diff --git a/apiclient/types/oauthapp.go b/apiclient/types/oauthapp.go index 1e52404a4..190757e5f 100644 --- a/apiclient/types/oauthapp.go +++ b/apiclient/types/oauthapp.go @@ -1,6 +1,7 @@ package types const ( + OAuthAppTypeAtlassian OAuthAppType = "atlassian" OAuthAppTypeMicrosoft365 OAuthAppType = "microsoft365" OAuthAppTypeSlack OAuthAppType = "slack" OAuthAppTypeNotion OAuthAppType = "notion" diff --git a/pkg/gateway/server/oauth_apps.go b/pkg/gateway/server/oauth_apps.go index 4337c2d21..c826aacd7 100644 --- a/pkg/gateway/server/oauth_apps.go +++ b/pkg/gateway/server/oauth_apps.go @@ -246,6 +246,14 @@ func (s *Server) authorizeOAuthApp(apiContext api.Context) error { q.Set("optional_scope", app.Spec.Manifest.OptionalScope) } + // Atlassian requires the audience and prompt parameters to be set. + // See https://developer.atlassian.com/cloud/jira/platform/oauth-2-3lo-apps/#1--direct-the-user-to-the-authorization-url-to-get-an-authorization-code + // for details. + if app.Spec.Manifest.Type == types2.OAuthAppTypeAtlassian { + q.Set("audience", "api.atlassian.com") + q.Set("prompt", "consent") + } + // For Google: access_type=offline instructs Google to return a refresh token and an access token on the initial authorization. // This can be used to refresh the access token when a user is not present at the browser // prompt=consent instructs Google to show the consent screen every time the authorization flow happens so that we get a new refresh token. diff --git a/pkg/gateway/types/oauth_apps.go b/pkg/gateway/types/oauth_apps.go index 4d1863047..ac4586aa2 100644 --- a/pkg/gateway/types/oauth_apps.go +++ b/pkg/gateway/types/oauth_apps.go @@ -11,6 +11,9 @@ import ( ) const ( + AtlassianAuthorizeURL = "https://auth.atlassian.com/authorize" + AtlassianTokenURL = "https://auth.atlassian.com/oauth/token" + SlackAuthorizeURL = "https://slack.com/oauth/v2/authorize" SlackTokenURL = "https://slack.com/api/oauth.v2.access" @@ -44,6 +47,9 @@ func ValidateAndSetDefaultsOAuthAppManifest(r *types.OAuthAppManifest, create bo } switch r.Type { + case types.OAuthAppTypeAtlassian: + r.AuthURL = AtlassianAuthorizeURL + r.TokenURL = AtlassianTokenURL case types.OAuthAppTypeMicrosoft365: r.AuthURL = fmt.Sprintf("https://login.microsoftonline.com/%s/oauth2/v2.0/authorize", r.TenantID) r.TokenURL = fmt.Sprintf("https://login.microsoftonline.com/%s/oauth2/v2.0/token", r.TenantID) diff --git a/ui/admin/app/components/oauth-apps/DeleteOAuthApp.tsx b/ui/admin/app/components/oauth-apps/DeleteOAuthApp.tsx index 85f3e99c9..5f3133edd 100644 --- a/ui/admin/app/components/oauth-apps/DeleteOAuthApp.tsx +++ b/ui/admin/app/components/oauth-apps/DeleteOAuthApp.tsx @@ -33,16 +33,28 @@ export function DeleteOAuthApp({ toast.success(`${spec.displayName} OAuth configuration deleted`); }); + const title = spec.noGatewayIntegration + ? `Delete ${spec.displayName} OAuth` + : `Reset ${spec.displayName} OAuth to use Obot Gateway`; + + const description = spec.noGatewayIntegration + ? `By clicking \`Delete\`, you will delete your ${spec.displayName} OAuth configuration.` + : `By clicking \`Reset\`, you will delete your custom ${spec.displayName} OAuth configuration and reset to use Obot Gateway.`; + + const buttonText = spec.noGatewayIntegration + ? `Delete ${spec.displayName} OAuth` + : `Reset ${spec.displayName} OAuth to use Obot Gateway`; + return (