Spotify Block Ads Github
Stephaine Zitzow
Just been searching on internet and came across spotify news that there 2m users who avoid ads without paying for premium membership. A little more digging up showed which domains to be added to host file.
On desktop or app? I sometimes have issue with desktop version where after playing a number of songs the desktop version stops at trying to play ad and I have to close and open again but don't get this issue often on phone app.
I had this issue when spclient.wg.spotify.com was blocked in my hosts file. This is in this block list. Remove it and see if it helps. Don't know if ads leak through yet as I just found this solution myself.
Hey there! Recently made the switch to Gutenberg for a new site after being on classic editor for years. For this particular site the use of blocks really appealed to me, especially spotify embeds (music site
Which theme are you using on the site? I checked the embed on a test site using the Twenty-Twenty-Two theme and I was able to reproduce the issue you are having with the Spotify block as shown in this screenshot.
The authentication system in Backstage serves two distinct purposes: sign-in andidentification of users, as well as delegating access to third-party resources. It is possible toconfigure Backstage to have any number of authentication providers, but onlyone of these will typically be used for sign-in, with the rest being used to provideaccess to external resources.
Identity management and the Sign-In page in Backstage will only block external access when using the new backend system, without setting backend.auth.dangerouslyDisableDefaultAuthPolicy in configuration. Even so, the frontend bundle is not protected from external access, protecting it requires the use of the experimental public entry point. You can learn more about this in the Threat Model.
The providers key may have several authentication providers, if multipleauthentication methods are supported. Each provider may also have configurationfor different authentication environments (development, production, etc). Thisallows a single auth backend to serve multiple environments, such as running alocal frontend against a deployed backend. The provider configuration matchingthe local auth.environment setting will be selected.
Using an authentication provider for sign-in is something you need to configureboth in the frontend app, as well as the auth backend plugin. For informationon how to configure the backend app, see Sign-in Identities and Resolvers.The rest of this section will focus on how to configure sign-in for the frontend app.
Sign-in is configured by providing a custom SignInPage app component. It will berendered before any other routes in the app and is responsible for providing theidentity of the current user. The SignInPage can render any number of pages andcomponents, or just blank space with logic running in the background. In the endhowever it must provide a valid Backstage user identity through the onSignInSuccesscallback prop, at which point the rest of the app is rendered.
Some auth providers are so-called "proxy" providers, meaning they're meant to be usedbehind an authentication proxy. Examples of these areAmazon Application Load Balancer,Azure EasyAuth,Cloudflare Access,Google Identity-Aware Proxyand OAuth2 Proxy.
When using a proxy provider, you'll end up wanting to use a different sign-in page, asthere is no need for further user interaction once you've signed in towards the proxy.All the sign-in page needs to do is to call the /refresh endpoint of the auth providersto get the existing session, which is exactly what the ProxiedSignInPage does. The onlything you need to do to configure the ProxiedSignInPage is to pass the ID of the provider like this:
A downside of this method is that it can be cumbersome to set up for local development.As a workaround for this, it's possible to dynamically select the sign-in page based onwhat environment the app is running in, and then use a different sign-in method for localdevelopment, if one is needed at all. Depending on the exact setup, one might choose toselect the sign-in method based on the process.env.NODE_ENV environment variable,by checking the hostname of the current location, or by accessing the configuration APIto read a configuration value. For example:
If you want to use the authentication capabilities of the Repository Picker inside your software templates you will need to configure the ScmAuthApi alongside your authentication provider. It is an API used to authenticate towards different SCM systems in a generic way, based on what resource is being accessed.
The IdentityApi gives access to the signed-in user's identity in the frontend.It provides access to the user's entity reference, lightweight profile information, anda Backstage token that identifies the user when making authenticated calls within Backstage.
When making calls to backend plugins, we recommend that the FetchApi is used, whichis exported via the fetchApiRef from @backstage/core-plugin-api. The FetchApi willautomatically include a Backstage token in the request, meaning there is no needto interact directly with the IdentityApi.
A common pattern for talking to third party services in Backstage isuser-to-server requests, where short-lived OAuth Access Tokens are requested byplugins to authenticate calls to external services. These calls can be madeeither directly to the services or through a backend plugin or service.
By relying on user-to-server calls we keep the coupling between the frontend andbackend low, and provide a much lower barrier for plugins to make use of thirdparty services. This is in comparison to for example a session-based system,where access tokens are stored server-side. Such a solution would require a muchdeeper coupling between the auth backend plugin, its session storage, and otherbackend plugins or separate services. A goal of Backstage is to make it as easyas possible to create new plugins, and an auth solution based on user-to-serverOAuth helps in that regard.
The method with which frontend plugins request access to third party services isthrough Utility APIs for each service provider. Theseare all suffixed with *AuthApiRef, for example githubAuthApiRef. For afull list of providers, see the@backstage/core-plugin-api reference.
Backstage uses Passport under the hood, which hasa wide library of authentication strategies for different providers. SeeAdd authentication provider for details on adding a newPassport-supported authentication method.
If you require only a subset of these integrations, then you will need a custom implementation of the ScmAuthApi. It is an API used to authenticate different SCM systems generically, based on what resource is being accessed, and is used for example, by the Scaffolder (Software Templates) and Catalog Import plugins.
The first step is to create a new authentication ref, which follows the naming convention of xxxAuthApiRef. The example below is for a new GitHub enterprise integration which can be defined either inside the app itself if it's only used for this purpose or inside a common internal package for APIs, such as @internal/apis:
By default, the Backstage authentication backend generates and manages its own signing keys automatically for any issuedBackstage tokens. However, these keys have a short lifetime and do not persist after instance restarts.
Alternatively, users can provide their own public and private key files to sign issued tokens. This is beneficial inscenarios where the token verification implementation aggressively caches the list of keys, and doesn't attempt to fetchnew ones even if they encounter an unknown key id. To enable this feature add the following configuration to your configfile:
The private key should be stored in the PKCS#8 format. The public key should be stored in the SPKI format.You can generate the public/private key pair, using openssl and the ES256 algorithm by performing the followingsteps:
64591212e2