I have used oauth authentication with my rest api calls to jira on demand. It works almost well. But according to 1.0-m25 release of atlassian connect https://developer.atlassian.com/pages/viewrecentblogposts.action?key=AC, it is planning to use jwt in future. I cannot make the jwt work now. The following is my code example, I got 401 error. Can anyone help me?
String url = "http://localhost:2990/jira/rest/api/2/project?user_id=admin"; String sharedSecret = "ba8f15df-f026-4b1c-8c01-554447bb5fa8"; String pluginKey = "com.xxx.xxx"; Map<String, String[]> params = ImmutableMap.of("user_id", new String[]{"admin"} ); JwtWriterFactory jwtWriterFactory = new NimbusJwtWriterFactory(); JwtWriter jwtWriter = jwtWriterFactory.macSigningWriter(SigningAlgorithm.HS256, sharedSecret); JwtJsonBuilder jsonBuilder = new JsonSmartJwtJsonBuilder().issuer(pluginKey).subject("admin").issuedAt(TimeUtil.currentTimeSeconds()).expirationTime(TimeUtil.currentTimePlusNSeconds(600)); JwtClaimsBuilder.appendHttpRequestClaims(jsonBuilder, new CanonicalHttpUriRequest("GET", "/rest/api/2/project", "", params)); String jwt = jwtWriter.jsonToJwt(jsonBuilder.build()); url = url + "&jwt=" + jwt; System.out.println(url);
Community moderators have prevented the ability to post new answers.
Thanks for the report - we're tracking it at https://ecosystem.atlassian.net/browse/AC-882
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
M25 (which implements JWT) has not been released to OnDemand yet. You can test locally via the intrusctions in the docs, and we'll let you know as soon as m25 is available on OnDemand.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Increase the version of the jwt-plugin to 1.0-m6, when starting atlassian connect with atlas-run-standalone. We fixed this bug and haven't updated our docs just yet.
Thanks!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
public class ApplinksJwtIssuerService implements JwtIssuerValidator, JwtIssuerSharedSecretService{ public boolean isValid(String issuer) { try { return null != issuer && null != getApplicationLink(issuer); } catch (JwtUnknownIssuerException e) { return false; } }
It seems that jira consider issuer to be application link id which is causing trouble.
We cannot lookup the link id, because when the plugin is installed, we only know about the plugin key.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.