ryan-WORK
commented
2 months ago Hey is this the Authorization callback URL?
http://localhost:7007/api/auth/github/handler/frame?
If so try this:
http://localhost:7007/api/auth/github
Closed pogo61 closed 2 months ago
ryan-WORK
commented
2 months ago Hey is this the Authorization callback URL?
http://localhost:7007/api/auth/github/handler/frame?
If so try this:
http://localhost:7007/api/auth/github
pogo61
commented
2 months ago @ryan-WORK I take it that this is the GitHub App callback URL that needs changing?
ryan-WORK
commented
2 months ago @pogo61 yup thats the one:
pogo61
commented
2 months ago @ryan-WORK sorry, that did nothing... same response Just to make sure we are on the same page.... I'm not using OAuth, just the basic GitHub App with the PAT
Rugvip
commented
2 months ago What does tour config look like? If you happen to have something like this it might disable the provider now:
auth:
providers:
github:
freben
commented
2 months ago Hi,
I just tried this on latest master and cannot reproduce, at least so far.
Indeed I also used the callback URL http://localhost:7007/api/auth/github in the OAuth app.
Since the error says that it cannot find the provider at all, I am wondering if instead of the auth changes, maybe it could be related to #23339 . Do you have anywhere in your config a naked github: without any children? That gets interpreted as github: null by yaml. Something that might make it so that the providers.github key actually become unset and therefore the provider doesn't get loaded.
When running locally, you can check the logs at startup to see what providers get loaded.
Also you can use the yarn backstage-cli config:print command to print an actual resolved output config. You may want to add the --lax flag to that to not have to set all env vars. You may also want to pass in the same --config arguments that you use in production (in the same order too), to ensure that what gets printed is as production-like as possible. Then when you have that printout, look into the auth.providers key space to see what's in there.
EDIT: Heh, @Rugvip got in there before me as I typed this
pogo61
commented
2 months ago This IS NOT an OAuth App, itβs the normal GitHub App in conjunction with a PAT. Methinks you guys have gotten tunnel vision about using OAuth, and forgotten about the other option. also, as originally stated, the config was unchanged
eilonash92
commented
2 months ago @freben
I'm having the same issue using oAuth app -
This is my config print and using local config file - What am I missing?
*[main][~/repos/aura-backstage]$ yarn backstage-cli config:print
yarn run v1.22.22
$ /Users/eilon.ashkenazi/repos/aura-backstage/node_modules/.bin/backstage-cli config:print
Loaded config from app-config.yaml, app-config.local.yaml
app:
title: Aura Backstage
baseUrl: http://localhost:3000
backend:
database:
connection:
host: localhost
port: 5432
user: postgres
password: <secret>
client: better-sqlite3
baseUrl: http://localhost:7007
listen:
port: 7007
csp:
connect-src:
- "'self'"
- "http:"
- "https:"
cors:
origin: http://localhost:3000
methods:
- GET
- HEAD
- PATCH
- POST
- PUT
- DELETE
credentials: true
auth:
environment: development
providers:
github:
development:
clientId: 17208d9d0746c9766a77
clientSecret: <secret>
integrations:
github:
- host: github.com
token: <secret>
organization:
name: My Company
techdocs:
builder: local
generator:
runIn: docker
publisher:
type: local
catalog:
import:
entityFilename: catalog-info.yaml
pullRequestBranchName: backstage-integration
rules:
- allow:
- Component
- System
- API
- Resource
- Location
locations:
- type: file
target: ../../examples/entities.yaml
- type: file
target: ../../examples/template/template.yaml
rules:
- allow:
- Template
- type: file
