bencolmer / laravel-fit-validator
Validate Atlassian Forge Invocation Tokens (FITs) in Laravel
Installs: 4
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 0
Forks: 0
Open Issues: 0
pkg:composer/bencolmer/laravel-fit-validator
Requires
- php: ^8.1
- firebase/php-jwt: ^7.0
- guzzlehttp/guzzle: ^7.10
- illuminate/contracts: ^10.0|^11.0|^12.0
- illuminate/http: ^10.0|^11.0|^12.0
- illuminate/support: ^10.0|^11.0|^12.0
Requires (Dev)
- orchestra/testbench: ^8.0|^9.0|^10.0
- phpunit/phpunit: ^10.0|^11.0|^12.0
README
This package allows you to validate and use Atlassian Forge Invocation Tokens (FITs) in Laravel.
Installation
- Install the package via composer:
composer require bencolmer/laravel-fit-validator
- Configure
.envvalues:
FIT_APP_ID="example:id::app/xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx" # The ID of your Forge application FIT_JWKS_URL="https://forge.cdn.prod.atlassian-dev.net/.well-known/jwks.json" # The JWKS URL for your Forge application
- Add the
fitmiddleware to any routes that should validate Forge Invocation Tokens.
Route::middleware('fit')->group(function () { // });
Token Usage
The fit middleware will validate the Forge Invocation Token and add the validated payload to the request input array.
Example:
// in routes/api.php Route::middleware('fit')->group(function () { Route::get('example', [ExampleController::class, 'index']); });
// in app/Http/Controllers/ExampleController.php use Illuminate\Http\Request; class JiraController extends Controller { public function index(Request $request) { $fit = $request->input('fit'); // ... } }
Advanced Usage
You can configure the package validate FIT tokens from multiple Forge applications:
- Publish package configuration
php artisan vendor:publish --provider="BenColmer\LaravelFITValidator\Providers\ServiceProvider"
- Add your Forge application details to the
applicationsarray inconfig/fit.php:
// ... 'applications' => [ // ... // details for your other application 'otherApp' => [ 'appId' => (string) env('FIT_OTHER_APP_ID', ''), 'jwksUrl' => (string) env('FIT_OTHER_JWKS_URL', ''), ] ],
- Update the
fitmiddleware to use the configuration for your new application
// in routes/api.php Route::middleware('fit')->group(function () { // validate FITs using the "default" application config }); Route::middleware('fit:otherApp')->group(function () { // validate FITs using the "otherApp" application config });
Testing
Run tests via PHPUnit:
./vendor/bin/phpunit
Credits
License
Laravel FIT Validator is open-sourced software licensed under the MIT license.