[Feature]: Allow customizing the authentication method

[cscleison]

Package

confluence-sync

What happened?

Hi, I was trying to use your lib for the 1st time but I'm struggling to auth successfully. When checking the logs, I noticed it's passing a header Authorization: Bearer <token> however this way of authenticating doesn't seem to be working for me (Confluence Cloud which I assume is always latest). When doing curl I can auth no problem with Authorization: Basic <email:pat in base64>. I'm not sure if the option with Bearer is no longer supported, but I've seen other folks facing the same situation.

When checking the confluence.js dependency, it seems the option personalAccessToken is no longer supported.

I'm wondering how this is working for you atm - I assume you use with Confluence Enterprise, or what I might be doing wrong...

I reckon you might not want to update confluence.js to v2 but would it be an option for you to relax the auth options and make it accept the basic way? The option does exist in v1.

PS: sorry maybe in the end this was a feat request and not a bug. Thanks!

Version

1.x (Default)

Relevant log output

{
  request: <ref *1> ClientRequest {
      _events: [Object: null prototype],
      _eventsCount: 7,
      _maxListeners: undefined,
      outputData: [],
      outputSize: 0,
      writable: true,
      destroyed: true,
      _last: true,
      chunkedEncoding: false,
      shouldKeepAlive: false,
      maxRequestsOnConnectionReached: false,
      _defaultKeepAlive: true,
      useChunkedEncodingByDefault: false,
      sendDate: false,
      _removedConnection: false,
      _removedContLen: false,
      _removedTE: false,
      strictContentLength: false,
      _contentLength: 0,
      _hasBody: true,
      _trailer: '',
      finished: true,
      _headerSent: true,
      _closed: true,
      socket: [TLSSocket],
      _header: 'GET /rest/api/content/redacted?expand=ancestors,version.number,children.page HTTP/1.1\r\n' +
        'Accept: application/json, text/plain, */*\r\n' +
        'Authorization: Bearer redacted\r\n' +
        'User-Agent: axios/1.9.0\r\n' +
        'Accept-Encoding: gzip, compress, deflate, br\r\n' +
        'Host: redacted.atlassian.net\r\n' +
        'Connection: close\r\n' +
        '\r\n',
      _keepAliveTimeout: 0,
      _onPendingData: [Function: nop],
      agent: [Agent],
      socketPath: undefined,
      method: 'GET',
      maxHeaderSize: undefined,
      insecureHTTPParser: undefined,
      joinDuplicateHeaders: undefined,
      path: '/rest/api/content/redacted?expand=ancestors,version.number,children.page',
      _ended: true,
      res: [IncomingMessage],
      aborted: false,
      timeoutCb: null,
      upgradeOrConnect: false,
      parser: null,
      maxHeadersCount: null,
      reusedSocket: false,
      host: 'redacted.atlassian.net',
      protocol: 'https:',
      _redirectable: [Writable],
      [Symbol(kCapture)]: false,
      [Symbol(kBytesWritten)]: 0,
      [Symbol(kNeedDrain)]: false,
      [Symbol(corked)]: 0,
      [Symbol(kOutHeaders)]: [Object: null prototype],
      [Symbol(errored)]: null,
      [Symbol(kHighWaterMark)]: 16384,
      [Symbol(kRejectNonStandardBodyWrites)]: false,
      [Symbol(kUniqueHeaders)]: null
    },
    data: { error: 'Failed to parse Connect Session Auth Token' }
  },
  status: 403
}

Code of Conduct

• I agree to follow this project's Code of Conduct

[javierbrea]

Hi @cscleison ,
Yes, you are right, we are using it with Confluence Enterprise. And, as said in the docs, it has been tested only with Confluence 8.5.x. Anyway, adding and option to let the user decide the authentication method is a good idea. 👍

[cth35]

Allowing a Basic Authentication would be great indeed.
In the meanwhile, you can still using Bearer Authentication by creating an App on Confluence (https://developer.atlassian.com/console) and get an OAuth2 Access token to be used with Bearer (https://developer.atlassian.com/cloud/confluence/oauth-2-3lo-apps/)
But usually this kind of token expires after 1 hour so it's not convenient because it is not permanent and you will need to generate the token very often and it need seveval steps to achieve :

• Execute URL given in Authorization URL generator in the UI console
• Click the Accept button on the returned page
• Get the 'code' in the returned URL
• Use this code in the GET to https://auth.atlassian.com/oauth/token
• Then you have the access token

EDIT : Well it seems that Bearer is managed only with API v2 otherwise it gives : com.atlassian.confluence.api.service.exceptions.GoneException: This deprecated endpoint has been removed.
So only Basic Auth will work with API v1

[cscleison]

I've moved on to another tool, just to let you know so you can perhaps put this on the back burner. Wishing success to the project. Thanks!

[javierbrea]

Hi again @cscleison, thank you for reporting the issue 😃
We’ll keep it in mind and try to implement it when we have the time — it might still be useful for us or other users in the future.
Wishing you the best with your new tool!

[javierbrea]

Just a quick update:

We initially planned to support custom authentication options by forwarding them directly to confluence.js, as suggested. However, due to a pagination limitation in confluence.js, we had to implement a workaround using a manual API call to retrieve all child pages.

This means that, at the moment, we're bypassing confluence.js for that specific call, which makes it impractical to support all possible authentication methods (e.g., Basic, Bearer, OAuth) in a consistent and maintainable way.

Because of this, we’ve decided to wait until pagination is officially supported in confluence.js (see related issue here) before implementing full support for custom authentication options. Once that’s resolved, we’ll be able to remove the workaround and delegate the call back to the library, making this feature much easier to support.

[cth35]

Hello, for information ,the issue in confluence.js you mentioned seems to be solved : MrRefactoring/confluence.js#145
Regards.