuthResult>, ctx) => {\n const {\n fullProfile: { id },\n } = info.result;\n\n if (!id) {\n throw new Error('User profile contained no id');\n }\n\n try {\n return await ctx.signInWithCatalogUser({\n annotations: {\n 'graph.microsoft.com/user-id': id,\n },\n });\n } catch (error) {\n return await handleSignInUserNotFound({\n ctx,\n error,\n userEntityName: id,\n dangerouslyAllowSignInWithoutUserInCatalog:\n options?.dangerouslyAllowSignInWithoutUserInCatalog,\n });\n }\n };\n },\n });\n}\n"],"names":["azureEasyAuthSignInResolvers","createSignInResolverFactory","z","handleSignInUserNotFound"],"mappings":";;;;;AAyBiBA;AAAA,CAAV,CAAUA,6BAAV,KAAA;AACE,EAAMA,6BAAAA,CAAA,iCAAiCC,0CAA4B,CAAA;AAAA,IACxE,aAAA,EAAeC,MACZ,MAAO,CAAA;AAAA,MACN,0CAA4C,EAAAA,KAAA,CAAE,OAAQ,EAAA,CAAE,QAAS;AAAA,KAClE,EACA,QAAS,EAAA;AAAA,IACZ,MAAA,CAAO,OAAU,GAAA,EAAI,EAAA;AACnB,MAAO,OAAA,OAAO,MAAuC,GAAQ,KAAA;AAC3D,QAAM,MAAA;AAAA,UACJ,WAAA,EAAa,EAAE,EAAG;AAAA,YAChB,IAAK,CAAA,MAAA;AAET,QAAA,IAAI,CAAC,EAAI,EAAA;AACP,UAAM,MAAA,IAAI,MAAM,8BAA8B,CAAA;AAAA;AAGhD,QAAI,IAAA;AACF,UAAO,OAAA,MAAM,IAAI,qBAAsB,CAAA;AAAA,YACrC,WAAa,EAAA;AAAA,cACX,6BAA+B,EAAA;AAAA;AACjC,WACD,CAAA;AAAA,iBACM,KAAO,EAAA;AACd,UAAA,OAAO,MAAMC,uCAAyB,CAAA;AAAA,YACpC,GAAA;AAAA,YACA,KAAA;AAAA,YACA,cAAgB,EAAA,EAAA;AAAA,YAChB,4CACE,OAAS,EAAA;AAAA,WACZ,CAAA;AAAA;AACH,OACF;AAAA;AACF,GACD,CAAA;AAAA,CAlCc,EAAAH,oCAAA,KAAAA,oCAAA,GAAA,EAAA,CAAA,CAAA;;"}
71+
\ No newline at end of file

0 commit comments

Comments
 (0)