target: ../../examples/org.yaml
rules:
- allow:
- User
- Group
Error -
{
"error": {
"name": "NotFoundError",
"message": "Unknown auth provider 'github'",
"stack": "NotFoundError: Unknown auth provider 'github'\n at <anonymous> (/Users/eilon.ashkenazi/repos/aura-backstage/node_modules/@backstage/plugin-auth-backend/src/service/router.ts:161:11)\n at handleReturn (/Users/eilon.ashkenazi/repos/aura-backstage/node_modules/express-promise-router/lib/express-promise-router.js:24:23)\n at /Users/eilon.ashkenazi/repos/aura-backstage/node_modules/express-promise-router/lib/express-promise-router.js:64:7\n at Layer.handle [as handle_request] (/Users/eilon.ashkenazi/repos/aura-backstage/node_modules/express/lib/router/layer.js:95:5)\n at trim_prefix (/Users/eilon.ashkenazi/repos/aura-backstage/node_modules/express/lib/router/index.js:328:13)\n at /Users/eilon.ashkenazi/repos/aura-backstage/node_modules/express/lib/router/index.js:286:9\n at param (/Users/eilon.ashkenazi/repos/aura-backstage/node_modules/express/lib/router/index.js:365:14)\n at param (/Users/eilon.ashkenazi/repos/aura-backstage/node_modules/express/lib/router/index.js:376:14)\n at Function.process_params (/Users/eilon.ashkenazi/repos/aura-backstage/node_modules/express/lib/router/index.js:421:3)\n at next (/Users/eilon.ashkenazi/repos/aura-backstage/node_modules/express/lib/router/index.js:280:10)\n at /Users/eilon.ashkenazi/repos/aura-backstage/node_modules/express/lib/router/index.js:646:15\n at next (/Users/eilon.ashkenazi/repos/aura-backstage/node_modules/express/lib/router/index.js:265:14)\n at Function.handle (/Users/eilon.ashkenazi/repos/aura-backstage/node_modules/express/lib/router/index.js:175:3)\n at router (/Users/eilon.ashkenazi/repos/aura-backstage/node_modules/express/lib/router/index.js:47:12)\n at handleReturn (/Users/eilon.ashkenazi/repos/aura-backstage/node_modules/express-promise-router/lib/express-promise-router.js:24:23)\n at router (/Users/eilon.ashkenazi/repos/aura-backstage/node_modules/express-promise-router/lib/express-promise-router.js:64:7)"
},
"request": {
"method": "GET",
"url": "[/api/auth/github/start?scope=read%3Auser&origin=http%3A%2F%2Flocalhost%3A3000&flow=popup&env=development](http://localhost:7007/api/auth/github/start?scope=read%3Auser&origin=http%3A%2F%2Flocalhost%3A3000&flow=popup&env=development)"
},
"response": {
"statusCode": 404
}
}Still trying to reproduce.
Set up an oauth app
Run npx @backstage/create-app@latest
Edit app-config.yaml to add
auth:
environment: development
providers:
guest: {}
github:
development:
clientId: 2da...46f
clientSecret: 531...3ceIn the app somewhere, add
const auth = useApi(githubAuthApiRef);
auth.getAccessToken('repo').then(
token => console.log('success', token),
error => console.log('failure', error),
);That does work fine
eilonash92
commented
2 months ago import React from 'react';
import { Navigate, Route } from 'react-router-dom';
import { apiDocsPlugin, ApiExplorerPage } from '@backstage/plugin-api-docs';
import {
CatalogEntityPage,
CatalogIndexPage,
catalogPlugin,
} from '@backstage/plugin-catalog';
import {
CatalogImportPage,
catalogImportPlugin,
} from '@backstage/plugin-catalog-import';
import { ScaffolderPage, scaffolderPlugin } from '@backstage/plugin-scaffolder';
import { orgPlugin } from '@backstage/plugin-org';
import { SearchPage } from '@backstage/plugin-search';
import { TechRadarPage } from '@backstage/plugin-tech-radar';
import {
TechDocsIndexPage,
techdocsPlugin,
TechDocsReaderPage,
} from '@backstage/plugin-techdocs';
import { TechDocsAddons } from '@backstage/plugin-techdocs-react';
import { ReportIssue } from '@backstage/plugin-techdocs-module-addons-contrib';
import { UserSettingsPage } from '@backstage/plugin-user-settings';
import { apis } from './apis';
