[release-1.5] feat(app): dynamic authentication provider support #2466
Conversation
This change adds support for loading authentication providers or modules
from dynamic plugins via 3 main changes to the code.
First, an environment variable `ENABLE_AUTH_PROVIDER_MODULE_OVERRIDE`
controls whether or not the backend installs the default authentication
provider module. When this override is enabled dynamic plugins can be
used to supply custom authentication providers.
Secondly this change also adds a `signInPage` configuration for frontend
dynamic plugins which is required for dynamic plugins to be able to
provide a custom SignInPage component, for example:
```yaml
dynamicPlugins:
frontend:
my-plugin-package:
signInPage:
importName: CustomSignInPage
```
Where the named export `CustomSignInPage` will be mapped to
`components.SignInPage` when the frontend is initialized.
Finally, to ensure authentication providers can be managed by the user a
new `providerSettings` configuration field is available for frontend
dynamic plugins, which can be used to inform the user settings page of
the new provider, for example:
```yaml
dynamicPlugins:
frontend:
my-plugin-package:
providerSettings:
- title: Github Two
description: Sign in with GitHub Org Two
provider: core.auth.github-two
```
Each `providerSettings` item will be turned into a new row under the
"Authentication Providers" tab on the user settings page. The
`provider` field is used to look up and connect the API ref for the
external authentication provider and should be the same string used when
calling `createApiRef`, for example:
```javascript
export const ghTwoAuthApiRef: ApiRef<
OAuthApi & ProfileInfoApi & BackstageIdentityApi & SessionApi
> = createApiRef({
id: 'core.auth.github-two', // <--- this string
})
```
This commit also updates the app config.d.ts with some missing
definitions as well as adds definitions for the above.
Signed-off-by: Stan Lewis <[email protected]>
|
Hi @openshift-cherrypick-robot. Thanks for your PR. I'm waiting for a redhat-developer member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/ok-to-test |
|
The image is available at: |
|
/retest |
/retest |
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: kadel The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-merge-bot
bot
merged commit da21d66
into
redhat-developer:release-1.5
This is an automated cherry-pick of #2167
/assign gashcrumb