adlogix / guzzle-atlassian-connect-middleware
An Atlassian Connect authentication middleware for Guzzle
Installs: 5 510
Dependents: 1
Suggesters: 0
Security: 0
Stars: 8
Watchers: 7
Forks: 2
Open Issues: 0
Requires
- php: >=5.6.0
- firebase/php-jwt: ^3.0 || ^4.0
Requires (Dev)
- guzzlehttp/guzzle: ^6.2
- phpunit/phpunit: ^5.6
- silex/silex: ^2.0
- twig/twig: ^1.26
Suggests
- guzzlehttp/guzzle: For using this library as it was created for Guzzle6. But you should be able to use it with any PSR-7 HTTP Client
README
The purpose of this middleware is to implement Atlassian Connect authentication as a Guzzle middleware. So you should read the Atlassian Connect documentation to understand terms used in this library
tl;dr;
- JWT: Json Web Token standard, atlassian version, Atlassian JWT Web decoder (use your query to get the QSH, use the query + the JWT token query param to validate it)
- QSH: Query String Hash
- Descriptor: Add-on Descriptor for Atlassian Connect, validate your descriptor against an atlassian product (syntax check only)
What it is
As you may have seen, Atlassian has a pretty complex authentication system, even just for read access on any of their products. We created this Guzzle middleware in order to help us to authenticate on an Atlassian product.
What it is not
- A full Atlassian [name-your-product] client.
Usage
See the index.php at root of this repository.
Real life testing
The Atlassian Product you want to authenticate to needs to contact your application using some form of webhooks, so we created the most basic application we could do to show you how it can be accomplished.
Use docker-compose:
$ docker-compose up -d
Use host names instead of ports
If you've launched the environment you already have a proxy running to redirect ngrok.dev and atlassian-connect.dev to the correct containers. You just have to put both domains to your host file or use a solution like dnsmasq on OSX, but be sure to redirect to your docker-machine IP.
To find your docker machine ip use:
$ docker-machine ip [machine-name]
Get your development instance
Atlassian changed the way to work on Confluence/Jira, now in order to create your plugin, you have to get a Developer Account and create your own instance. All the steps to create your environment are defined on the documentation page.
Once you have access to your own Atlassian Cloud instance and you put it in developer mode, we can continue and let the instance contact us.
Exposing our local app to the world
The Atlassian app we trying to authenticate must post some information to us, so we need to expose our app on the internet. That's the reason we have a ngrok container running. ngrok is an application which will create a tunnel between our environment and their servers, letting us to be accessed from everywhere.
You should now have a ngrok container running at ngrok.dev. When you connect you should see the tunnel url and, if you open it, all the tunnel trafic.
The url to use to install our demo application is https://[your-tunnel-id].eu.ngrok.io/descriptor.json
Note: Everytime you restart the ngrok container, the tunnel id will change, so you should reinstall your plugin each time. I know, it's bad.
Proxy Timeout
We've setup a proxy timeout of 10 minutes so we can do line by line without problems ;)