import { entityPage } from './components/catalog/EntityPage';
import { searchPage } from './components/search/SearchPage';
import { Root } from './components/Root';
import {
AlertDisplay,
OAuthRequestDialog,
SignInProviderConfig,
SignInPage,
} from '@backstage/core-components';
import { createApp } from '@backstage/app-defaults';
import { AppRouter, FlatRoutes } from '@backstage/core-app-api';
import { CatalogGraphPage } from '@backstage/plugin-catalog-graph';
import { RequirePermission } from '@backstage/plugin-permission-react';
import { catalogEntityCreatePermission } from '@backstage/plugin-catalog-common/alpha';
import { githubAuthApiRef } from '@backstage/core-plugin-api';
const githubProvider: SignInProviderConfig = {
id: 'github-auth-provider',
title: 'GitHub',
message: 'Sign in using GitHub',
apiRef: githubAuthApiRef,
};
const app = createApp({
apis,
bindRoutes({ bind }) {
bind(catalogPlugin.externalRoutes, {
createComponent: scaffolderPlugin.routes.root,
viewTechDoc: techdocsPlugin.routes.docRoot,
createFromTemplate: scaffolderPlugin.routes.selectedTemplate,
});
bind(apiDocsPlugin.externalRoutes, {
registerApi: catalogImportPlugin.routes.importPage,
});
bind(scaffolderPlugin.externalRoutes, {
registerComponent: catalogImportPlugin.routes.importPage,
viewTechDoc: techdocsPlugin.routes.docRoot,
});
bind(orgPlugin.externalRoutes, {
catalogIndex: catalogPlugin.routes.catalogIndex,
});
},
components: {
SignInPage: props => (
<SignInPage
{...props}
auto
provider={githubProvider}
/>
),
},
});
const routes = (
<FlatRoutes>
<Route path="/" element={<Navigate to="catalog" />} />
<Route path="/catalog" element={<CatalogIndexPage />} />
<Route
path="/catalog/:namespace/:kind/:name"
element={<CatalogEntityPage />}
>
{entityPage}
</Route>
<Route path="/docs" element={<TechDocsIndexPage />} />
<Route
path="/docs/:namespace/:kind/:name/*"
element={<TechDocsReaderPage />}
>
<TechDocsAddons>
<ReportIssue />
</TechDocsAddons>
</Route>
<Route path="/create" element={<ScaffolderPage />} />
<Route path="/api-docs" element={<ApiExplorerPage />} />
<Route
path="/tech-radar"
element={<TechRadarPage width={1500} height={800} />}
/>
<Route
path="/catalog-import"
element={
<RequirePermission permission={catalogEntityCreatePermission}>
<CatalogImportPage />
</RequirePermission>
}
/>
<Route path="/search" element={<SearchPage />}>
{searchPage}
</Route>
<Route path="/settings" element={<UserSettingsPage />} />
<Route path="/catalog-graph" element={<CatalogGraphPage />} />
</FlatRoutes>
);
export default app.createRoot(
<>
<AlertDisplay />
<OAuthRequestDialog />
<AppRouter>
<Root>{routes}</Root>
</AppRouter>
</>,
);What is missing in my code? @freben
eilonash92
commented
2 months ago @freben I added these blocks -
const githubProvider: SignInProviderConfig = {
id: 'github-auth-provider',
title: 'GitHub',
message: 'Sign in using GitHub',
apiRef: githubAuthApiRef,
};
components: {
SignInPage: props => (
<SignInPage
{...props}
auto
provider={githubProvider}
/>
),
},Hold on! Where in the doco does it say to add those blocks and where should they be added????
ryan-WORK
commented
2 months ago pogo61
commented
2 months ago @ryan-WORK that has always been optional and it doesnβt include this const githubProvider: SignInProviderConfig = { id: 'github-auth-provider', title: 'GitHub', message: 'Sign in using GitHub', apiRef: githubAuthApiRef, }; so has something changed?
freben
commented
2 months ago I'll keep reproducing and hopefully issue a fix tomorrow
pogo61
commented
2 months ago @freben Brilliant... thanks
vinzscam
commented
2 months ago have you switched to the new backend system by changing your packages/backend/src/index.ts according to https://backstage.github.io/upgrade-helper/?from=1.23.4&to=1.24.0 ?
