Hey there,
We have implemented the new Install Hook for Atlassian Connect for our Custom JWT Auth. solution. We are using Express.js but not ACE (Atlassian Connect Express) which does not export reusable middleware functions.
We have published our middleware as an open-source project. It is available as a npm module.
It is open source and may help people that are using Express.js, Next, Nuxt or some similar framework that is able to make use of an Express middleware function.
As basic usage might look like this:
import {composeAtlassianConnectInstallationMiddleware} from "@seibert/atlassian-connect-tooling";
// if you use this before 29th Oct 2021 remember to opt-in to the new handshake in your atlassian-connect.json by adding "apiMigrations": {"signed-install": true}.
const installAuthentication = composeAtlassianConnectInstallationMiddleware({baseUrl: "https://example.com"});
app.post('/lifecycle/installed/', [installAuthentication], async (req: Request, res: Response) => {
// request is authenticated, process installation here. Necessary information are on request body.
await handleInstall(req.body);
res.send();
});
app.post('/lifecycle/uninstalled/', [installAuthentication], async (req: Request, res: Response) => {
// request is authenticated, process uninstall here. Necessary information are on request body.
await handleUninstall(req.body);
res.send();
});
Security
The packages tests have full code coverage and demonstrate the rejection of invalid JWT payloads in different test suites.
Hope this helps someone
Julian