Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
atlassian-oauth2
Advanced tools
atlassian-oauth2 - npm Package Compare versions
Comparing version 0.1.1 to 0.2.0
@@ -9,3 +9,3 @@ var request = require('request'), | ||
| GRANT_TYPE = "urn:ietf:params:oauth:grant-type:jwt-bearer", | ||
| SCOPE_SEPERATOR = ' '; | ||
| SCOPE_SEPARATOR = ' '; | ||
@@ -19,5 +19,5 @@ | ||
| * @param {String} userKey - The user key (not username) of the user to retrieve an access token for | ||
| * @returns {Object>} A claimset to be encoded and sent with the token request | ||
| * @returns {Object>} A claimset to be encoded and sent with the token request | ||
| */ | ||
| function _createJwtClaim (hostBaseUrl, oauthClientId, userKey) { | ||
| function _createAssertionPayload (hostBaseUrl, oauthClientId, userKey) { | ||
| var now = Math.floor(Date.now() / 1000); | ||
@@ -50,4 +50,4 @@ var exp = now + EXPIRE_IN_SECONDS; | ||
| return new RSVP.Promise(function (resolve, reject) { | ||
| var jwtClaims = _createJwtClaim(opts.hostBaseUrl, opts.oauthClientId, opts.userKey); | ||
| var token = jwt.encode(jwtClaims, opts.sharedSecret); | ||
| var jwtClaims = _createAssertionPayload(opts.hostBaseUrl, opts.oauthClientId, opts.userKey); | ||
| var assertion = jwt.encode(jwtClaims, opts.sharedSecret); | ||
@@ -59,4 +59,4 @@ request({ | ||
| grant_type: GRANT_TYPE, | ||
| assertion: token, | ||
| scope: opts.scopes.join(SCOPE_SEPERATOR).toUpperCase() | ||
| assertion: assertion, | ||
| scope: opts.scopes.join(SCOPE_SEPARATOR).toUpperCase() | ||
| }, | ||
@@ -67,5 +67,7 @@ json: true, | ||
| } | ||
| }, function(err, reponse, body) { | ||
| }, function(err, response, body) { | ||
| if (err) { | ||
| reject(err); | ||
| } else if (response.statusCode < 200 || response.statusCode > 299) { | ||
| reject(body); | ||
| } else { | ||
@@ -80,4 +82,4 @@ resolve(body); | ||
| module.exports = { | ||
| _createJwtClaim: _createJwtClaim, | ||
| _createAssertionPayload: _createAssertionPayload, | ||
| getAccessToken: getAccessToken | ||
| } | ||
| }; |
| { | ||
| "name": "atlassian-oauth2", | ||
| "description": "Atlassian Connect OAuth2 library", | ||
| "version": "0.1.1", | ||
| "version": "0.2.0", | ||
| "author": "Seb Ruiz <sruiz@atlassian.com>", | ||
@@ -6,0 +6,0 @@ "repository": { |
| # atlassian-oauth2 | ||
|  | ||
|  | ||
@@ -33,2 +33,2 @@ A node module which facilitates the exchange of an add-ons JWT token for an OAuth 2 bearer token, | ||
| ``` | ||
| ``` |
@@ -18,3 +18,3 @@ var should = require('should'), | ||
| it('Claimset should have correct iss claim', function (done) { | ||
| var token = oauth2._createJwtClaim(hostBaseUrl, oauthClientId, "admin"); | ||
| var token = oauth2._createAssertionPayload(hostBaseUrl, oauthClientId, "admin"); | ||
| token.iss.should.be.eql("urn:atlassian:connect:clientid:" + oauthClientId); | ||
@@ -25,3 +25,3 @@ done(); | ||
| it('Claimset should have correct sub claim', function (done) { | ||
| var token = oauth2._createJwtClaim(hostBaseUrl, oauthClientId, "admin"); | ||
| var token = oauth2._createAssertionPayload(hostBaseUrl, oauthClientId, "admin"); | ||
| token.sub.should.be.eql("urn:atlassian:connect:userkey:admin"); | ||
@@ -33,3 +33,3 @@ done(); | ||
| var userkey = "苏千"; | ||
| var token = oauth2._createJwtClaim(hostBaseUrl, oauthClientId, userkey); | ||
| var token = oauth2._createAssertionPayload(hostBaseUrl, oauthClientId, userkey); | ||
| token.sub.should.equal("urn:atlassian:connect:userkey:" + userkey); | ||
@@ -40,3 +40,3 @@ done(); | ||
| it('Claimset should have correct aud claim', function (done) { | ||
| var token = oauth2._createJwtClaim(hostBaseUrl, oauthClientId, "admin"); | ||
| var token = oauth2._createAssertionPayload(hostBaseUrl, oauthClientId, "admin"); | ||
