I’m looking for a bit of design guidance around authentication.
I’m contemplating an app that will integrate with Atlassian JIRA. JIRA support OAuth authentication when configured for specific apps.
The API (using https://www.npmjs.com/package/jira-connector) requires an OAuth access token, secret and consumer and private keys.
I can imagine two ways to implement this:
- Use password accounts in Meteor and implement the OAuth dance using the example as per https://www.npmjs.com/package/jira-connector. Store the tokens and keys in the database and use them during access.
- Implement a new accounts type that lets the user directly authenticate with JIRA and then use the information from what authentication in the API calls.
Which approach is most practical? Is it possible to access the OAuth details if I write a custom service?