Hi,
In my connect app, I am using user_created webhook in the descriptor file.
modules: {
webhooks: [
{
event: "user_created",
url: "/log-save/user_created"
}]
}
I want to authenticate the /log-save/user_created path but I am getting some error while validating the JWT that we get from the atlassian. I am using same authentication method that I used for enabled and disabled lifecylce hook but I am getting this error:
Expecting claim 'qsh' to have value 'abc' but instead it has the value 'xyz'.
Here is the JAVA code that I am using for validating the JWT-
public Jwt verifyWebhookRequest(JiraCloudRequestWrapper request) {
JavaxJwtRequestExtractor jwtRequestExtractor = new JavaxJwtRequestExtractor();
String jwt = jwtRequestExtractor.extractJwt(request);
CanonicalHttpRequest canonicalHttpRequest = jwtRequestExtractor.getCanonicalHttpRequest(request);
DefaultJwtClaimVerifiersBuilder verifier = new DefaultJwtClaimVerifiersBuilder();
Map<String, ? extends JwtClaimVerifier> requiredClaims = verifier.build(canonicalHttpRequest);
JwtIssuerValidator issuerValidator = atlassianJwtVerifiers;
JwtIssuerSharedSecretService issuerSharedSecretService = atlassianJwtVerifiers;
JwtReaderFactory jwtReaderFactory = new NimbusJwtReaderFactory(issuerValidator, issuerSharedSecretService);
return jwtReaderFactory.getReader(jwt).readAndVerify(jwt, requiredClaims);
}
Here atlassianJwtVerifiers has both the getSharedSecret and isValid.