If yes, you might have missed adding
// auth plugin
backend.add(import('@backstage/plugin-auth-backend'));
// See https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin
backend.add(import('@backstage/plugin-auth-backend-module-guest-provider'));
// See https://github.com/backstage/backstage/blob/master/docs/auth/guest/provider.md
+ backend.add(import('@backstage/plugin-auth-backend-module-github-provider'));
// catalog plugin
backend.add(import('@backstage/plugin-catalog-backend/alpha'));
backend.add(
import('@backstage/plugin-catalog-backend-module-scaffolder-entity-model'),
);More info in https://backstage.io/docs/backend-system/building-backends/migrating/#the-auth-plugin
giocolas
commented
2 months ago just to inform that same issue I verified using Microsoft auth provider. This is my portion in App.tsx:
const app = createApp({
...
components: {
SignInPage: props => (
<SignInPage
{...props}
auto
provider={{
id: 'microsoft-auth-provider',
title: 'Microsoft',
message: 'Sign in using microsoft',
apiRef: microsoftAuthApiRef,
}}
/>
),
},This is my part in backend:
// auth plugin
backend.add(import('@backstage/plugin-auth-backend'));
// backend.add(import('@backstage/plugin-auth-backend-module-guest-provider'));
backend.add(import('@backstage/plugin-auth-backend-module-microsoft-provider'));This is my app-config.yaml:
auth:
environment: development
providers:
microsoft:
development:
clientId: ${AUTH_MICROSOFT_CLIENT_ID}
clientSecret: ${AUTH_MICROSOFT_CLIENT_SECRET}
tenantId: ${AUTH_MICROSOFT_TENANT_ID}and finally I tested request of refresh / access tokens by backend returns in browser's network tab correctly status code 200!
freben
commented
2 months ago @giocolas Thanks - just double checking, are you saying that you do NOT have the problem anymore? Is all good on your end?
giocolas
commented
2 months ago No, maybe I expressed myself badly: I detect the same problem with the Microsoft auth provider!
freben
commented
2 months ago It's weird, I cannot for the life of me reproduce this yet. If someone can upload a repo that exhibits the problem, that would be great
sennyeya
commented
2 months ago Can you share startup logs from your backend? The auth backend will spit out some errors when it has a provider installed that isn't correctly set up.
SeanoNET
commented
2 months ago Same issue for me, I am new to this project. I followed the getting started guide
https://backstage.io/docs/getting-started/
and then straight into adding authentication and got the same error.
https://backstage.io/docs/getting-started/config/authentication
Parsifal-M
commented
2 months ago Hey Peeps :wave:
I've just upgraded my repo from 1.22.2 to 1.24.0 and I am using a GitHub oAuth App and it all seems fine to me .. so far.
Not sure if it helps at all but here is the PR I have to upgrade versions.
I know @pogo61 has mentioned they are not using the oAuth App so sadly this won't help in that case, but others above have also mentioned they have issues with oAuth.
Hopefully this helps!
Thanks!
freben
commented
2 months ago @pogo61 Just to be sure even though I don't think it's related, I've installed a proper GitHub app now too (originally generated with yarn backstage-cli create-github-app <repo>) and signing in with that works just as well - both for regular sign-in-page at the start, and for negotiating ghu access tokens.
freben
commented
2 months ago @eilonash92 @SeanoNET what does your packages/backend/src/index.ts look like? See the comment above
freben
commented
2 months ago @giocolas Can you describe the steps you are taking and what you are seeing? Step by step and the expected vs actual outcome. Just to see exactly where in your process things fail.
Also, do check the backend log output for anomalies.
SeanoNET
commented
2 months ago @freben - I have added backend.add(import('@backstage/plugin-auth-backend-module-github-provider')); into packages/backend/src/index.ts and I am getting this error above the SIGN IN button.
The GitHub provider is not configured to support sign-inEDIT
after doing some research it appears i need to configure a github resolver in packages/backend/src/plugins/auth.ts however my generated project doesnt contain that file or packages/backend/src/plugins folder.
freben
commented
2 months ago Yeah i think the docs need to be updated now that the default is the new backend system. See this section instead:
https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin
It shows how you add the signIn key in config. There's indeed no longer a plugins folder in there
freben
commented
2 months ago @pogo61 see the comment above - could this apply to you too?
giocolas
commented
2 months ago @giocolas Can you describe the steps you are taking and what you are seeing? Step by step and the expected vs actual outcome. Just to see exactly where in your process things fail.
Also, do check the backend log output for anomalies.
