AuthProviderRouteHandlers
Home > @backstage/plugin-auth-node > AuthProviderRouteHandlers
Any Auth provider needs to implement this interface which handles the routes in the auth backend. Any auth API requests from the frontend reaches these methods.
The routes in the auth backend API are tied to these methods like below
/auth/[provider]/start -> start /auth/[provider]/handler/frame -> frameHandler /auth/[provider]/refresh -> refresh /auth/[provider]/logout -> logout
Signature:
export interface AuthProviderRouteHandlers
Methods
| Method | Description |
|---|---|
| frameHandler(req, res) | Once the user signs in or consents in the OAuth screen, the auth provider redirects to the callbackURL which is handled by this method. Request - to contain a nonce cookie and a 'state' query parameter Response - postMessage to the window with a payload that contains accessToken, expiryInSeconds?, idToken? and scope. - sets a refresh token cookie if the auth provider supports refresh tokens |
| logout(req, res)? | (Optional) (Optional) Handles sign out requests Response - removes the refresh token cookie |
| refresh(req, res)? | (Optional) (Optional) If the auth provider supports refresh tokens then this method handles requests to get a new access token. Other types of providers may also use this method to implement its own logic to create new sessions upon request. For example, this can be used to create a new session for a provider that handles requests from an authenticating proxy. Request - to contain a refresh token cookie and scope (Optional) query parameter. Response - payload with accessToken, expiryInSeconds?, idToken?, scope and user profile information. |
| start(req, res) | Handles the start route of the API. This initiates a sign in request with an auth provider. Request - scopes for the auth request (Optional) Response - redirect to the auth provider for the user to sign in or consent. - sets a nonce cookie and also pass the nonce as 'state' query parameter in the redirect request |