atlassian-oauth-validator

OAuth validator middleware that can be used to authenticate requests coming from an Atlassian app running plugins3.

Atlassian OAuth Validator

The Atlassian OAuth Validator can be used as express js middleware for a Node JS application. It serves the purpose to authenticate incoming requests from an Atlassian Application to the Node JS application.

The flow would be as follows:

  • Startup Node JS application hosting a plugins 3 plugin xml file
  • Install the plugins 3 remotable plugin in your Atlassian application
  • If a webhook was registered in the atlassian-plugin.xml file the Atlassian App will call the Node JS app on this webhook with the Atlassian app's public key and additional information
  • The Node JS app should then persist this in a consumerStore (see the example/consumerStore.js implementation)
  • The Node JS app should then provide a UI to approve consumers in the consumer Store
  • Once approved the oauthValidator.js middleware can authenticate incoming requests with oauth parameters from the Atlassian app.

To use the middleware you need to register the following in your app configuration:

app.use("/issue", oauthValidator(consumerStore));

In this case only URLs under /issue will be protected. A consumerStore needs to be passed in which will be used to lookup and approve consumers (see example/consumerStore.js for the API that this consumerStore needs to implement).

For a complete working example checkout: https://bitbucket.org/knecht_andreas/nodejs-plugins3-server/