jira.js icon indicating copy to clipboard operation
jira.js copied to clipboard

Published 20 hours ago verified publisher icon MrRefactoring

Jira Connect App authenticate with JWT

Open Darkbound opened this issue 1 year ago • 12 comments

Hello,

I am in the process of building a Jira Connect App that I want to use to integrate my app with Jira spaces.

However, the Jira Connect Apps seem to be authenticating in a way that I don't see in the currently supported list of options, or I don't know exactly how to use the ones that currently exist, since the JWT generation depends on the key of the app, the specific path to the resource that I want to access, for example /rest/api/3/issue/ISSUE-1 and so on.

Is there a built in way to do this?

I love the package otherwise, I have used it for personal projects and now I want to go deeper into Jira.

Thanks

Darkbound avatar Dec 04 '23 17:12 Darkbound

Hello @Darkbound! I had JWT auth in v2 of library. But don't have any info it was worked or not. Could you please install v2 and test it. After that I expect any info about results here

https://www.npmjs.com/package/jira.js/v/2.20.1

Thank you!

MrRefactoring avatar Dec 04 '23 21:12 MrRefactoring

Hello @MrRefactoring thanks for getting back to me, I tested the older version and indeed it seems to be working. Would it be possible for you to re-add it? This is the only way to authenticate when integrating another platform with Jira basically, because the preferred way of doing it is with an App, that way we can generate tokens on the fly whenever needed, instead of having to deal with OAuth2 and bind the integration to a user instead of the whole Jira space.

I actually even forked it last night and was about to do it on my own, but luckily you replied quickly :D

image

Darkbound avatar Dec 05 '23 10:12 Darkbound

Please describe me how to issue needed auth data for writing integration test?

MrRefactoring avatar Dec 05 '23 13:12 MrRefactoring

@MrRefactoring what do you mean? You have it working in the previous version as you pointed out, is it not enough to simply restore the removed code?

https://github.com/MrRefactoring/jira.js/pull/284/files

In this PR you removed JWT and Oauth1, the JWT code is correct, it just needs to be restored.

Darkbound avatar Dec 05 '23 14:12 Darkbound

I need to write a tests for this case. And also wanna save browser capability (reason why I cannot just restore removed code).

At the moment I have needed info how to generate issuer, secret data somewhere in jira admin console

MrRefactoring avatar Dec 05 '23 14:12 MrRefactoring

@MrRefactoring ok so you need to create a Jira Connect App https://developer.atlassian.com/cloud/jira/platform/getting-started-with-connect/

You can serve the atlassian-connect.json with a simple http server as shown in the guide.

You will also need to provide a webhook endpoint for /installed when you install the App in jira they will send you a json payload that contains the sharedSecret and the issuer is the key that you wrote in the atlassian-connect.json

Then you can use these two to authenticate

Darkbound avatar Dec 06 '23 08:12 Darkbound

Thank you. Need to try it

MrRefactoring avatar Dec 08 '23 10:12 MrRefactoring

@MrRefactoring I did it with Next.js because its easiest to provide the endpoints, because they need to be under the same base url.

Let me know how hit goes :)

Darkbound avatar Dec 11 '23 07:12 Darkbound

Yup, I will let you know when I will have a chance to look :)

MrRefactoring avatar Dec 11 '23 11:12 MrRefactoring

any updates on this? I have the same issue in version 3.

erdinc avatar Feb 19 '24 12:02 erdinc

any updates on this? I have the same issue in version 3.

Hello! Unfortunately, I haven't had the opportunity to investigate this issue yet. My apologies for the inconvenience.

MrRefactoring avatar Feb 19 '24 16:02 MrRefactoring

any updates on this? I have the same issue in version 3.

For now the solution is to use the older version it works perfectly fine there

This is what we did

Darkbound avatar Feb 26 '24 20:02 Darkbound