MunifTanjim / node-bitbucket

Bitbucket API client for Browser and Node.js
https://bitbucketjs.netlify.app
MIT License
107 stars 28 forks source link

Support for signing requests with JWT token #31

Open nbransby opened 5 years ago

nbransby commented 5 years ago

According to these docs, if you want to call the API as an connect app you need to pass JWT in the query string or header param:

https://developer.atlassian.com/cloud/bitbucket/authentication-for-apps/

Also to create the JWT token in the first place according to these cdocs you need to include a query string hash: "A query string hash is a signed canonical request for the URI of the API you want to call.":

https://developer.atlassian.com/cloud/bitbucket/understanding-jwt-for-apps/

Does node-bitbucket support this?

MunifTanjim commented 5 years ago

Those links are for JIRA.

Does Bitbucket Cloud API supports this?

nbransby commented 5 years ago

Yeah the docs are same https://developer.atlassian.com/cloud/bitbucket/authentication-for-apps/. I corrected the links.

Would be cool if you supported auto signing for requests using this lib: https://www.npmjs.com/package/atlassian-jwt

Otherwise we will some how have to get the query string from node-bitbucket so we can create the correct token for the API call

MunifTanjim commented 5 years ago

Before this can be implemented, it'll need some architectural changes to the codebase. With the current architecture, I don't think it's possible.

pavel-solodilov commented 2 years ago

Raised a draft PR to address this: https://github.com/MunifTanjim/node-bitbucket/pull/117