@mavenmm/teamwork-auth 2.2.0 → 2.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CLAUDE.md +58 -0
- package/package.json +1 -1
package/CLAUDE.md
CHANGED
|
@@ -316,6 +316,8 @@ Or wait for the next page load - the hook will automatically fetch fresh data.
|
|
|
316
316
|
## Advanced Usage
|
|
317
317
|
|
|
318
318
|
### Getting Access Token for API Calls
|
|
319
|
+
|
|
320
|
+
**Frontend: Get Maven Access Token**
|
|
319
321
|
```tsx
|
|
320
322
|
const { getAccessToken } = useTeamworkAuth();
|
|
321
323
|
|
|
@@ -335,6 +337,60 @@ async function callAPI() {
|
|
|
335
337
|
}
|
|
336
338
|
```
|
|
337
339
|
|
|
340
|
+
### Getting Teamwork API Token (Backend/Serverless)
|
|
341
|
+
|
|
342
|
+
**For third-party integrations** (GraphQL servers, serverless functions, etc.) that need the actual **Teamwork API token**, use the `/token` endpoint:
|
|
343
|
+
|
|
344
|
+
```typescript
|
|
345
|
+
// In your serverless function or GraphQL resolver
|
|
346
|
+
async function getTeamworkToken(mavenAccessToken: string) {
|
|
347
|
+
const response = await fetch('https://auth.mavenmm.com/.netlify/functions/token', {
|
|
348
|
+
method: 'GET',
|
|
349
|
+
headers: {
|
|
350
|
+
'Authorization': `Bearer ${mavenAccessToken}`,
|
|
351
|
+
'X-Domain-Key': process.env.DOMAIN_KEY,
|
|
352
|
+
},
|
|
353
|
+
credentials: 'include', // Important: sends cookies
|
|
354
|
+
});
|
|
355
|
+
|
|
356
|
+
const data = await response.json();
|
|
357
|
+
return data.accessToken; // Teamwork API token
|
|
358
|
+
}
|
|
359
|
+
|
|
360
|
+
// Example: GraphQL resolver
|
|
361
|
+
const resolver = async (parent, args, context) => {
|
|
362
|
+
// Get Maven access token from request
|
|
363
|
+
const mavenToken = context.request.headers.authorization?.substring(7);
|
|
364
|
+
|
|
365
|
+
// Get Teamwork token from auth service
|
|
366
|
+
const teamworkToken = await getTeamworkToken(mavenToken);
|
|
367
|
+
|
|
368
|
+
// Use Teamwork token to call Teamwork API
|
|
369
|
+
const response = await fetch('https://your-site.teamwork.com/projects.json', {
|
|
370
|
+
headers: {
|
|
371
|
+
'Authorization': `Bearer ${teamworkToken}`,
|
|
372
|
+
}
|
|
373
|
+
});
|
|
374
|
+
|
|
375
|
+
return response.json();
|
|
376
|
+
};
|
|
377
|
+
```
|
|
378
|
+
|
|
379
|
+
**Response format:**
|
|
380
|
+
```json
|
|
381
|
+
{
|
|
382
|
+
"accessToken": "tw_xxx_teamwork_access_token",
|
|
383
|
+
"userId": "381243"
|
|
384
|
+
}
|
|
385
|
+
```
|
|
386
|
+
|
|
387
|
+
**Security notes:**
|
|
388
|
+
- Teamwork token stays server-side (never exposed to frontend)
|
|
389
|
+
- Requires valid Maven access token from `useTeamworkAuth()`
|
|
390
|
+
- Requires valid domain key
|
|
391
|
+
- Requires httpOnly cookies (refresh token)
|
|
392
|
+
- Rate limited: 100 requests per 15 minutes
|
|
393
|
+
|
|
338
394
|
### Manual Auth Service Override (Rare)
|
|
339
395
|
```tsx
|
|
340
396
|
// Only needed for custom deployments
|
|
@@ -685,6 +741,8 @@ See MIGRATION_V2.md in the auth service repo for detailed migration guide.
|
|
|
685
741
|
- ✅ **Automatic OAuth code detection** - No more manual `useEffect` for OAuth callbacks!
|
|
686
742
|
- ✅ Hook automatically processes `?code=` parameter from URL
|
|
687
743
|
- ✅ Duplicate login prevention built-in
|
|
744
|
+
- ✅ **New `/token` endpoint** - Third-party apps can fetch Teamwork API token server-to-server
|
|
745
|
+
- ✅ GraphQL/serverless function support for Teamwork API integration
|
|
688
746
|
- ✅ Updated documentation with localhost shared key (`dev_localhost_shared`)
|
|
689
747
|
- ✅ Comprehensive migration guide for existing apps
|
|
690
748
|
- ✅ Common troubleshooting issues table
|
package/package.json
CHANGED