@freben I executed upgrading version from 1.17.5 to 1.24.0 (latest), and I updated all parts of code including backend to new system. I trying to create new app and apply my Microsoft provider configuration including SignIn part in App.tsx file. I'll let you know the outcome ...
freben
commented
2 months ago Alright. The project is moving at breakneck speed and that's over half a year of upgrades - it's easy to miss some step. I hope we can get this sorted out for ya
SeanoNET
commented
2 months ago my app-config.yaml looks like this now:
auth:
# see https://backstage.io/docs/auth/ to learn about auth providers
environment: development
providers:
guest: {}
github:
development:
clientId: f9080549d93f71a5e79e
clientSecret: <clientSecret>
signIn:
resolvers:
- resolver: usernameMatchingUserEntityName
Now I am getting Failed to sign-in, unable to resolve user identity. I appreciate the assistance with this.
freben
commented
2 months ago Right, that means that your catalog doesn't contain an entity of kind User, that has the same metadata.name as the username from GitHub was that you signed in with.
For example for me, my github username is freben, so if I use that particular resolver, my catalog has to contain an entity with the full ref user:default/freben.
If that's not the type of setup you want, you may want to choose another sign in resolver that either matches in a different way, or supply your own (which is a little bit more codin' and replaces the config settings) that just doesn't care what's in the catalog at all.
giocolas
commented
2 months ago Alright. The project is moving at breakneck speed and that's over half a year of upgrades - it's easy to miss some step. I hope we can get this sorted out for ya
@freben I verified same problem using 'npx @backstage/create-app@latest' and adding all necessary changes to enable Microsoft auth integration (about 10 lines of code and little else!).
Git repo is here: https://github.com/giocolas/backstage-microsoft-auth
Microsoft configuration is on my local file app-config.local.yaml (not included in repo)
This is backend log:
yarn run v1.22.19
$ concurrently "yarn start" "yarn start-backend"
$ yarn workspace backend start
$ yarn workspace app start
$ backstage-cli package start
$ backstage-cli package start
[0] Loaded config from app-config.yaml, app-config.local.yaml
[0] <i> [webpack-dev-server] Project is running at:
[0] <i> [webpack-dev-server] Loopback: http://localhost:3000/, http://[::1]:3000/
[0] <i> [webpack-dev-server] Content not from webpack is served from '/Users/g.colasurdo/Projects/GitHub/backstage-microsoft-auth/packages/app/public' directory
[0] <i> [webpack-dev-server] 404s will fallback to '/index.html'
[0] <i> [webpack-dev-middleware] wait until bundle finished: /
[1] Loading config from MergedConfigSource{FileConfigSource{path="/Users/g.colasurdo/Projects/GitHub/backstage-microsoft-auth/app-config.yaml"}, FileConfigSource{path="/Users/g.colasurdo/Projects/GitHub/backstage-microsoft-auth/app-config.local.yaml"}, EnvConfigSource{count=0}}
[1] 2024-03-22T14:59:57.326Z backstage info Found 2 new secrets in config that will be redacted
[1] 2024-03-22T14:59:57.336Z rootHttpRouter info Listening on :7007
[1] 2024-03-22T14:59:57.342Z backstage warn Generated a secret for service-to-service authentication: DEVELOPMENT USE ONLY.
[1] 2024-03-22T14:59:57.470Z permission warn Permission backend started with permissions disabled. Enable permissions by setting permission.enabled=true.
[1] 2024-03-22T14:59:57.488Z techdocs info Creating Local publisher for TechDocs
[1] 2024-03-22T14:59:57.491Z auth info Configuring "database" as KeyStore provider
[1] 2024-03-22T14:59:57.559Z scaffolder info Starting scaffolder with the following actions enabled fetch:plain, fetch:plain:file, fetch:template, debug:log, debug:wait, catalog:register, catalog:fetch, catalog:write, fs:delete, fs:rename
[1] 2024-03-22T14:59:57.563Z search info Added DefaultCatalogCollatorFactory collator factory for type software-catalog
[1] 2024-03-22T14:59:57.563Z search info Added DefaultTechDocsCollatorFactory collator factory for type techdocs
[1] 2024-03-22T14:59:57.565Z search info Starting all scheduled search tasks.
[1] 2024-03-22T14:59:57.579Z catalog info Performing database migration
[1] 2024-03-22T14:59:57.754Z auth info Configuring auth provider: microsoft
[1] 2024-03-22T14:59:57.776Z search info Task worker starting: search_index_software_catalog, {"version":2,"cadence":"PT10M","initialDelayDuration":"PT3S","timeoutAfterDuration":"PT15M"} task=search_index_software_catalog
[1] 2024-03-22T14:59:57.777Z search info Task worker starting: search_index_techdocs, {"version":2,"cadence":"PT10M","initialDelayDuration":"PT3S","timeoutAfterDuration":"PT15M"} task=search_index_techdocs
[1] 2024-03-22T15:00:00.781Z search info Collating documents for software-catalog via DefaultCatalogCollatorFactory documentType=software-catalog
[1] 2024-03-22T15:00:00.794Z search info Collating documents for techdocs via DefaultTechDocsCollatorFactory documentType=techdocs
[1] 2024-03-22T15:00:00.832Z rootHttpRouter info ::1 - - [22/Mar/2024:15:00:00 +0000] "GET /api/catalog/entities?limit=500&filter=metadata.annotations.backstage.io%2Ftechdocs-ref&offset=0 HTTP/1.1" 200 2 "-" "node-fetch/1.0 (+https://github.com/bitinn/node-fetch)" type=incomingRequest
[1] 2024-03-22T15:00:00.836Z search warn Index for techdocs was not created: indexer received 0 documents documentType=techdocs
[1] 2024-03-22T15:00:00.837Z search info Collating documents for techdocs succeeded documentType=techdocs
[1] 2024-03-22T15:00:00.840Z rootHttpRouter info ::1 - - [22/Mar/2024:15:00:00 +0000] "GET /api/catalog/entities?limit=500&offset=0 HTTP/1.1" 200 - "-" "node-fetch/1.0 (+https://github.com/bitinn/node-fetch)" type=incomingRequest
[1] 2024-03-22T15:00:00.850Z search info Collating documents for software-catalog succeeded documentType=software-catalog
[0] webpack compiled successfully
[1] 2024-03-22T15:00:13.429Z rootHttpRouter info ::1 - - [22/Mar/2024:15:00:13 +0000] "GET /api/auth/microsoft/refresh?optional&scope=openid%20offline_access%20profile%20email%20User.Read&env=development HTTP/1.1" 200 - "http://localhost:3000/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" type=incomingRequestthis is how displayed in my screen:
freben
commented
2 months ago @giocolas I haven't cloned it yet, but that error means that you also need to add the signIn config like here https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin - that's a different error than the one in the initial report
giocolas
commented
2 months ago @giocolas I haven't cloned it yet, but that error means that you also need to add the
signInconfig like here https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin - that's a different error than the one in the initial report
@freben thank you for your time! I understood everything. Searching the documentation I found this link https://backstage.io/docs/auth/identity-resolver#sign-in-without-users-in-the-catalog which explains how to allow a user to log in without them being registered in the catalog, my use case and my previous configuration is exactly this. Documentation contains instructions for "injecting" a custom resolver with the old backend and not with the new one. I think it's time to open a new issue on this, right?
freben
commented
2 months ago Well the tricky thing is that not everyone has migrated yet. So both docs may be warranted to keep somehow. We'll take a larger stab at cleaning this up in the coming months.
pogo61
commented
2 months ago @pogo61 see the comment above - could this apply to you too?
@freben This was already in the file, as I decided to start with a fresh instance via npx @backstage/create-app@latest however, nothing seems to fix the issue
pogo61
commented
2 months ago @pogo61 see the comment above - could this apply to you too?
