Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

atlassian-oauth2

Package Overview
Dependencies
Maintainers
3
Versions
11
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

atlassian-oauth2 - npm Package Compare versions

Comparing version 0.2.3 to 0.3.0

.npmignore

40

lib/oauth2.js

@@ -13,11 +13,13 @@ var request = require('request'),

/**
* Creates a JWT claimset for authenticating the add-on to the OAuth2 service
* Creates a JWT claimset for authenticating the add-on to the OAuth2 service.
*
* This is the generic base used to generate payloads for both accountId and userKey.
*
* @param {String} hostBaseUrl - The fully qualified instance name, for example `https://instance.atlassian.net`
* @param {String} oauthClientId - The OAuth client id which corresponds to the `hostBaseUrl` which was provided to the add-on during installation
* @param {String} userKey - The user key (not username) of the user to retrieve an access token for
* @param {String=} audience - The user key (not username) of the user to retrieve an access token for
* @param {String} subClaim - The sub claim to use when making the request to the server.
* @param {String=} audience - The authorization server to use (only intended to be changed for internal Atlassian use).
* @returns {Object} A claimset to be encoded and sent with the token request
*/
function _createAssertionPayload (hostBaseUrl, oauthClientId, userKey, audience) {
function _createGenericAssertionPayload (hostBaseUrl, oauthClientId, subClaim, audience) {
var now = Math.floor(Date.now() / 1000);

@@ -28,4 +30,4 @@ var exp = now + EXPIRE_IN_SECONDS;

"iss": JWT_CLAIM_PREFIX + ":clientid:" + oauthClientId,
"sub": JWT_CLAIM_PREFIX + ":userkey:" + userKey,
"tnt": hostBaseUrl,
"sub": subClaim,
"aud": audience || AUTHORIZATION_SERVER_URL,

@@ -37,2 +39,12 @@ "iat": now,

function _createUserKeyAssertionPayload(hostBaseUrl, oauthClientId, userKey, audience) {
var subClaim = JWT_CLAIM_PREFIX + ":userkey:" + userKey;
return _createGenericAssertionPayload(hostBaseUrl, oauthClientId, subClaim, audience);
}
function _createAAIDAssertingPayload(hostBaseUrl, oauthClientId, aAID, audience) {
var subClaim = JWT_CLAIM_PREFIX + ":useraccountid:" + aAID;
return _createGenericAssertionPayload(hostBaseUrl, oauthClientId, subClaim, audience);
}
/**

@@ -46,3 +58,4 @@ * Retrieves an OAuth 2 access token for a given user and instance by creating a JWT token

* @param {String} opts.sharedSecret - The shared secret which corresponds to the `hostBaseUrl` which was provided to the add-on during installation
* @param {String} opts.userKey - The user key (not username) of the user to retrieve an access token for
* @param {String} opts.userAccountId - The account id of the user to retrieve an access token for
* @param {String} opts.userKey - The user key (not username) of the user to retrieve an access token for (if userAccountId not provided)
* @param {String} opts.scopes - An array of scopes to request for when creating the access token

@@ -56,3 +69,12 @@ * @param {String=} opts.authorizationServerBaseUrl - An alternative authorization server to use (intended for internal use by Atlassian only)

return new RSVP.Promise(function (resolve, reject) {
var jwtClaims = _createAssertionPayload(opts.hostBaseUrl, opts.oauthClientId, opts.userKey, opts.authorizationServerBaseUrl);
var jwtClaims;
if(opts.userAccountId) {
jwtClaims = _createAAIDAssertingPayload(opts.hostBaseUrl, opts.oauthClientId, opts.userAccountId, opts.authorizationServerBaseUrl);
} else if(opts.userKey) {
jwtClaims = _createUserKeyAssertionPayload(opts.hostBaseUrl, opts.oauthClientId, opts.userAccountId, opts.authorizationServerBaseUrl);
} else {
reject('No user identifier (userKey or userAccountId) provided');
}
var assertion = jwt.encode(jwtClaims, opts.sharedSecret);

@@ -91,4 +113,6 @@

module.exports = {
_createAssertionPayload: _createAssertionPayload,
_createUserKeyAssertionPayload: _createUserKeyAssertionPayload,
_createAAIDAssertingPayload: _createAAIDAssertingPayload,
_createAssertionPayload: _createUserKeyAssertionPayload, // Don't change the default export in case something else is using it
getAccessToken: getAccessToken
};

2

package.json
{
"name": "atlassian-oauth2",
"description": "Atlassian Connect OAuth2 library",
"version": "0.2.3",
"version": "0.3.0",
"author": "Seb Ruiz <sruiz@atlassian.com>",

@@ -6,0 +6,0 @@ "repository": {

@@ -66,2 +66,9 @@ var should = require('should'),

});
it('Claimset should have aaid if supplied', function(done) {
var aaid = "21d6059f-cdfe-4db7-85c7-4a250c94667a";
var token = oauth2._createAAIDAssertingPayload(hostBaseUrl, oauthClientId, aaid);
token.sub.should.be.eql('urn:atlassian:connect:useraccountid:' + aaid);
done();
})
});

@@ -170,2 +177,17 @@

it('Request should work when only accountId provided', function(done) {
interceptRequest(done, 200, {
userKey: null, // this should remove the 'admin' default.
userAccountId: '21d6059f-cdfe-4db7-85c7-4a250c94667a'
})
});
it('Request should work when both accountId and userKey supplied', function(done) {
// It should use accountId if both provided
interceptRequest(done, 200, {
userKey: 'admin',
userAccountId: '21d6059f-cdfe-4db7-85c7-4a250c94667a'
});
});
describe('scopes', function () {

@@ -172,0 +194,0 @@ it('no scopes', function (done) {

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc