Extending sorcery with JIRA

In this tutorial post our Engineering Trainee Camila from the Berlin office will walk us through the process of adapting an existing open source solution for user authentication to new business requirements.

The challenge

About 6 months ago, a colleague gave me the idea to add JIRA to sorcery, a library used for authentication functionality in a Ruby application. When I looked into the code, my first reaction was “looks too complicated!”

Turned out that the real challenge was to extend somebody else’s code. Sorcery is not an application but a library, a little bit different from what I am used to work with.

The outcome of my work was to develop a way to allow users to log in with their JIRA credentials in any Ruby on Rails web application that can be linked to JIRA. JIRA is a proprietary issue tracking product, developed by Atlassian. Meltwater uses JIRA for bug tracking, issue tracking, and project management.

In this post I am explaining what I developed, how other developers can use it, and what I learned along the way.

What I panned to code

Sorcery provides different authentication functionalities that range from simple authentication with username and password to OAuth authentication via Twitter, Facebook, Xing. This is where JIRA comes in as an authentication provider.

OAuth is an open protocol to allow secure authorization in a simple and standard method from applications. This kind of authentication is safer because the user gives the password and username to the OAuth provider and third-party apps don’t have access to do things you don’t want them to do. Even if they get hacked, your JIRA (Twitter, Linkedin etc) password is still safe.

How I developed it

My fork of sorcery is at GitHub. I tried to follow how the others external providers were implemented, so I created a class called Jira in the module Providers:

>
1
2
3
4
5
6
7
8
9
10
11
>
1
2
3
4
5
6
7
8
9
10
11
12
>
1
2
3
4
5
6
7
8
9
10
11
12
>
1
>
1
2
>
1
2
3
4
5
6
7
8
9
10