| token.aud.should.be.eql("https://auth.atlassian.io"); | ||
@@ -47,3 +47,3 @@ done(); | ||
| it('Claimset should have correct tnt claim', function (done) { | ||
| var token = oauth2._createJwtClaim(hostBaseUrl, oauthClientId, "admin"); | ||
| var token = oauth2._createAssertionPayload(hostBaseUrl, oauthClientId, "admin"); | ||
| token.tnt.should.be.eql(hostBaseUrl); | ||
@@ -54,3 +54,3 @@ done(); | ||
| it('Claimset should have a number iat claim', function (done) { | ||
| var token = oauth2._createJwtClaim(hostBaseUrl, oauthClientId, "admin"); | ||
| var token = oauth2._createAssertionPayload(hostBaseUrl, oauthClientId, "admin"); | ||
| token.iat.should.be.a.Number(); | ||
@@ -61,3 +61,3 @@ done(); | ||
| it('Claimset should have a number exp claim', function (done) { | ||
| var token = oauth2._createJwtClaim(hostBaseUrl, oauthClientId, "admin"); | ||
| var token = oauth2._createAssertionPayload(hostBaseUrl, oauthClientId, "admin"); | ||
| token.exp.should.be.a.Number(); | ||
@@ -85,8 +85,24 @@ done(); | ||
| oauth2.getAccessToken(createBaseOpts(opts)).then(function (token) { | ||
| oauth2.getAccessToken(createBaseOpts(opts)).then(function () { | ||
| interceptor.done(); // will throw assertion if endpoint is not intercepted | ||
| testCallback(); | ||
| }, function () { | ||
| interceptor.done(err || new Error('access token retrieval should have reported success')) | ||
| }); | ||
| } | ||
| function interceptFailedRequest(testCallback, replyCallback, failureMessage, opts) { | ||
| var interceptor = nock('https://auth.atlassian.io') | ||
| .post('/oauth2/token') | ||
| .reply(replyCallback); | ||
| oauth2.getAccessToken(createBaseOpts(opts)).then(function () { | ||
| interceptor.done(); // will throw assertion if endpoint is not intercepted | ||
| testCallback(new Error(failureMessage)); | ||
| }, function () { | ||
| interceptor.done(); // will throw assertion if endpoint is not intercepted | ||
| testCallback(); | ||
| }); | ||
| } | ||
| it('Retrieves access token from OAuth service', function (done) { | ||
@@ -96,4 +112,13 @@ interceptRequest(done, 200); | ||
| it('Rejects if access token response code is > 299', function (done) { | ||
| interceptFailedRequest(done, 400, 'should reject if response code is 400'); | ||
| }); | ||
| it('Rejects if access token response code is < 200', function (done) { | ||
| interceptFailedRequest(done, 110, 'should reject if response code is 110'); | ||
| }); | ||
| it('Accept header is application/json', function (done) { | ||
| interceptRequest(done, function (uri, requestBody) { | ||
| interceptRequest(done, function () { | ||
| this.req.headers.accept.should.be.eql("application/json"); | ||
@@ -104,3 +129,3 @@ }); | ||
| it('Request content-type is application/x-www-form-urlencoded', function (done) { | ||
| interceptRequest(done, function (uri, requestBody) { | ||
| interceptRequest(done, function () { | ||
| this.req.headers['content-type'].should.be.eql("application/x-www-form-urlencoded"); | ||
@@ -120,3 +145,3 @@ }); | ||
| var body = qs.parse(requestBody); | ||
| body.assertion.should.exist; | ||
| should.exist(body.assertion); | ||
| }); | ||
@@ -128,3 +153,3 @@ }); | ||
| var body = qs.parse(requestBody); | ||
| jwt.decode(body.assertion, sharedSecret).iss.should.exist; | ||
| should.exist(jwt.decode(body.assertion, sharedSecret).iss); | ||
| }); | ||
@@ -131,0 +156,0 @@ }); |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by587.16%
78755
- Number of package files
- increased by157.14%
18
- Lines of code
- increased by10.84%
225
Worsened metrics
- Number of lines in readme file
- decreased by-2.94%
33
- Number of medium supply chain risk alerts
- increased byInfinity%
1
No dependency changes