Hello,
I’m developing a Connect app and I would like to call Jira API from callbacks. In this case, I’m trying to PUT a migration webhook in the installed lifecycle callback. But I also tried different GET methods like getting all registered webhooks or getting a project by project key. Yet in all those cases, Jira returns 400 with no specific message. This opens many questions in my head:
- Can I call Jira API in the installed callback? Edit: No, I cannot (my last post has a solution).
- Is 400 returned when JWT is incorrectly created?
- Is it a problem with headers?
- Is my request wrong?
Maybe the answer is simple but just for more information, this is my request (variable jwt is my custom script, method fetch is from a cross-fetch library):
let jwtToken = jwt.generateToken(
"PUT",
"https://my-jira.atlassian.net/rest/atlassian-connect/1/migration/webhook",
sharedSecret);
const bodyData = '{"endpoints": ["https://my-cloud-app.com/migration-event"]}';
const response = await fetch("https://my-jira.atlassian.net/rest/atlassian- connect/1/migration/webhook",
{
method: "PUT",
headers: {
"Content-Type": "application/json",
"Authorization": "JWT " + jwtToken
},
body: bodyData
});
The JWT token is generated using the Atlassian Javascript library atlassian-jwt (variable atlassianJwt in the code). The input is the HTTP method, URL, and shared secret received in the installed callback. This is how it’s generated:
const generateToken = (method, url, secret) => {
const now = moment().utc();
const request = atlassianJwt.fromMethodAndUrl(method, url);
const tokenData = {
"iss": "cz.closeit.atlassian.subtasks-navigation",
"iat": now.unix(),
"exp": now.add(5, 'minutes').unix(),
"qsh": atlassianJwt.createQueryStringHash(request)
};
return atlassianJwt.encodeSymmetric(tokenData, secret, "HS256");
};
The 400 is not very specific so to get this status, even JWT could be bad I guess. But in that case, I would expect the 401. At this point, I just have no clue where the problem is so any help would be appreciated.
Thank you.