atlassian_connect_jwt 0.3.7 copy "atlassian_connect_jwt: ^0.3.7" to clipboard
atlassian_connect_jwt: ^0.3.7 copied to clipboard

Published 8 years ago
Dart 1 only

Metadata

Atlassian Connect extensions for Json Web Token

More...

Atlassian Connect extensions for Json Web Token #

Introduction #

Provides support for handling Atlassian Connect specific Json Web Tokens. Specifically:

  • Decoding and validating Atlassian product host generated tokens that are sent as part of requests to the addon host
  • Creating tokens for inclusion when sending requests to the Atlassian product hosts
    • Both these include the qsh (query string hash) claim
  • Session tokens for the addon to use when communicating between it's own client and server components
    • These include a custom claim for the product host key

This library can be used on it's own (e.g. as part of your own custom Dart based Atlassian Connect client framework) or as part of the Atlassian Connect Shelf based server.

Using #

Product Host Token #

####Decoding####

To decode a JWT string

JsonWebToken<ProductHostClaimSet> jwt = decodeProductHostToken(jwtStr);

Validating

Validating is the same as per dart_jwt

Claim Set

In addition to the standard claims, the ProductHostClaimSet includes the custom claim qsh which can be accessed as follows

String qsh = jwt.claimSet.queryStringHash;

####Encoding#### A function encapsulates the process of creating the token (creating the claims, signing request etc)

String jwtToken = createProductHostToken('/some/host/path', 'GET',
    { 'param1': 'value1' }, sharedSecret, hostKey);

Addon Session Token #

####Decoding####

To decode a JWT string

JsonWebToken<AddonSessionClaimSet> jwt = decodeAddonSessionToken(jwtStr);

Validating

Validating is the same as per dart_jwt

Claim Set

In addition to the standard claims, the AddonSessionClaimSet includes the custom claim productHostKey (as the issuer in this case is the addon itself) which can be accessed as follows

String productHostKey = jwt.claimSet.productHostKey;

####Encoding#### A function encapsulates the process of creating the token (creating the claims, signing request etc)

String jwtToken = createAddonSessionToken(addonSecret, addonKey, productHostKey, user);

Advanced Usage - QSH #

The library also exposes the query string hash mechanism. To create a qsh

String qsh = createQshFromPath(String path, String method, 
                         Multimap<String, String> queryParameters)

Issues #

  • Currently doesn't expose a way to configure the expiry timeouts of the claims.

Metadata

0
likes
10
pub points
0%
popularity

Publisher

unverified uploader

Metadata

Atlassian Connect extensions for Json Web Token

Homepage

License

unknown (license)

Dependencies

collection, dart_jwt, logging, path, quiver, shelf_auth

More

Packages that depend on atlassian_connect_jwt

Back