-
Notifications
You must be signed in to change notification settings - Fork 4
/
auth.ts
107 lines (98 loc) · 2.75 KB
/
auth.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
import { stringifyEntityRef } from '@backstage/catalog-model';
import {
createAuthProviderIntegration,
createRouter,
} from '@backstage/plugin-auth-backend';
import {
AuthProviderRouteHandlers,
AuthResolverContext,
SignInResolver,
prepareBackstageIdentityResponse,
} from '@backstage/plugin-auth-node';
import { Router } from 'express';
import { PluginEnvironment } from '../types';
// a "dummy" auth provider for the local demo site used with
// proxy sign in so that the user is always logged in as guest.
// https://backstage.io/docs/auth/#sign-in-with-proxy-providers
export class DummyAuthProvider implements AuthProviderRouteHandlers {
private readonly resolverContext: AuthResolverContext;
private readonly signInResolver: SignInResolver<{}>;
constructor(options: {
resolverContext: AuthResolverContext;
signInResolver: SignInResolver<{}>;
}) {
this.resolverContext = options.resolverContext;
this.signInResolver = options.signInResolver;
}
async frameHandler(): Promise<void> {
return;
}
async refresh(_: any, res: any): Promise<void> {
const profile = {};
const backstageSignInResult = await this.signInResolver(
{
profile,
result: {},
},
this.resolverContext,
);
res.json({
providerInfo: {},
backstageIdentity: prepareBackstageIdentityResponse(
backstageSignInResult,
),
profile,
});
}
async start(): Promise<void> {
return;
}
}
// "dummy" auth provider integration that doesn't talk to
// any external auth providers and lets the provided signIn
// resolver do all the work
export const dummyAuth = createAuthProviderIntegration({
create(options: {
signIn: {
resolver: SignInResolver<{}>;
};
}) {
return ({ resolverContext }) => {
const signInResolver = options.signIn.resolver;
return new DummyAuthProvider({
resolverContext,
signInResolver,
});
};
},
});
export default async function createPlugin(
env: PluginEnvironment,
): Promise<Router> {
return await createRouter({
logger: env.logger,
config: env.config,
database: env.database,
discovery: env.discovery,
tokenManager: env.tokenManager,
providerFactories: {
// "dummy" sign in resolver that always signs
// into the user "guest"
'dummy-auth': dummyAuth.create({
signIn: {
async resolver(_, ctx) {
const user = await ctx.findCatalogUser({
entityRef: 'user:default/guest',
});
return ctx.issueToken({
claims: {
sub: stringifyEntityRef(user.entity),
ent: [stringifyEntityRef(user.entity)],
},
});
},
},
}),
},
});
}