AP.request gets a 401 Unauthorized

These codes gets 401 Unauthorized:

function doTLoadJWTToken() {
	  return new Promise((resolve, reject) => {
	    $.ajax({
	      url: '<?php echo $baseUrl; ?>/json/loadjwttoken',
	      type: 'POST',
	      data: {
	        key: 'value',
	      },
	      success: function (data) {
	        resolve(data)
	      },
	      error: function (error) {
	        reject(error)
	      },
	    })
	  })
}

doTLoadJWTToken()
  		.then((data) => {
    		var token = Ext.decode(data);    		
    		var GET = '/rest/api/2/'+key+'/worklog?jwt='+token.jwt;
    		AP.request({
    			url: GET,
    			type: 'GET',
    			headers: { 
    			    'Authorization': 'JWT ' + token.jwt,
    			    'Accept': 'application/json',
    			    'Content-Type': 'application/json'
    		    },
    			//contentType: 'application/json',
    			 success: function(response) { 
    			    console.log(response);
    			 },
    			 error: function(response){
    			    console.log(response);
    			 }
    	     });
  		})
  		.catch((error) => {
    		console.log(error);
  		});

What to do?

Yes we are trying to fetch worklog with javascritp with all.js. How ever the basic AP.request call end up ERROR 401 unauhtorized jwt token errror. Also atlasian documentation does not give example anyway how to use rest commands with jwt authorisation.

Is there Javascritp guy who knows how to jwt authorize rest api call with javascript?

Possible this code below generates a wrong JWT because it is not same HTTP request:

function doTLoadJWTToken() {
	  return new Promise((resolve, reject) => {
	    $.ajax({
	      url: '<?php echo $baseUrl; ?>/json/loadjwttoken',
	      type: 'POST',
	      data: {
	        key: 'value',
	      },
	      success: function (data) {
	        resolve(data)
	      },
	      error: function (error) {
	        reject(error)
	      },
	    })
	  })
}

Here is PHP version of generate right JWT:

$json = array();
		$json['success'] = true;
		$config = Zend_Registry::get('config');
		$applicationPath = Zend_Registry::get('applicationpath');
		// action body
		$request = $this->getRequest();
		$userAccountId = $request->getPost('userAccountId');
		$instance = Zend_Session::namespaceGet('instance');
		$customer = Zend_Session::namespaceGet($instance['instance'].'-customer');
		//print_r($domain);
		$appKey = $config->appkey;
		
		//var_dump($customer);
		//echo $domain->customer->domain;
		$file = file_get_contents( $config->customerPath."/".$customer['domain'].'/installed.txt');
		//echo $file;
		try {
			$phpNative = Zend_Json::decode($file);
		} catch (Zend_Json_Exception $e) {
			$json['success'] = false;
			$json['msg'] = $e->getMessage();
		}
		
		$secret = $phpNative['sharedSecret'];
		$clientKey = $phpNative['oauthClientId'];
		$AUTHORIZATION_SERVER_URL = $config->authorizationServerUrl;
		$EXPIRY_SECONDS = $config->expirySeconds;
		
		$iat = (integer) time();
		$exp = (integer) $iat + $EXPIRY_SECONDS;
		
		$token = array(
				"iss" => 'urn:atlassian:connect:clientid:'.$clientKey,
				"sub" => 'urn:atlassian:connect:useraccountid:'.$userAccountId,
				"tnt" => 'https://'.$customer['domain'],
				"aud" => $AUTHORIZATION_SERVER_URL,
				"iat" => $iat,
				"exp" => $exp
		);
		
		try {
			$assertion = JWT::encode($token, $secret);
		} catch (ExpiredException $e) {
			$json['success'] = false;
		}
		
		$config = array(
				'adapter'   => 'Zend_Http_Client_Adapter_Curl',
				'curloptions' => array(CURLOPT_FOLLOWLOCATION => true),
		);
		
		$uri = $AUTHORIZATION_SERVER_URL . '/oauth2/token';
		
		try {
			$client = new Zend_Http_Client($uri, $config);
		} catch (Zend_Uri_Exception $e) {
			$json['success'] = false;
			$json['msg'] = $e->getMessage();
		}
		
		// Setting several POST parameters, one of them with several values
		$client->setParameterPost(array(
				'scope' => $this->SCOPES,
				'assertion' => $assertion,
				'grant_type' => $this->GRANT_TYPE
		));
		
		$client->setMethod(Zend_Http_Client::POST);
		$response = $client->request();
		
		$body = $response->getBody();
		
		$phpNative = Zend_Json::decode($body);
		$access_token = $phpNative['access_token'];
		
		$issueKey = $request->getPost('key');
		$author = $request->getPost('author');
		
		$day = (integer) $request->getPost('day');
		$month = (integer) $request->getPost('month');
		$year = (integer) $request->getPost('year');
		
		//echo $month;
			
			$qsh = hash('sha256', "GET&/rest/api/2/issue/".$issueKey."/worklog&");
			
			$iat = (integer) time();
			$exp = (integer) $iat + $EXPIRY_SECONDS;
			
			$token = array(
					"iss" => $appKey,
					"iat" => $iat,
					"exp" => $exp,
					"qsh" => $qsh
			);
			
			try {
				$jwt = JWT::encode($token, $secret);
			} catch (ExpiredException $e) {
				$json['success'] = false;
				$json['msg'] = $e->getMessage();
			}
			
			$uri = 'https://'.$customer['domain']."/rest/api/2/issue/".$issueKey."/worklog?&jwt=".$jwt;
			
			try {
				$client = new Zend_Http_Client($uri, $config);
			} catch (Zend_Uri_Exception $e) {
				$json['success'] = false;
				$json['msg'] = $e->getMessage();
			}
			
			$client->setHeaders(array(
					'Content-type' => 'application/json; charset=utf-8',
					"Host" => $customer['domain'],
					"Accept" => "application/json",
					'Authorization' => 'Bearer '.$access_token
			));
			
			$client->setMethod(Zend_Http_Client::GET);
			$response = $client->request();
			
			$body = $response->getBody();
			
			//echo $body;
			
		    try {
				$phpNative = Zend_Json::decode($body);
			} catch (Zend_Json_Exception $e) {
				$json['success'] = false;
				$json['msg'] = $e->getMessage();
			}

But code above works only server side not client side with JavaScript only.

We god a help directly form Atlassian Support and do not need more help on this case.

Were still having isssua with Connect Aplication that tries from iframe fetch results from worklogs. Anyone have detailis how to generate jwt token or authorisation so that javascript can use all.js to fetch worklog details?