@roadiehq/catalog-backend-module-okta

import { Config } from '@backstage/config'; import { EntityProvider, EntityProviderConnection } from '@backstage/plugin-catalog-node'; import { UserProfile, User, GroupProfile, Group, Client } from '@okta/okta-sdk-nodejs'; import { GroupEntity, UserEntity } from '@backstage/catalog-model'; import { LoggerService } from '@backstage/backend-plugin-api'; type AccountConfig = { orgUrl: string; token?: string; oauth?: { clientId: string; keyId?: string; privateKey: string; }; userFilter?: string; groupFilter?: string; }; type GroupNamingStrategy = (group: OktaGroup) => string; type GroupNamingStrategies = 'id' | 'kebab-case-name' | 'profile-name' | undefined; declare const kebabCaseGroupNamingStrategy: GroupNamingStrategy; declare const idGroupNamingStrategy: GroupNamingStrategy; declare const profileNameGroupNamingStrategy: GroupNamingStrategy; declare class ProfileFieldGroupNamingStrategy { private fieldName; constructor(fieldName: string); nameForGroup: GroupNamingStrategy; } declare const groupNamingStrategyFactory: (strategy?: GroupNamingStrategies | GroupNamingStrategy) => GroupNamingStrategy; type UserNamingStrategy = (user: OktaUser) => string; type UserNamingStrategies = 'id' | 'kebab-case-email' | 'strip-domain-email' | 'slugify-email' | undefined; declare const idUserNamingStrategy: UserNamingStrategy; declare const stripEmailDomainUserNamingStrategy: UserNamingStrategy; declare const kebabCaseEmailUserNamingStrategy: UserNamingStrategy; declare const userNamingStrategyFactory: (strategy?: UserNamingStrategies | UserNamingStrategy) => UserNamingStrategy; declare const slugifyEmailUserNamingStrategy: UserNamingStrategy; /** * Stricter wrapper around the SDK `UserProfile`. The Okta API always returns * an `email` for active users, but the generated SDK types mark it optional. */ type OktaUserProfile = UserProfile & { email: string; }; /** * Stricter wrapper around the SDK `User`. `id` and `profile.email` are always * present at runtime on results returned by `listUsers` / `listGroupUsers`, * even though the generated SDK types mark them optional. */ type OktaUser = User & { id: string; profile: OktaUserProfile; }; /** * Stricter wrapper around the SDK `GroupProfile`. The Okta API always returns * a `name`, but the generated SDK types mark it optional. */ type OktaGroupProfile = GroupProfile & { name: string; }; /** * Stricter wrapper around the SDK `Group`. `id` and `profile.name` are always * present at runtime on results returned by `listGroups`, even though the * generated SDK types mark them optional. */ type OktaGroup = Group & { id: string; profile: OktaGroupProfile; }; type OktaGroupEntityTransformer = (group: OktaGroup, namingStrategy: GroupNamingStrategy, options: { annotations: Record<string, string>; members: string[]; }, parentGroup?: OktaGroup) => GroupEntity; type OktaUserEntityTransformer = (user: OktaUser, namingStrategy: UserNamingStrategy, options: { annotations: Record<string, string>; }) => UserEntity; type OktaScope = 'okta.groups.read' | 'okta.users.read'; declare abstract class OktaEntityProvider implements EntityProvider { protected readonly account: AccountConfig; protected readonly logger: LoggerService; protected connection?: EntityProviderConnection; abstract getProviderName(): string; protected constructor(account: AccountConfig, options: { logger: LoggerService; }); protected getClient(orgUrl: string, oauthScopes?: OktaScope[] | undefined): Client; connect(connection: EntityProviderConnection): Promise<void>; protected buildDefaultAnnotations(): Promise<{ "backstage.io/managed-by-location": string; "backstage.io/managed-by-origin-location": string; }>; protected getCustomAnnotations(member: OktaUser | OktaGroup, allowList: string[]): Record<string, string>; abstract run(): Promise<void>; } /** * Provides entities from Okta Group service. */ declare class OktaGroupEntityProvider extends OktaEntityProvider { private readonly namingStrategy; private readonly userNamingStrategy; private readonly groupEntityFromOktaGroup; private