@freben This was already in the file, as I decided to start with a fresh instance via npx @backstage/create-app@latest however, nothing seems to fix the issue
Some Progress!!!! I took at look at the migration documentation at https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin and realised I had to add backend.add(import('@backstage/plugin-auth-backend-module-github-provider')); to packages/backend/src/index.ts and now I'n not getting a 404....... I'm getting a 401 with the error Failed to sign-in, unable to resolve user identity
any clues?
freben
commented
2 months ago @pogo61 that's also talked about above - your chosen sign in resolver is one that tries to find a matching user in the catalog for security reasons, and it can't find such a match so it rejects the sign in. See all the links posted above
pogo61
commented
2 months ago @pogo61 that's also talked about above - your chosen sign in resolver is one that tries to find a matching user in the catalog for security reasons, and it can't find such a match so it rejects the sign in. See all the links posted above
Hmmm OK, I'll take a look....but I'm supposing (given the predisposition for thinking all GitHub users are using OAuth) that the one recommended in the ne documentation (- resolver: usernameMatchingUserEntityName) is not right for the plain GitHub App... so what should I use?
pogo61
commented
2 months ago So, I modified the ..../backstage/examples/org.yaml file to define my user as per my GitHub user and it now works! Thanks for all the help on this guys. May I suggest that there be a big banner placed on the docs to highlight the fact that 1.24.0 introduced BIG changes and then point to the new docs.....I'd also highlight the fact that an anonymous login no longer works and perhaps recommend doing what I did to get up and going again?
SeanoNET
commented
2 months ago Thanks everyone! Confirming adding a user to examples\org.yaml fixed my problem also. I appreciated the patience as this is all new to me :)
apiVersion: backstage.io/v1alpha1
kind: User
metadata:
name: seanonet
spec:
memberOf: [guests]I am having more issues now #23820 and not sure if it's related to the new backend changes.
What earlier version should I use that would best align with the documentation so I can have a better experience testing out backstage?
freben
commented
2 months ago I responded in there. You just hadn't added the github module for the scaffolder.
Dogacel
commented
2 months ago have you switched to the new backend system by changing your
packages/backend/src/index.tsaccording to https://backstage.github.io/upgrade-helper/?from=1.23.4&to=1.24.0 ?If yes, you might have missed adding
// auth plugin backend.add(import('@backstage/plugin-auth-backend')); // See https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin backend.add(import('@backstage/plugin-auth-backend-module-guest-provider')); // See https://github.com/backstage/backstage/blob/master/docs/auth/guest/provider.md + backend.add(import('@backstage/plugin-auth-backend-module-github-provider')); // catalog plugin backend.add(import('@backstage/plugin-catalog-backend/alpha')); backend.add( import('@backstage/plugin-catalog-backend-module-scaffolder-entity-model'), );More info in https://backstage.io/docs/backend-system/building-backends/migrating/#the-auth-plugin
And
Thanks everyone! Confirming adding a user to
examples\org.yamlfixed my problem also. I appreciated the patience as this is all new to me :)apiVersion: backstage.io/v1alpha1 kind: User metadata: name: seanonet spec: memberOf: [guests]
was the answer for my problem π Thanks!
The following pages need updating (and probably other providers too)
sivaprasadreddy
commented
2 months ago I followed all the steps mentioned in this thread:
But, still getting "The GitHub provider is not configured to support sign-in" error.
freben
commented
2 months ago @sivaprasadreddy you probably forgot to add the signIn key on your provider in app-config. https://backstage.io/docs/backend-system/building-backends/migrating#the-auth-plugin
sivaprasadreddy
commented
2 months ago After adding the resolvers, it worked. @freben Thanks.
auth:
environment: development
providers:
github:
development:
clientId: xxxxxx
clientSecret: xxxxxxx
signIn:
resolvers:
- resolver: emailMatchingUserEntityProfileEmail
- resolver: emailLocalPartMatchingUserEntityName
- resolver: usernameMatchingUserEntityName
π Description
I've been trying for the last day to get GitHub auth working, after upgrading to the latest release, assuming it was my fault, even though my config hasn't changed. Then I noticed that the latest release introduced braking changes to the auth providers. I downloaded release 1.23.4 and build it and it is working as before. It would be nice if you had made sure the auth provider plugins worked before releasing these changes.
π Expected behavior
Return a HTTP 200
π Actual Behavior with Screenshots
This is the error response gotten when trying to auth against gitHub using a GitHub App and the PAT:
π Reproduction steps
settings->Authentication Providers -> choose GitHub->sign in
π Provide the context for the Bug.
No response
π₯οΈ Your Environment
local installation of backstage with env:development
π Have you spent some time to check if this bug has been raised before?
π’ Have you read the Code of Conduct?
Are you willing to submit PR?
None