feat(showcase): add conditional rendering for login page

[schultzp2020]

Description

Please explain the changes you made here.

Which issue(s) does this PR fix

• References Configure Additional Auth Providers #591
• Unblocks Test SAML integration #645
• Blocked by 🐛 Bug Report: ConfigReader incorrectly reads fallback backstage/backstage#20877

PR acceptance criteria

Please make sure that the following steps are complete:

• GitHub Actions are completed and successful
• Unit Tests are updated and passing
• E2E Tests are updated and passing
• Documentation is updated if necessary (requirement for new features)
• Add a screenshot if the change is UX/UI related

How to test changes / Special notes to the reviewer

[changeset-bot]

🦋 Changeset detected

Latest commit: 80d6a79

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package

Name	Type
app	Minor

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[Zaperex]

Tried testing it with gitlab and got the following error:

It appears we also need to configure the auth provider integrations in the packages/backend/src/plugins/auth file and enable sign-in, to be able to allow users to login via these auth providers. Similar to how we configured the github auth provider integration

https://backstage.io/docs/auth/identity-resolver/

Managed to login with gitlab once I configured the auth provider for gitlab.

    providerFactories: {
      ...defaultAuthProviderFactories,
      gitlab: providers.gitlab.create({
        signIn: {
          async resolver({ result: { fullProfile } }, ctx) {
            const userId = fullProfile.username;
            if (!userId) {
              throw new Error(
                `GitLab user profile does not contain a username`,
              );
            }

            // Creates an entity
            const userEntity = stringifyEntityRef({
              kind: 'User',
              name: userId,
              namespace: DEFAULT_NAMESPACE,
            });

            const { entity } = await ctx.findCatalogUser({
              entityRef: userEntity,
            });

            const ownership = getDefaultOwnershipEntityRefs(entity);

            return ctx.issueToken({
              claims: {
                sub: userEntity,
                ent: ownership,
              },
            });
          },
        },
      }),
...

[schultzp2020]

Tried testing it with gitlab and got the following error:

It appears we also need to configure the auth provider integrations in the packages/backend/src/plugins/auth file and enable sign-in, to be able to allow users to login via these auth providers. Similar to how we configured the github auth provider integration

https://backstage.io/docs/auth/identity-resolver/

Managed to login with gitlab once I configured the auth provider for gitlab.

    providerFactories: {
      ...defaultAuthProviderFactories,
      gitlab: providers.gitlab.create({
        signIn: {
          async resolver({ result: { fullProfile } }, ctx) {
            const userId = fullProfile.username;
            if (!userId) {
              throw new Error(
                `GitLab user profile does not contain a username`,
              );
            }

            // Creates an entity
            const userEntity = stringifyEntityRef({
              kind: 'User',
              name: userId,
              namespace: DEFAULT_NAMESPACE,
            });

            const { entity } = await ctx.findCatalogUser({
              entityRef: userEntity,
            });

            const ownership = getDefaultOwnershipEntityRefs(entity);

            return ctx.issueToken({
              claims: {
                sub: userEntity,
                ent: ownership,
              },
            });
          },
        },
      }),
...

@Zaperex this PR does not cover the entity mapping so this is to be expected.

[gorkem]

@Zaperex Test this PR together with #588 which brings signIn implementation for some of the providers already.

[github-actions]

The image is available at: quay.io/janus-idp/backstage-showcase:pr-602!

[github-actions]

The image is available at: quay.io/janus-idp/backstage-showcase:pr-602!

[github-actions]

The image is available at: quay.io/janus-idp/backstage-showcase:pr-602!

[github-actions]

The image is available at: quay.io/janus-idp/backstage-showcase:pr-602!

[github-actions]

The image is available at: quay.io/janus-idp/backstage-showcase:pr-602!

[schultzp2020]

Blocked by backstage/backstage#20877

[github-actions]

The image is available at: quay.io/janus-idp/backstage-showcase:pr-602!

[github-actions]

The image is available at: quay.io/janus-idp/backstage-showcase:pr-602!

[janus-idp]

backstage-showcase Tests on commit aa42a3d finished with errors.
View test log

[github-actions]

The image is available at: quay.io/janus-idp/backstage-showcase:pr-602!

[github-actions]

The image is available at: quay.io/janus-idp/backstage-showcase:pr-602!

[github-actions]

The image is available at: quay.io/janus-idp/backstage-showcase:pr-602!

[github-actions]

The image is available at: quay.io/janus-idp/backstage-showcase:pr-602!

[PatAKnight]

Minor question but otherwise looks good

[PatAKnight]

Should we include something along the lines of 'To disabled the Guest login set auth.environment to production'?

[kadel]

this brings me to the question, what if someone wants to enable guest in production environment? Is that possible?

[kadel]

lgmt

I have a few questions regarding functionality for example, how one enable guest login if the environment is production or what if someone needs multiple auth providers in sign-in page.
But neither of these is blocking.

[schultzp2020]

lgmt

I have a few questions regarding functionality for example, how one enable guest login if the environment is production or what if someone needs multiple auth providers in sign-in page. But neither of these is blocking.

Yeah I was debating the same thing. My conclusion was that companies typically only have one sign in option, if this is not the case we can easily change this. However, there is an issue where the proxy sign in can only have ONE option. I have also yet to find a case where logging in is not required for a company.

[PatAKnight]

LGTM

[github-actions]

The image is available at: quay.io/janus-idp/backstage-showcase:pr-602!

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
0.0% Duplication

[github-actions]

The image is available at: quay.io/janus-idp/backstage-showcase:pr-602!