node-bitbucket icon indicating copy to clipboard operation
node-bitbucket copied to clipboard
verified publisher icon MunifTanjim

Support for signing requests with JWT token

Open nbransby opened this issue 6 years ago • 4 comments

According to these docs, if you want to call the API as an connect app you need to pass JWT in the query string or header param:

https://developer.atlassian.com/cloud/bitbucket/authentication-for-apps/

Also to create the JWT token in the first place according to these cdocs you need to include a query string hash: "A query string hash is a signed canonical request for the URI of the API you want to call.":

https://developer.atlassian.com/cloud/bitbucket/understanding-jwt-for-apps/

Does node-bitbucket support this?

nbransby avatar Jun 04 '19 11:06 nbransby

Those links are for JIRA.

Does Bitbucket Cloud API supports this?

MunifTanjim avatar Jun 04 '19 12:06 MunifTanjim

Yeah the docs are same https://developer.atlassian.com/cloud/bitbucket/authentication-for-apps/. I corrected the links.

Would be cool if you supported auto signing for requests using this lib: https://www.npmjs.com/package/atlassian-jwt

Otherwise we will some how have to get the query string from node-bitbucket so we can create the correct token for the API call

nbransby avatar Jun 04 '19 12:06 nbransby

Before this can be implemented, it'll need some architectural changes to the codebase. With the current architecture, I don't think it's possible.

MunifTanjim avatar Jun 16 '19 14:06 MunifTanjim

Raised a draft PR to address this: https://github.com/MunifTanjim/node-bitbucket/pull/117

pavel-solodilov avatar Jan 13 '22 16:01 pavel-solodilov