larkintuckerllc · March 8, 2022 18:11
diff --git a/router.ts b/router.ts
 /*
 * Copyright 2020 The Backstage Authors
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
 import { Config } from '@backstage/config'
 import { errorHandler } from '@backstage/backend-common';
 import express from 'express';
 import Router from 'express-promise-router';
 import { Logger } from 'winston';
 import jwt from 'express-jwt';
 import jwksRsa from 'jwks-rsa';

 export interface RouterOptions {
  config: Config;
  logger: Logger;
 }

 type BackstageUser = {
  sub: string;
 }

 export async function createRouter(
  options: RouterOptions,
 ): Promise<express.Router> {
  const baseUrl = options.config.getString('backend.baseUrl');
  const checkJwt = jwt({
    algorithms: ['ES256'],
    audience: 'backstage',
    issuer: `${baseUrl}/api/auth`,
    secret: jwksRsa.expressJwtSecret({
      cache: true,
      jwksRequestsPerMinute: 5,
      jwksUri: `${baseUrl}/api/auth/.well-known/jwks.json`,
      rateLimit: true,
    }),
  });

  const { logger } = options;

  const router = Router();
  router.use(express.json());

  router.get('/health', checkJwt, (req, response) => {
    const user = req.user as BackstageUser;
    if (user === undefined) {
      response.status(401).send();
      return;
    }
    logger.info('PONG!');
    response.send({ status: user.sub });
  });

  router.use(errorHandler());
  return router;
 }
	/*
	* Copyright 2020 The Backstage Authors
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	import { Config } from '@backstage/config'
	import { errorHandler } from '@backstage/backend-common';
	import express from 'express';
	import Router from 'express-promise-router';
	import { Logger } from 'winston';
	import jwt from 'express-jwt';
	import jwksRsa from 'jwks-rsa';

	export interface RouterOptions {
	config: Config;
	logger: Logger;
	}

	type BackstageUser = {
	sub: string;
	}

	export async function createRouter(
	options: RouterOptions,
	): Promise<express.Router> {
	const baseUrl = options.config.getString('backend.baseUrl');
	const checkJwt = jwt({
	algorithms: ['ES256'],
	audience: 'backstage',
	issuer: `${baseUrl}/api/auth`,
	secret: jwksRsa.expressJwtSecret({
	cache: true,
	jwksRequestsPerMinute: 5,
	jwksUri: `${baseUrl}/api/auth/.well-known/jwks.json`,
	rateLimit: true,
	}),
	});

	const { logger } = options;

	const router = Router();
	router.use(express.json());

	router.get('/health', checkJwt, (req, response) => {
	const user = req.user as BackstageUser;
	if (user === undefined) {
	response.status(401).send();
	return;
	}
	logger.info('PONG!');
	response.send({ status: user.sub });
	});

	router.use(errorHandler());
	return router;
	}