Merge pull request backstage#6430 from chicoribas/auth-signin-to-ms-p…

…rovider Implement auth handler and sign-in resolvers for Microsoft auth providers
jrusso1020 · Jul 13, 2021 · 3ebd2da · 3ebd2da
2 parents 7a6a358 + 91a0095
commit 3ebd2da
Show file tree

Hide file tree

Showing 6 changed files with 302 additions and 71 deletions.
diff --git a/.changeset/real-plums-vanish.md b/.changeset/real-plums-vanish.md
@@ -0,0 +1,5 @@
+---
+'@backstage/plugin-auth-backend': patch
+---
+
+Add Sign In and Handler resolver for Microsoft provider
diff --git a/plugins/auth-backend/api-report.md b/plugins/auth-backend/api-report.md
@@ -59,6 +59,11 @@ export const createGoogleProvider: (
   options?: GoogleProviderOptions | undefined,
 ) => AuthProviderFactory;
 
+// @public (undocumented)
+export const createMicrosoftProvider: (
+  options?: MicrosoftProviderOptions | undefined,
+) => AuthProviderFactory;
+
 // @public (undocumented)
 export function createRouter({
   logger,
@@ -102,6 +107,17 @@ export class IdentityClient {
   }>;
 }
 
+// @public (undocumented)
+export const microsoftEmailSignInResolver: SignInResolver<OAuthResult>;
+
+// @public (undocumented)
+export type MicrosoftProviderOptions = {
+  authHandler?: AuthHandler<OAuthResult>;
+  signIn?: {
+    resolver?: SignInResolver<OAuthResult>;
+  };
+};
+
 // @public (undocumented)
 export class OAuthAdapter implements AuthProviderRouteHandlers {
   constructor(handlers: OAuthHandlers, options: Options);

diff --git a/plugins/auth-backend/src/providers/index.ts b/plugins/auth-backend/src/providers/index.ts
@@ -15,6 +15,7 @@
  */
 
 export * from './google';
+export * from './microsoft';
 export { factories as defaultAuthProviderFactories } from './factories';
 
 // Export the minimal interface required for implementing a

diff --git a/plugins/auth-backend/src/providers/microsoft/index.ts b/plugins/auth-backend/src/providers/microsoft/index.ts
@@ -14,5 +14,8 @@
  * limitations under the License.
  */
 
-export { createMicrosoftProvider } from './provider';
+export {
+  createMicrosoftProvider,
+  microsoftEmailSignInResolver,
+} from './provider';
 export type { MicrosoftProviderOptions } from './provider';
diff --git a/plugins/auth-backend/src/providers/microsoft/provider.test.ts b/plugins/auth-backend/src/providers/microsoft/provider.test.ts
@@ -0,0 +1,105 @@
+/*
+ * Copyright 2020 The Backstage Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import { MicrosoftAuthProvider } from './provider';
+import * as helpers from '../../lib/passport/PassportStrategyHelper';
+import { OAuthResult } from '../../lib/oauth';
+import { getVoidLogger } from '@backstage/backend-common';
+import { TokenIssuer } from '../../identity/types';
+import { CatalogIdentityClient } from '../../lib/catalog';
+
+const mockFrameHandler = (jest.spyOn(
+  helpers,
+  'executeFrameHandlerStrategy',
+) as unknown) as jest.MockedFunction<
+  () => Promise<{ result: OAuthResult; privateInfo: any }>
+>;
+
+describe('createMicrosoftProvider', () => {
+  it('should auth', async () => {
+    const tokenIssuer = {
+      issueToken: jest.fn(),
+      listPublicKeys: jest.fn(),
+    };
+    const catalogIdentityClient = {
+      findUser: jest.fn(),
+    };
+
+    const provider = new MicrosoftAuthProvider({
+      logger: getVoidLogger(),
+      catalogIdentityClient: (catalogIdentityClient as unknown) as CatalogIdentityClient,
+      tokenIssuer: (tokenIssuer as unknown) as TokenIssuer,
+      authHandler: async ({ fullProfile }) => ({
+        profile: {
+          email: fullProfile.emails![0]!.value,
+          displayName: fullProfile.displayName,
+          picture: 'http://microsoft.com/lols',
+        },
+      }),
+      clientId: 'mock',
+      clientSecret: 'mock',
+      callbackUrl: 'mock',
+    });
+
+    mockFrameHandler.mockResolvedValueOnce({
+      result: {
+        fullProfile: {
+          emails: [
+            {
+              type: 'work',
+              value: 'conrad@example.com',
+            },
+          ],
+          displayName: 'Conrad',
+          name: {
+            familyName: 'Ribas',
+            givenName: 'Francisco',
+          },
+          id: 'conrad',
+          provider: 'microsoft',
+          photos: [
+            {
+              value: 'some-data',
+            },
+          ],
+        },
+        params: {
+          id_token: 'idToken',
+          scope: 'scope',
+          expires_in: 123,
+        },
+        accessToken: 'accessToken',
+      },
+      privateInfo: {
+        refreshToken: 'wacka',
+      },
+    });
+    const { response } = await provider.handler({} as any);
+    expect(response).toEqual({
+      providerInfo: {
+        accessToken: 'accessToken',
+        expiresInSeconds: 123,
+        idToken: 'idToken',
+        scope: 'scope',
+      },
+      profile: {
+        email: 'conrad@example.com',
+        displayName: 'Conrad',
+        picture: 'http://microsoft.com/lols',
+      },
+    });
+  });
+});