Copyright	(c) Robert Massioli 2017
License	APACHE-2
Maintainer	rmassaioli@atlassian.com
Stability	experimental
Safe Haskell	None
Language	Haskell2010

Snap.AtlassianConnect.OAuth

Description

By default, all HTTP requests that your add-on makes to an Atlassian application (like JIRA or Confluence) will be performed as your add-on user. For example, if your add-on service makes a HTTP request to comment on a JIRA issue then the comment will be made as your add-on. However, if your addon requests the ACT_AS_USER scope then is is capable of using the OAuth service to generate an "access token" for a particular user on a tenant. This access token can be used to make make HTTP requests from your add-on service to an Atlassian product as a user inside that product. This allows you to make HTTP requests that can impersonate users on a given instance.

Using our previous example, if you generated an access token for the user Bob and then made the same request, but with that new access token, then the comment made on the issue would appear to come from Bob.

You can read more about access token on the official documentation.

Synopsis

Documentation

requestAccessToken Source #

Arguments

:: Tenant	The tenant to generate the Access Token for.
-> UserKey	The user key of the user on the tenant that should be impersonated.
-> Maybe [ProductScope]	The collection of scopes that will be used for impersonation. Providing none requests all scopes that the add-on provides.
-> IO (Either ProductErrorResponse (Maybe AccessTokenResponse))	Returns either a HTTP error or the result of attempting to parse the AccessTokenResponse.

Request an access token for a tenant and user with the requested scopes.

This token will allow you to post subsequent HTTP requests using the Snap.AtlassianConnect.HostRequest module as an impersonated user.

The access token that is returned should be reused as much as possible in order to avoid hitting rate limits from the token generation service. Each token is specific to the tenant, user and scopes that it was created for. This means that the token reuse must be tenant, user and scopes specific.

data AccessTokenResponse Source #

This represents the response that an OAuth Access token request should expect to recieve from auth.atlassian.io.

Constructors

AccessTokenResponse
Fields atrAccessToken :: AccessToken The access token that can be used in subsequent HTTP requests. atrExpiresIn :: Second The duration until this access token expires and can no longer be used. atrTokenType :: AccessTokenType The type of token that was returned from auth.atlassian.io.

Instances

FromJSON AccessTokenResponse Source #
Methods parseJSON :: Value -> Parser AccessTokenResponse #

data AccessToken Source #

An access token that can be used in subsequent requests.

data AccessTokenType Source #

The type of access token that was returned from the token generation service.

Constructors

Bearer	An OAuth 2 bearer token.
UnknownAccessTokenType	A token type that could not be parsed.

Instances

Enum AccessTokenType Source #
Methods succ :: AccessTokenType -> AccessTokenType # pred :: AccessTokenType -> AccessTokenType # toEnum :: Int -> AccessTokenType # fromEnum :: AccessTokenType -> Int # enumFrom :: AccessTokenType -> [AccessTokenType] # enumFromThen :: AccessTokenType -> AccessTokenType -> [AccessTokenType] # enumFromTo :: AccessTokenType -> AccessTokenType -> [AccessTokenType] # enumFromThenTo :: AccessTokenType -> AccessTokenType -> AccessTokenType -> [AccessTokenType] #
Eq AccessTokenType Source #
Methods (==) :: AccessTokenType -> AccessTokenType -> Bool # (/=) :: AccessTokenType -> AccessTokenType -> Bool #
Read AccessTokenType Source #
Methods readsPrec :: Int -> ReadS AccessTokenType # readList :: ReadS [AccessTokenType] # readPrec :: ReadPrec AccessTokenType # readListPrec :: ReadPrec [AccessTokenType] #