This AtlasCamp, we're talking a lot about Atlassian Connect and the new Confluence REST API. This session will bring it all together with an overview on building a Connect add-on with Confluence. We will cover best practices when writing complex dynamic macros with respect to security, performance and maintainability.
19. Dynamic Content Macros
Confluence Add onBrowser
Request
HTML
IFrame
Unformatted Code
Formatted
Requested
Returned
Macro Loaded
MACROS
20. • Dynamic Content Macros are good:!
• when they can take a while to load!
• when it involves a third-party integration!
• requires authentication to collect the body!
• when your macro is block macro
Dynamic Content Macros
MACROS
22. • Static Content Macros are good:!
• when you have many on the page!
• when the body is small or not sensitive!
• when you can avoid authentication
Static Content Macros
MACROS
23. • The Code Format Macro is a Dynamic Content Macro:!
• the body can be of any size!
• it integrates with a third party!
• its hard to predict the render time or the size of the output
Code Format Macro
MACROS
28. • Design allows for aggressive cache settings!
• You should set appropriate cache headers for your all your
resources
Caching
res.setHeader(!
!! ! 'Cache-Control',!
!! ! ['private','max-age=3600']!
);
routes/index.js
PERFORMANCE
29.
30. • A versioned URL allows you to control when your cached
content is refreshed
Versioned URLs
app.get('/v1/my-macro',!
function (req, res) { … }!
)
routes/index.js
PERFORMANCE
31.
32. • The macro body can be passed as a parameter!
• This can allow you to use caching on your resources, even
when the body is needed
Body as a Parameter
"staticContentMacros": [{!
"url": "/macro?body={macro.body}", !
…!
}]
atlassian-connect.json
PERFORMANCE
33. Body as a Parameter
Confluence Add onBrowser
Rendered
Requested
Returned
body=Awesome
PERFORMANCE
Cached
34. • Body is limited to 128 characters!
• May appear in Confluence logs!
• May be tracked in caches or proxies
Body as a Parameter
PERFORMANCE
41. • Use JWT for simple integration with Confluence REST api!
• Define your scopes to be as restrictive as possible
Web Security
{!
"key": "my-addon",!
"scopes": [ "read" ],!
"authentication": { "type": "jwt" },!
…!
} atlassian-connect.json
SECURITY