Skip to content

Commit

Permalink
Add act like user
Browse files Browse the repository at this point in the history
  • Loading branch information
Bukashk0zzz committed Dec 29, 2017
1 parent 3a1470f commit cbc0159
Show file tree
Hide file tree
Showing 9 changed files with 48 additions and 25 deletions.
1 change: 0 additions & 1 deletion DependencyInjection/AtlassianConnectExtension.php
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,6 @@ public function load(array $configs, ContainerBuilder $container): void
$config['dev'] = \array_merge($prod, $dev);

$container->setParameter('atlassian_connect', $config);
$container->setParameter('atlassian_connect_token_lifetime', $config['token_lifetime']);
$container->setParameter('atlassian_connect_dev_tenant', $config['dev_tenant']);

$loader = new Loader\YamlFileLoader($container, new FileLocator(__DIR__.'/../Resources/config'));
Expand Down
1 change: 0 additions & 1 deletion DependencyInjection/Configuration.php
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@ public function getConfigTreeBuilder(): TreeBuilder
$rootNode = $treeBuilder->root('atlassian_connect');
$rootNode
->children()
->variableNode('token_lifetime')->defaultValue(600)->end()
->variableNode('dev_tenant')->defaultValue(1)->end()
->variableNode('prod')->end()
->variableNode('dev')->end()
Expand Down
14 changes: 11 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,6 @@ Sample configuration in `config.yml`:
```yaml
atlassian_connect:
dev_tenant: 1
token_lifetime: 86400
prod:
key: 'your-addon-key'
name: 'Your Add-On Name'
Expand Down Expand Up @@ -126,6 +125,7 @@ In your **protected** controller action you can make a signed request to JIRA in
namespace App\Controller;
use AtlassianConnectBundle\Service\AtlassianRestClient;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Response;
Expand All @@ -141,9 +141,17 @@ class ProtectedController extends Controller
public function index()
{
$client = $this->container->get(AtlassianRestClient::class);
$json = $client->get('/rest/api/2/issue/KEY-XXX');
return new Response($json);
// Send request from system user
$issue = $client->get('/rest/api/2/issue/KEY-XXX');
// Send request from system user
$user = $client
->setUser('admin') // the primary key of the user in Jira/Confluence etc.
->get('/rest/api/2/myself')
;
return new Response([$issue, $user]);
}
}
```
Expand Down
1 change: 0 additions & 1 deletion Resources/config/services.yml
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,6 @@ services:
class: '%atlassian_connect_jwt_user_provider_class%'
arguments:
$registry: '@Doctrine\Common\Persistence\ManagerRegistry'
$tokenLifetime: '%atlassian_connect_token_lifetime%'
$tenantClass: '%atlassian_connect_tenant_entity_class%'

jwt_authenticator:
Expand Down
9 changes: 1 addition & 8 deletions Security/JWTUserProvider.php
Original file line number Diff line number Diff line change
Expand Up @@ -22,11 +22,6 @@ class JWTUserProvider implements UserProviderInterface
*/
protected $em;

/**
* @var int
*/
protected $tokenLifetime;

/**
* @var string
*/
Expand All @@ -36,13 +31,11 @@ class JWTUserProvider implements UserProviderInterface
* JWTUserProvider constructor.
*
* @param ManagerRegistry $registry
* @param int $tokenLifetime
* @param string $tenantClass
*/
public function __construct(ManagerRegistry $registry, int $tokenLifetime, string $tenantClass)
public function __construct(ManagerRegistry $registry, string $tenantClass)
{
$this->em = $registry->getManager();
$this->tokenLifetime = $tokenLifetime;
$this->tenantClass = $tenantClass;
}

Expand Down
21 changes: 20 additions & 1 deletion Service/AtlassianRestClient.php
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,11 @@ class AtlassianRestClient
*/
private $client;

/**
* @var string|null
*/
private $user;

/**
* @param TenantInterface|null $tenant
* @param TokenStorageInterface|null $tokenStorage
Expand Down Expand Up @@ -102,6 +107,19 @@ public function delete(string $restUrl): string
return $this->client->delete($this->buildURL($restUrl))->getBody()->getContents();
}

/**
* @param string|null $user
*
* @return AtlassianRestClient
*/
public function setUser(?string $user): AtlassianRestClient
{
$this->user = $user;
$this->createClient();

return $this;
}

/**
* @param string $restUrl
*
Expand All @@ -128,7 +146,8 @@ private function createClient(): Client
$stack->setHandler(new CurlHandler());
$stack->push(GuzzleJWTMiddleware::authTokenMiddleware(
$this->tenant->getAddonKey(),
$this->tenant->getSharedSecret()
$this->tenant->getSharedSecret(),
$this->user
));

return new Client(['handler' => $stack]);
Expand Down
24 changes: 16 additions & 8 deletions Service/GuzzleJWTMiddleware.php
Original file line number Diff line number Diff line change
Expand Up @@ -15,19 +15,20 @@ class GuzzleJWTMiddleware
/**
* JWT Authentication middleware for Guzzle
*
* @param string $issuer Add-on key in most cases
* @param string $secret Shared secret
* @param string $issuer Add-on key in most cases
* @param string $secret Shared secret
* @param null|string $user
*
* @return callable
*/
public static function authTokenMiddleware(string $issuer, string $secret): callable
public static function authTokenMiddleware(string $issuer, string $secret, ?string $user): callable
{
return Middleware::mapRequest(
function (RequestInterface $request) use ($issuer, $secret) {
function (RequestInterface $request) use ($issuer, $secret, $user) {
return new Request(
$request->getMethod(),
$request->getUri(),
\array_merge($request->getHeaders(), ['Authorization' => 'JWT '.static::createToken($request, $issuer, $secret)]),
\array_merge($request->getHeaders(), ['Authorization' => 'JWT '.static::createToken($request, $issuer, $secret, $user)]),
$request->getBody()
);
}
Expand All @@ -40,16 +41,23 @@ function (RequestInterface $request) use ($issuer, $secret) {
* @param RequestInterface $request
* @param string $issuer Key of the add-on
* @param string $secret Shared secret of the Tenant
* @param null|string $user
*
* @return string
*/
private static function createToken(RequestInterface $request, string $issuer, string $secret): string
private static function createToken(RequestInterface $request, string $issuer, string $secret, ?string $user): string
{
return JWT::encode([
$data = [
'iss' => $issuer,
'iat' => \time(),
'exp' => \strtotime('+1 day'),
'qsh' => QSHGenerator::generate((string) $request->getUri(), $request->getMethod()),
], $secret);
];

if ($user !== null) {
$data['sub'] = $user;
}

return JWT::encode($data, $secret);
}
}
1 change: 0 additions & 1 deletion Tests/Controller/DescriptorControllerTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@ public function testIndexAction(): void
];

$controller = new DescriptorController('dev', [
'token_lifetime' => 86400,
'dev_tenant' => 1,
'prod' => [],
'dev' => $data,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,6 @@ public function testLoadExtension(): void
$this->container->setParameter('kernel.environment', 'test');

$this->container->prependExtensionConfig($this->extension->getAlias(), [
'token_lifetime' => 86400,
'dev_tenant' => 1,
'prod' => [],
'dev' => [],
Expand Down

0 comments on commit cbc0159

Please sign in to comment.