在backstage.io内swagger启用PKCE

我正在使用在 docker 容器内运行的 backstage.io。

一切正常，我可以从本地 GitLab 导入我的目录信息，并且 OpenAPI 规范正确显示在 SwaggerUI 中，除了 SwaggerUI 中的授权（使用授权代码和 PKCE）。

这是我用于构建容器的 Dockerfile：

FROM node:18-bookworm-slim AS build

RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
  --mount=type=cache,target=/var/lib/apt,sharing=locked \
  apt-get update && \
  apt-get install -y --no-install-recommends python3 g++ build-essential && \
  yarn config set python /usr/bin/python3

WORKDIR /app

RUN npm install -g @backstage/[email protected]
RUN BACKSTAGE_APP_NAME="backstage" backstage-create-app --skip-install --path /app

RUN --mount=type=cache,target=/home/node/.cache/yarn,sharing=locked,uid=1000,gid=1000 \
  yarn install --network-timeout 600000
RUN --mount=type=cache,target=/home/node/.cache/yarn,sharing=locked,uid=1000,gid=1000 \
  yarn --cwd packages/backend add @backstage/plugin-catalog-backend-module-openapi

RUN sed -i "s+import { Router } from 'express';+import { Router } from 'express';\nimport { jsonSchemaRefPlaceholderResolver } from '@backstage/plugin-catalog-backend-module-openapi';+" packages/backend/src/plugins/catalog.ts
RUN sed -i "s/builder.addProcessor(new ScaffolderEntitiesProcessor());/builder.addProcessor(new ScaffolderEntitiesProcessor());\nbuilder.setPlaceholderResolver('openapi', jsonSchemaRefPlaceholderResolver);\nbuilder.setPlaceholderResolver('asyncapi', jsonSchemaRefPlaceholderResolver);/" packages/backend/src/plugins/catalog.ts

RUN yarn tsc
RUN yarn --cwd packages/backend build

RUN mkdir packages/backend/dist/skeleton packages/backend/dist/bundle \
  && tar xzf packages/backend/dist/skeleton.tar.gz -C packages/backend/dist/skeleton \
  && tar xzf packages/backend/dist/bundle.tar.gz -C packages/backend/dist/bundle

FROM node:18-bookworm-slim

# Install isolate-vm dependencies, these are needed by the @backstage/plugin-scaffolder-backend.
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
  --mount=type=cache,target=/var/lib/apt,sharing=locked \
  apt-get update && \
  apt-get install -y --no-install-recommends python3 g++ build-essential && \
  yarn config set python /usr/bin/python3

# Install sqlite3 dependencies. You can skip this if you don't use sqlite3 in the image,
# in which case you should also move better-sqlite3 to "devDependencies" in package.json.
# Additionally, we install dependencies for `techdocs.generator.runIn: local`.
# https://backstage.io/docs/features/techdocs/getting-started#disabling-docker-in-docker-situation-optional
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
  --mount=type=cache,target=/var/lib/apt,sharing=locked \
  apt-get update && \
  apt-get install -y --no-install-recommends libsqlite3-dev python3 python3-pip python3-venv build-essential && \
  yarn config set python /usr/bin/python3

WORKDIR /app

# Copy the install dependencies from the build stage and context
COPY --from=build --chown=node:node /app/yarn.lock /app/package.json /app/packages/backend/dist/skeleton/ ./

RUN --mount=type=cache,target=/home/node/.cache/yarn,sharing=locked,uid=1000,gid=1000 \
  yarn install --production --network-timeout 600000

# Copy the built packages from the build stage
COPY --from=build --chown=node:node /app/packages/backend/dist/bundle/ ./

# Copy Swagger oAuth redirect page
COPY --chown=node:node files/oauth2-redirect.html /app/packages/app/dist/oauth2-redirect.html

# This switches many Node.js dependencies to production mode.
ENV NODE_ENV production

CMD ["node", "packages/backend", "--config", "app-config.yaml"]

使用这些命令我构建然后运行它：

docker build --pull \
  -f Dockerfile \
  -t backstage-custom:latest \
  .

docker run --name backstage \
--hostname %H \
-p 127.0.0.1:7007:7007 \
--volume ~/backstage/data:/app/data \
--volume ~/backstage/app-config.yaml:/app/app-config.yaml \
--volume /var/run/docker.sock:/var/run/docker.sock \
backstage-custom:latest

我找到了这个页面，其中描述了如何添加重定向页面 - 我已经将其包含在 Dockerfile 中。

但是我仍然缺少的是如何启用设置usePkceWithAuthorizationCodeGrant，如here所述。

我尝试直接运行 SwaggerUI - 我可以定义此设置并且它有效！

docker run --rm -p 80:8080 \
-v ~/SWAGGER_UI:/foo \
-e SWAGGER_JSON=/foo/my-service-openapi.yml \
-e OAUTH_CLIENT_ID=backstage-dev \
-e OAUTH_SCOPES="openid offline" \
-e OAUTH_USE_PKCE=true \
swaggerapi/swagger-ui

但是我怎样才能在后台做到这一点呢？