RHIDP-10991 document custom transformers

Signed-off-by: Fabrice Flore-Thébault <ffloreth@redhat.com>

Author: themr0c

assemblies/assembly-authenticating-with-the-guest-user.adoc

@@ -0,0 +1,10 @@
+:_mod-docs-content-type: ASSEMBLY
+:optional-steps: enable
+
+[id='enable-authentication-with-azure']
+= Enable authentication with Azure
+
+include::modules/authentication/proc-enabling-user-authentication-with-azure-with-optional-steps.adoc[leveloffset=+1]
+
+
+include::modules/authentication/proc-creating-a-custom-transformer-to-provision-users-from-azure-to-the-software-catalog.adoc[leveloffset=+1]

assemblies/assembly-enable-authentication-with-azure.adoc

@@ -1,11 +1,13 @@
 :_mod-docs-content-type: ASSEMBLY
 :optional-steps: enable
 
-[id='enabling-authentication-with-github']
-= Enabling authentication with GitHub
+[id='enable-authentication-with-github']
+= Enable authentication with GitHub
 
 include::modules/authentication/proc-enabling-user-authentication-with-github-with-optional-steps.adoc[leveloffset=+1]
 
 
 include::modules/authentication/proc-enabling-user-authentication-with-github-as-an-auxiliary-authentication-provider.adoc[leveloffset=+1]
 
+
+include::modules/authentication/proc-creating-a-custom-transformer-to-provision-users-from-github-to-the-software-catalog.adoc[leveloffset=+1]

…enabling-authentication-with-github.adoc …y-enable-authentication-with-github.adocassemblies/assembly-enabling-authentication-with-github.adoc renamed to assemblies/assembly-enable-authentication-with-github.adoc assemblies/assembly-enabling-authentication-with-github.adoc renamed to assemblies/assembly-enable-authentication-with-github.adoc

@@ -0,0 +1,10 @@
+:_mod-docs-content-type: ASSEMBLY
+:optional-steps: enable
+
+[id='enable-authentication-with-gitlab']
+= Enable authentication with GitLab
+
+// include::modules/authentication/proc-enabling-user-authentication-with-gitlab-with-optional-steps.adoc[leveloffset=+1]
+
+
+include::modules/authentication/proc-creating-a-custom-transformer-to-provision-users-from-gitlab-to-the-software-catalog.adoc[leveloffset=+1]

assemblies/assembly-enable-authentication-with-gitlab.adoc

@@ -1,7 +1,7 @@
 :_mod-docs-content-type: ASSEMBLY
 
-[id="assembly-authenticating-with-rhbk"]
-= Authenticating with {rhbk-brand-name} ({rhbk})
+[id="enable-authentication-with-rhbk"]
+= Enable authentication with {rhbk-brand-name} ({rhbk})
 
 
 include::modules/authentication/proc-enabling-user-authentication-with-rhbk-with-optional-steps.adoc[leveloffset=+1]

…s/assembly-authenticating-with-rhbk.adoc …bly-enable-authentication-with-rhbk.adocassemblies/assembly-authenticating-with-rhbk.adoc renamed to assemblies/assembly-enable-authentication-with-rhbk.adoc assemblies/assembly-authenticating-with-rhbk.adoc renamed to assemblies/assembly-enable-authentication-with-rhbk.adoc

@@ -0,0 +1,29 @@
+:_mod-docs-content-type: ASSEMBLY
+:optional-steps: enable
+
+[id='enable-authentication']
+= Enable authentication in {product}
+
+include::modules/authentication/con-understanding-authentication-and-user-provisioning.adoc[leveloffset=+1]
+
+
+include::assembly-enable-or-disable-authentication-with-the-guest-user.adoc[leveloffset=+1]
+
+
+include::assembly-enable-authentication-with-rhbk.adoc[leveloffset=+1]
+
+
+include::assembly-enable-authentication-with-github.adoc[leveloffset=+1]
+
+
+include::assembly-enable-authentication-with-azure.adoc[leveloffset=+1]
+
+
+include::assembly-enable-service-to-service-authentication.adoc[leveloffset=+1]
+
+
+include::modules/authentication/proc-enable-auto-logout-for-inactive-users.adoc[leveloffset=+1]
+
+
+include::assembly-authentication-troubleshooting.adoc[leveloffset=+1]
+

assemblies/assembly-enable-authentication.adoc

@@ -0,0 +1,14 @@
+:_mod-docs-content-type: ASSEMBLY
+
+[id="enable-or-disable-authentication-with-the-guest-user_{context}"]
+= Enable or disable authentication with the Guest user
+
+For trial or non-production environments, you can enable guest access to skip configuring authentication and authorization and explore {product-short} features.
+
+For production environments, disable guest access to ensure secure authentication and authorization.
+
+include::modules/authentication/proc-enable-the-guest-login-on-the-login-page.adoc[leveloffset=+1]
+
+
+include::modules/authentication/proc-disable-the-guest-login-on-the-login-page.adoc[leveloffset=+1]
+

assemblies/assembly-enable-or-disable-authentication-with-the-guest-user.adoc

@@ -1,19 +1,19 @@
 :_mod-docs-content-type: assembly
 :previous-context: {context}
-:context: enabling-service-to-service-authentication
-[id="enabling-service-to-service-authentication"]
-= Enabling service-to-service authentication
+:context: enable-service-to-service-authentication
+[id="enable-service-to-service-authentication"]
+= Enable service-to-service authentication
 
 To secure communication between services and verify identities without manual intervention, you can configure service-to-service authentication.
 {product} can use this mechanism for plugin-to-plugin communication, and for external service to plugin communication.
-{product-short} supports the following service-to-service authentication methods: 
+{product-short} supports the following service-to-service authentication methods:
 
 * Static tokens
 * JSON Web Key Sets (JWKS)
 
 [IMPORTANT]
 ----
-The availability of service-to-service authentication might vary for REST APIs. 
+The availability of service-to-service authentication might vary for REST APIs.
 Each plugin defines the restrictions on this feature.
 Consult your specific plugin's documentation for detailed limitations.
 

…g-service-to-service-authentication.adoc …e-service-to-service-authentication.adocassemblies/assembly-enabling-service-to-service-authentication.adoc renamed to assemblies/assembly-enable-service-to-service-authentication.adoc assemblies/assembly-enabling-service-to-service-authentication.adoc renamed to assemblies/assembly-enable-service-to-service-authentication.adoc

@@ -0,0 +1,75 @@
+:_mod-docs-content-type: PROCEDURE
+
+[id="creating-a-custom-transformer-to-provision-users-from-azure-to-the-software-catalog"]
+= Creating a custom transformer to provision users from Azure to the software catalog
+
+Customize how {product} provisions users and groups to {product} software catalog entities,
+by creating a backend module that uses the `keycloakTransformerExtensionPoint` to offer custom user and group transformers for the Azure backend.
+
+.Prerequisites
+* You have xref:enabling-user-authentication-with-azure-with-optional-steps[enabled provisioning users from Azure to the software catalog].
+
+.Procedure
+. Create a new backend module:
++
+[source,shell]
+----
+$ yarn new
+? What type of module would you like to create? backend-plugin-module
+? Enter the ID if the plugin [required]? catalog
+? Enter the ID of the module [required]? msgraph-transformer
+----
++
+The command creates a plugin named: `catalog-backend-module-msgraph-transformer`.
+
+. Install required packages:
++
+[source,shell]
+----
+$ yarn --cwd plugins/catalog-backend-module-msgraph-transformer add @backstage/plugin-catalog-backend-module-msgraph
+----
+
+. (Optional) Install recommended packages for UserEntity or GroupEntity type checking:
++
+[source,shell]
+----
+$ yarn --cwd plugins/catalog-backend-module-msgraph-transformer add @backstage/catalog-model
+----
+
+. Refer to the sample plugins and implement `plugins/catalog-backend-module-msgraph-transformer/src/module.ts`.
+
+. Package and export the plugin as a Dynamic Plugin, and embed the required package for the custom transformer.
++
+[source,shell]
+----
+$ npx @red-hat-developer-hub/cli@latest plugin export \
+  --embed-package @backstage/plugin-catalog-backend-module-msgraph
+----
+
+[IMPORTANT]
+====
+Verify that the installed plugin version is compatible with the Backstage version
+
+See plugin marketplace for the version to import.
+====
+
+
+.Verification
+
+* {product-short} imports the users and groups each time when started.
+Check the console logs to verify the synchronization result.
++
+Successful synchronization example:
++
+[source,json]
+----
+FIXME
+----
+
+* After the first import is complete, go to the *Catalog* page and select **User** to view the list of users.
+
+* When you select a user, you see the information imported from GitHub.
+
+* You can select a group, view the list, and access or review the information imported from GitHub.
+
+* You can log in with a GitHub account.