Get product advice from experts

Ask a question →

Join a community group

Find a group →

Advance your career with learning paths

Take a free class →

Earn badges and rewards

Connect and share ideas at events

See the calendar →

Community
Answers Developer Questions
Questions
cannot use jwt authentication with rest api in jira on demand

cannot use jwt authentication with rest api in jira on demand

I have used oauth authentication with my rest api calls to jira on demand. It works almost well. But according to 1.0-m25 release of atlassian connect https://developer.atlassian.com/pages/viewrecentblogposts.action?key=AC, it is planning to use jwt in future. I cannot make the jwt work now. The following is my code example, I got 401 error. Can anyone help me?

String url = "http://localhost:2990/jira/rest/api/2/project?user_id=admin";    
String sharedSecret = "ba8f15df-f026-4b1c-8c01-554447bb5fa8";
String pluginKey = "com.xxx.xxx";
Map&lt;String, String[]&gt; params = ImmutableMap.of("user_id", new String[]{"admin"} );   
JwtWriterFactory jwtWriterFactory = new NimbusJwtWriterFactory();
JwtWriter jwtWriter = jwtWriterFactory.macSigningWriter(SigningAlgorithm.HS256, sharedSecret);
JwtJsonBuilder jsonBuilder = new JsonSmartJwtJsonBuilder().issuer(pluginKey).subject("admin").issuedAt(TimeUtil.currentTimeSeconds()).expirationTime(TimeUtil.currentTimePlusNSeconds(600));
JwtClaimsBuilder.appendHttpRequestClaims(jsonBuilder, new CanonicalHttpUriRequest("GET", "/rest/api/2/project", "", params));
String jwt = jwtWriter.jsonToJwt(jsonBuilder.build());
			
url = url + "&amp;jwt=" + jwt;
System.out.println(url);

3 answers

1 accepted

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

0 votes

Answer accepted

Thanks for the report - we're tracking it at https://ecosystem.atlassian.net/browse/AC-882

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

https://answers.atlassian.com/questions/250024/atlassian-connect-how-to-use-an-jira-authentication-header- it's the same?

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

Reply

0 votes

M25 (which implements JWT) has not been released to OnDemand yet. You can test locally via the intrusctions in the docs, and we'll let you know as soon as m25 is available on OnDemand.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

The problem happens when I test locally with jira m25.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

Increase the version of the jwt-plugin to 1.0-m6, when starting atlassian connect with atlas-run-standalone. We fixed this bug and haven't updated our docs just yet.

Thanks!

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

Hi Alex, did you resolve it?

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

Reply

0 votes

public class ApplinksJwtIssuerService implements JwtIssuerValidator, JwtIssuerSharedSecretService{   
       public boolean isValid(String issuer)  {
        try
        {
            return null != issuer &amp;&amp; null != getApplicationLink(issuer);
        }
        catch (JwtUnknownIssuerException e)
        {
            return false;
        }
    }

It seems that jira consider issuer to be application link id which is causing trouble.

We cannot lookup the link id, because when the plugin is installed, we only know about the plugin key.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Reply

Was this helpful?

Thanks!

Answers Developer Questions

TAGS