Uploaded image for project: 'Red Hat Internal Developer Platform'
  1. Red Hat Internal Developer Platform
  2. RHIDP-5484

Add support for authentication providers from dynamic plugins to the RHDH frontend and backend

Create Doc EPIC for Fe...Prepare for Y ReleasePrepare for Z Release
XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Critical Critical
    • 1.5.0
    • None
    • Dynamic plugins
    • None
    • 2
    • False
    • Hide

      None

      Show
      None
    • False
    • RHIDP-4795 - dynamic authentication provider plugins
    • Hide
      = Support for loading authentication providers from dynamic plugins

      This update introduces support for loading authentication providers or modules from dynamic plugins, enabling greater flexibility and customization.

      Key improvements:
      Environment variable control:

      A new ENABLE_AUTH_PROVIDER_MODULE_OVERRIDE environment variable determines whether the backend installs the default authentication provider module.
      When enabled, dynamic plugins can be used to supply custom authentication providers.
      Custom sign-in page support:

      A new signInPage configuration allows frontend dynamic plugins to provide a custom SignInPage component.

      ```yaml
      dynamicPlugins:
        frontend:
          my-plugin-package:
            signInPage:
      importName: CustomSignInPage
      ```

      The exported CustomSignInPage will be mapped to components.SignInPage during frontend initialization.

      Authentication provider settings in the user settings page:

      A new providerSettings configuration field allows frontend dynamic plugins to define authentication provider settings for display in the Authentication Providers tab on the user settings page.


      ```yaml
      dynamicPlugins:
        frontend:
          my-plugin-package:
            providerSettings:
      - title: Github Two
      description: Sign in with GitHub Org Two
      provider: core.auth.github-two
      ```

      Each providerSettings entry creates a corresponding row in the Authentication Providers tab.
      The provider field should match the string used in createApiRef when defining the API reference:

      ```javascript
      export const ghTwoAuthApiRef: ApiRef<
        OAuthApi & ProfileInfoApi & BackstageIdentityApi & SessionApi
      > = createApiRef({
        id: 'core.auth.github-two', // <--- this string
      })
      ```
      This enhancement improves authentication flexibility, allowing dynamic plugins to provide custom authentication solutions and configurations for user settings.
      Show
      = Support for loading authentication providers from dynamic plugins This update introduces support for loading authentication providers or modules from dynamic plugins, enabling greater flexibility and customization. Key improvements: Environment variable control: A new ENABLE_AUTH_PROVIDER_MODULE_OVERRIDE environment variable determines whether the backend installs the default authentication provider module. When enabled, dynamic plugins can be used to supply custom authentication providers. Custom sign-in page support: A new signInPage configuration allows frontend dynamic plugins to provide a custom SignInPage component. ```yaml dynamicPlugins:   frontend:     my-plugin-package:       signInPage: importName: CustomSignInPage ``` The exported CustomSignInPage will be mapped to components.SignInPage during frontend initialization. Authentication provider settings in the user settings page: A new providerSettings configuration field allows frontend dynamic plugins to define authentication provider settings for display in the Authentication Providers tab on the user settings page. ```yaml dynamicPlugins:   frontend:     my-plugin-package:       providerSettings: - title: Github Two description: Sign in with GitHub Org Two provider: core.auth.github-two ``` Each providerSettings entry creates a corresponding row in the Authentication Providers tab. The provider field should match the string used in createApiRef when defining the API reference: ```javascript export const ghTwoAuthApiRef: ApiRef<   OAuthApi & ProfileInfoApi & BackstageIdentityApi & SessionApi > = createApiRef({   id: 'core.auth.github-two', // <--- this string }) ``` This enhancement improves authentication flexibility, allowing dynamic plugins to provide custom authentication solutions and configurations for user settings.
    • Enhancement
    • Done
    • RHDH Dynamic Plugins 3267/3268, RHDH Dynamic Plugins 3269, RHDH Dynamic Plugins 3270

      With a working POC implementation using an external authentication provider it's time to get the bits in place that enable this support. This comes in 2 distinct areas:

      • The backend side needs the environment variable that disables the statically defined authentication provider set
      • The frontend side needs a method for a dynamic plugin to supply a custom SignInPage

      The latter is normally done statically by supplying a custom SignInPage to the createApp function via the components option. We can satisfy the 2nd bullet by adding a components configuration entry for frontend dynamic plugins where a dynamic plugin can supply one of several known component names as an export and use the configuration to map this export to the components option when the frontend is initialized. Something like:

      dynamicPlugins: 
  rootDirectory: dynamic-plugins-root
  frontend: 
    immobiliarelabs-backstage-plugin-ldap-auth: 
      components: 
        SignInPage: 
          module: PluginRoot
          importName: SignInPage

      Where components would be a map of one of these known accepted components

              stlewis_2 Stan Lewis
              stlewis_2 Stan Lewis
              RHIDP - Dynamic Plugins
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: