RHIDP-1149: Enable Auto Logout feature by default, provide configuration options and documentation

[coreydaley]

Description

• Modified packages/app/src/components/AppBase/AppBase.tsx to include the AutoLogout component, enables by default and includes the defaults recommended by Backstage.
• Modified app-config.yaml to include options to modify the Auto Logout feature using environment variables.
• Updated showcase-docs/getting-started.md to include information about Secure by Default, having the Auto Logout feature enabled by default, and how to modify that configuration.

Which issue(s) does this PR fix

• Fixes Add the auto logout feature #664

PR acceptance criteria

Please make sure that the following steps are complete:

• GitHub Actions are completed and successful
• Unit Tests are updated and passing
• E2E Tests are updated and passing
• Documentation is updated if necessary (requirement for new features)
• Add a screenshot if the change is UX/UI related

How to test changes / Special notes to the reviewer

The Auto Logout feature does not work using the Guest login and was tested using the Github login feature.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 0d506ee

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[sonarcloud]

Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

[coreydaley]

/assign @kadel

[janus-idp]

backstage-showcase Tests on commit 2d1d61f finished with errors.
View test log

[github-actions]

The image is available at: quay.io/janus-idp/backstage-showcase:pr-944!

[gashcrumb]

I took a moment to try this locally but when running yarn start I see this error; maybe this dependency comes from the autologout component and just needs to be added to the package.json.

[gashcrumb]

I took a moment to try this locally but when running yarn start I see this error; maybe this dependency comes from the autologout component and just needs to be added to the package.json.

Never mind this, gave it another try and didn't have this error again. Autologout feature worked for me too, great!

[gashcrumb]

If we're keeping changelogs this PR will need one, but other than that looks good to me.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: gashcrumb
Once this PR has been reviewed and has the lgtm label, please ask for approval from kadel. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[coreydaley]

/hold
According to backstage/backstage#22692 (comment), the AutoLogout feature may introduce a false sense of security and not actually completely log the user out. Further investigation may be needed, or this may not be worth enabling.