I'm trying to make internal ajax requests to pages inside of my plugin but I'd like to be able to authenticate these requests.
I read here, https://bitbucket.org/atlassian/atlassian-connect-express that:
In order to secure your route, the token must be part of the HTTP request back to the add-on service. This can be done by using the standard
jwt
query parameter:
<a href="/protected-resource?jwt={{token}}">See more</a>
The second option is to use the Authorization HTTP header, e.g. for AJAX requests:
beforeSend: function (request) { request.setRequestHeader("Authorization", "JWT {{token}}"); }
You can embed the token anywhere in your iframe content using the
token
content variable. For example, you can embed it in a meta tag, from where it can later be read by a script:
Authentication verification error: 401 Could not find stored client data for jira:c73e99c6-5235-49e4-9800-5468b96b57d5. Is this client registered?
app.get('/index', function (req, res) {
res.render('index', {
title: 'uDo Time Sheets',
token : req.query.jwt
});
});
app.get('/test2', addon.checkValidToken(),
function(req, res){
res.send(400);
}
);
I'm sure I'm missing something very basic, just not sure what. Any help would be appreciated.
Community moderators have prevented the ability to post new answers.
I found my error unrelated to the code above rather 2 issues:
Removing my /installed post handler and ensuring that my whitelist contained localhost:2990 as opposed to just *.localhost helped solve my issues. Removing whitelist altogether from config.php in development also works.
Hi Shinda,
I made an example add-on for this a while back.
Please try the example here: https://bitbucket.org/cjwhittington/hashexample/src
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Christopher Whittington @sss44,
I am able to access token in home page of my add-on. But, when I redirect to another page using AP.navigator.go(), then I couldn't get the JWT token there(in the redirected page). When I inspect, content in the meta tag is empty.
<meta name="token" content=""/>
How can I access the token in the redirected page?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello, I have the same problem Please let know if it will be resolved
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Its a token issue. You have to append the token to the url properly.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
could you tell me how to append it ?
Thanks
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Community moderators have prevented the ability to post new answers.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.