Expecting claim 'qsh' to have value in Dynamic Content Macro

jiri.huml · December 12, 2018, 2:45pm

Hi,

I’m trying to get accountId of the current user in my Dynamic Content Macro, but always get response:
401 - Expecting claim 'qsh' to have value '...' but instead it has the value '...'

Here is my code:

  app.get("/team-member", addon.authenticate(), async function(req, res) {
    let userKey = req.query["user_key"];
    const httpClient = addon.httpClient(req);
    let reqUrl = `${baseUrl}/wiki/rest/api/user/?key=${userKey}`;
    httpClient.get(reqUrl, function(err, response, contents) {
      if (err || (response.statusCode < 200 || response.statusCode > 299)) {
        console.log(err);
        res.send(response.body);
      } else {
         ...
      }
  });

I also tried to use an endpoint /wiki/rest/api/user/current but the result is same.

Other REST API endpoints work fine (or at least ‘content’ does).

Scope READ is set in ‘atlassian-connect.json’.

Any experience with this issue, please?

Thanks for your time and reply,
Jiri

MickaelBonfill · October 3, 2019, 8:44pm

I have exactly the same issue, did you find any workaround ?

EDIT
It seems the base path /wiki is set by default by Atlassian Connect Express so request should be for example :

httpClient.get({
  url: '/rest/api/user',
  qs: { accountId: '<account-id>' }
}, function(err, res, body) {
  [...]
} );

Unfortunately the same issue occurs.
Also the JWT token is well sent via HTTP headers during the request…

MickaelBonfill · October 4, 2019, 3:15pm

Ok it seems there are changes with the latest version of the API, here’s what is working on my side

app.get("/team-member", addon.authenticate(), addon.checkValidToken(), async function(req, res) {
    let userKey = req.query["user_key"];
    const httpClient = addon.httpClient(req);
    httpClient.get({
        url: `/rest/api/user/?key=${userKey}`,
        headers: {
           'X-Atlassian-Token': 'nocheck', // already checked by the checkValidToken middleware
           'Content-Type': 'application/json'
        }
    }, function(err, response, contents) {
      if (err || (response.statusCode < 200 || response.statusCode > 299)) {
        console.log(err);
        res.send(response.body);
      } else {
         ...
      }
  });