Part1: Oauth 1.0A, NodeJS and Rational Team Concert OSLC

Today we will talk about Oauth 1.0A and Rational Team Concert. The idea is to access from a NodeJS App the artefacts from Rational Team Concert (RTC) and also from other Jazz Tools (CLM). The combination of CLM “Big Data” and NodeJS are unlimited and would open a lot of possibilities. But step by step…

BTW, I’m not complete satisfied with the solution, currently the Oauth dance seems to work. Any comment or hint from you would be great. In Part2 of this post we will see how to access a protected resource like a workitem.

Clean the Browser Cache:

When you test this little App you have to clean the Browser cookies every time. In Chrome goto Tools ->Clear Browser Cache… Don’t do this in your productive Browser, because you can lose your stored passwords and other things.

  1. Let us create a simple NodeJS App
  2. In order to identify your application to RTC we need a consumer key and consumer secret. Config a friend relationship of your app and RTC like here.
  3. Take Passport Oauth
  4. Access the OSLC interface of RTC. Examples are here.
  5. To enable Oauth debugging with like mention here

The NodeJS App:

//dont do this in a productive environment! It it necessary because of the self-signed-cert

var  config        = require('./oauthconfig.js')
var  passport      = require('passport');
var  express       = require('express');
var  https         = require('https');
var  http          = require('http');
var  OAuthStrategy = require('passport-oauth').OAuthStrategy;

passport.use('jazz', new OAuthStrategy({
        requestTokenURL:      config.rtc.requestTokenURL,
        accessTokenURL:       config.rtc.accessTokenURL,
        userAuthorizationURL: config.rtc.userAuthorizationURL,
        consumerKey:          config.rtc.consumerKey,
        consumerSecret:       config.rtc.consumerSecret,
        callbackURL:          config.rtc.callbackURL
    function(token, tokenSecret, profile, done) {
        return done(null, profile);

passport.serializeUser(function(user, done) {
    done(null, user);

passport.deserializeUser(function(id, done) {
    done(null, id);

var application = express.createServer();

application.configure(function() {
    // express logger into development mode
    application.use(express.session({ secret: 'keyboard cat' }));
    //Initialise passport before initialise the router
    application.use(express.errorHandler({ showStack: true, dumpExceptions: true }));
    application.set('view engine', 'jade');

application.configure('development', function() {
	application.use(express.errorHandler({dumpExceptions: true, showStack: true}));
	console.log("Starting in development mode");

application.get('/', function(request, response) {

    response.render('index', {
        user: request.user

application.get('/auth/jazz', passport.authenticate('jazz'));
application.get('/getCatalog', getCatalog);

    passport.authenticate('jazz', { successRedirect: '/', failureRedirect: '/auth/jazz' }));


And the configuration “oauthconfig.js”

var cfg = {
    rtc: {
        requestTokenURL:      'https://hostname:9443/jazz/oauth-request-token',
        accessTokenURL:       'https://hostname:9443/jazz/oauth-access-token',
        userAuthorizationURL: 'https://hostname:9443/jazz/oauth-authorize',
        consumerKey:          'yourConsumerKey',
        consumerSecret:       'yourConsumerSecret',
        callbackURL:          'http://localhost:3000/callback',
        host:	              'hostname',
        port:                 '9443'
module.exports = cfg

  1. Leave a comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: