npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@seibert/atlassian-connect-tooling

v1.2.1

Published

Provides authentication & utility methods for Atlassian Connect apps running on Express.

Downloads

628

Readme

Atlassian Connect Tooling

Provides authentication & utility methods for Atlassian Connect apps running on Express or solutions with a compatible API like Firebase Cloud Functions.

Motivation

Atlassian Connect is a development framework for extending Atlassian cloud products. Operating a Connect app requires the constant adaption of new security standards and authentication mechanisms provided by Atlassian.

There are two official libraries that automatically comply with new requirements (Atlassian Connect Spring Boot and Atlassian Connect Express).

Atlassian Connect Express comes along with a whole development setup and is a bit biased on what databases to use. As we are using our own backend (GCP) and our Atlassian Connect functionality is just a single piece within a larger application we could not use this framework as a whole.

Unfortunately Atlassian Connect Express does not export reusable functionality if you have just Express in use. Most methods within their package require an (unstable to mock) addon object that is based on the configuration of the SDK.

This package provides reusable helper methods if you run Atlassian Connect on Express or solutions with a compatible API like Firebase Cloud Functions.

Features

Composable Install and Uninstall lifecycle hook middleware function

Atlassian announced changes to their Install- and Uninstall-lifecycle hook requirements. From 29th October 2021 these requests are decrypted asymmetrically. See announcement and documentation .

This packages exports composeAtlassianConnectInstallationMiddleware to get a middleware function that handles all this authentication stuff.

Example usage with Express

import {composeAtlassianConnectInstallationMiddleware} from "@seibert/atlassian-connect-tooling";

// if you use this before 29th Oct 2021 remember to opt-in to the new handshake in your atlassian-connect.json by adding "apiMigrations": {"signed-install": true}.
const installAuthentication = composeAtlassianConnectInstallationMiddleware({baseUrl: "https://example.com"});

app.post('/lifecycle/installed/', [installAuthentication], (req: Request, res: Response) => {
	// request is authenticated, process installation here. Necessary information are on request body.
	handleInstall(req.body).then(res.send);
});

app.post('/lifecycle/uninstalled/', [installAuthentication], (req: Request, res: Response) => {
	// request is authenticated, process uninstall here. Necessary information are on request body.
	handleUninstall(req.body).then(res.send);
});

Composable request authentication middleware

This packages exports composeAtlassianRequestAuthenticationMiddleware to get a middleware function that handles authentication of JWTs. The composed middleware verifies the requests as outlined in the Atlassian Connect documentation using a JWT signed with the sharedSecret of a tenant. You have to provide an async. method (fetchTenantByClientKey) that returns the client data you have persisted for the tenant. The object has to at least contain a sharedSecret.

const atlassianMiddlewareConfig = {
	baseUrl: ATLASSIAN_CONNECT_FILE.baseUrl,
	fetchTenantByClientKey(clientKey: string) {
		return getInstallation(db, clientKey);
	}
};
const atlassianAuthentication = composeAtlassianRequestAuthenticationMiddleware(atlassianMiddlewareConfig);
app.get("/macros/some-macro", [atlassianAuthentication], (req: Request & AuthenticatedAtlassianRequest, res: Response) => {
	// request is authenticated, verified information on req.atlassianVerified
	res.send();
});

Create JWTs for custom authentication

This packages exports createJwtForRequestAuthorization which allows you to create own JWTs that may be accepted by the middlewares functions from composeAtlassianRequestAuthenticationMiddleware. See docs of createJwtForRequestAuthorization for more information and code examples.

Example usage with Next.js

Express middlewares can be used with Next.js using a wrapper function. See their Connect/Express middleware support documentation .