Hi,
I’m trying to integrate OAuth authentication with a remote JIRA instance. JIRA uses OAuth 1 with an RSA-SHA1 public/private key pair. From reading the Meteor OAuth source code (OAuth1Binding.prototype._buildHeader), I don’t think this is supported because it hardcodes HMAC-SHA1 as the signature method.
There is an NPM package that integrates JIRA OAuth (using the NPM oauth module): https://www.npmjs.com/package/jira-connector. In simple tests, I can make this work.
I’m considering building a new account-* style package that uses jira-connector do to the heavy lifting, but which still creates a user and authenticates through the standard meteor machinery.
I’m finding the various accounts-* (and oauth*) packages pretty hard to follow.
Is there any documentation / example that illustrates the minimum set of requirements for building an account system. In theory, “all” I’d need it to do is:
- Call a function
JiraClient.oauth_util.getAuthorizeURLwith some fixed parameters to get some data back from JIRA. Basically this returns a URL for the user to visit, a requesttoken, and atoken_secret. The latter two need to be stored temporarily (inSession?). - Capture a call-back URL (how do I do this without relying on a specific routing solution?) that will include a user
keyas a URL parameter. - Call a function
JiraClient.oauth_util.swapRequestTokenWithAccessTokento obtain anaccessToken. This needs to be stored in the database alongside thetoken_secret. With these two I can make whatever future requests using the API I need. - Satisfy enough of the Accounts machinery that
Meteor.user()and so on work as expected.
Any pointers appreciated!
Martin