readonly groupFilter; private readonly orgUrl; private readonly customAttributesToAnnotationAllowlist; private hierarchyConfig; private readonly chunkSize; static fromConfig(config: Config, options: { logger: LoggerService; namingStrategy?: GroupNamingStrategies | GroupNamingStrategy; userNamingStrategy?: UserNamingStrategies | UserNamingStrategy; groupTransformer?: OktaGroupEntityTransformer; customAttributesToAnnotationAllowlist?: string[]; parentGroupField?: string; hierarchyConfig?: { parentKey: string; key?: string; }; chunkSize?: number; }): OktaGroupEntityProvider; constructor(accountConfig: AccountConfig, options: { logger: LoggerService; namingStrategy?: GroupNamingStrategies | GroupNamingStrategy; userNamingStrategy?: UserNamingStrategies | UserNamingStrategy; customAttributesToAnnotationAllowlist?: string[]; hierarchyConfig?: { parentKey: string; key?: string; }; groupTransformer?: OktaGroupEntityTransformer; chunkSize?: number; }); getProviderName(): string; run(): Promise<void>; } /** * Provides entities from Okta User service. */ declare class OktaUserEntityProvider extends OktaEntityProvider { private readonly namingStrategy; private readonly userEntityFromOktaUser; private readonly userFilter?; private readonly orgUrl; private readonly customAttributesToAnnotationAllowlist; static fromConfig(config: Config, options: { logger: LoggerService; customAttributesToAnnotationAllowlist?: string[]; namingStrategy?: UserNamingStrategies | UserNamingStrategy; userTransformer?: OktaUserEntityTransformer; }): OktaUserEntityProvider; constructor(accountConfig: AccountConfig, options: { logger: LoggerService; customAttributesToAnnotationAllowlist?: string[]; namingStrategy?: UserNamingStrategies | UserNamingStrategy; userTransformer?: OktaUserEntityTransformer; }); getProviderName(): string; run(): Promise<void>; } /** * Provides entities from Okta Org service. */ declare class OktaOrgEntityProvider extends OktaEntityProvider { private readonly groupNamingStrategy; private readonly userNamingStrategy; private readonly groupEntityFromOktaGroup; private readonly userEntityFromOktaUser; private readonly includeEmptyGroups; private readonly hierarchyConfig; private readonly customAttributesToAnnotationAllowlist; private readonly chunkSize; static fromConfig(config: Config, options: { logger: LoggerService; groupNamingStrategy?: GroupNamingStrategies | GroupNamingStrategy; userNamingStrategy?: UserNamingStrategies | UserNamingStrategy; groupTransformer?: OktaGroupEntityTransformer; userTransformer?: OktaUserEntityTransformer; includeEmptyGroups?: boolean; parentGroupField?: string; hierarchyConfig?: { parentKey: string; key?: string; }; customAttributesToAnnotationAllowlist?: string[]; chunkSize?: number; }): OktaOrgEntityProvider; constructor(accountConfig: AccountConfig, options: { logger: LoggerService; groupNamingStrategy?: GroupNamingStrategies | GroupNamingStrategy; userNamingStrategy?: UserNamingStrategies | UserNamingStrategy; groupTransformer?: OktaGroupEntityTransformer; userTransformer?: OktaUserEntityTransformer; includeEmptyGroups?: boolean; hierarchyConfig?: { parentKey: string; key?: string; }; customAttributesToAnnotationAllowlist?: string[]; chunkSize?: number; }); getProviderName(): string; run(): Promise<void>; } export { type GroupNamingStrategy as G, OktaEntityProvider as O, ProfileFieldGroupNamingStrategy as P, type UserNamingStrategy as U, type OktaUserEntityTransformer as a, OktaGroupEntityProvider as b, OktaUserEntityProvider as c, OktaOrgEntityProvider as d, type OktaGroup as e, type OktaGroupEntityTransformer as f, type OktaGroupProfile as g, type OktaUser as h, type OktaUserProfile as i, idGroupNamingStrategy as j, kebabCaseGroupNamingStrategy as k, groupNamingStrategyFactory as l, type GroupNamingStrategies as m, type UserNamingStrategies as n, idUserNamingStrategy as o, profileNameGroupNamingStrategy as p, kebabCaseEmailUserNamingStrategy as q, slugifyEmailUserNamingStrategy as r, stripEmailDomainUserNamingStrategy as s, userNamingStrategyFactory as u };