Hi,
I’m trying to integrate OAuth authentication with a remote JIRA instance. JIRA uses OAuth 1 with an RSA-SHA1 public/private key pair. From reading the Meteor OAuth source code (OAuth1Binding.prototype._buildHeader
), I don’t think this is supported because it hardcodes HMAC-SHA1
as the signature method.
There is an NPM package that integrates JIRA OAuth (using the NPM oauth
module): https://www.npmjs.com/package/jira-connector. In simple tests, I can make this work.
I’m considering building a new account-*
style package that uses jira-connector
do to the heavy lifting, but which still creates a user and authenticates through the standard meteor machinery.
I’m finding the various accounts-*
(and oauth*
) packages pretty hard to follow.
Is there any documentation / example that illustrates the minimum set of requirements for building an account system. In theory, “all” I’d need it to do is:
- Call a function
JiraClient.oauth_util.getAuthorizeURL
with some fixed parameters to get some data back from JIRA. Basically this returns a URL for the user to visit, a requesttoken
, and atoken_secret
. The latter two need to be stored temporarily (inSession?
). - Capture a call-back URL (how do I do this without relying on a specific routing solution?) that will include a user
key
as a URL parameter. - Call a function
JiraClient.oauth_util.swapRequestTokenWithAccessToken
to obtain anaccessToken
. This needs to be stored in the database alongside thetoken_secret
. With these two I can make whatever future requests using the API I need. - Satisfy enough of the Accounts machinery that
Meteor.user()
and so on work as expected.
Any pointers appreciated!
Martin