Using atlassian connect for spring boot.
.
Our app gets loaded on issue details page
"modules": {
"jiraIssueContents": [
{
"icon": {
"width": 24,
"height": 24,
"url": "/img/app-logo.png"
},
"target": {
"type": "web_panel",
"url": "/connect/home/{issue.id}"
},
"name": {
"value": "App name"
},
"key": "key-panel"
}
],
When I go to issue details page, the app is hideen.
Keep the issue details page idle for 30 min and then click on app icon. request is sent to load app in iframe. However i get error as jwt is expired
Failed to authenticate request
org.springframework.security.authentication.BadCredentialsException: JWT signature verification failed: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiI1NTcwNTg6NmY2NmZiNjgtN2I2OC00NWY2LTkyMGEtZmM2YWJlZWYzYjBiIiwicXNoIjoiZTY4Y2Q5MTEzN2QzZmE4MGUzY2NhZmRkNWVkNDFjZWUxNTg2OTYwNzdkN2M2ZGY2NDY4MWYyMjI4ZDlmM2U0YSIsImlzcyI6IjE4YjM0ZTUzLTI4YWMtM2U5My05MzU3LWU4OWYwZTU0YmI1ZiIsImNvbnRleHQiOnt9LCJleHAiOjE2OTY0ODYxODksImlhdCI6MTY5NjQ4NTI4OX0.od0AH723oEc9HWtwjTX8ttIQRUrlzIglmn60Bq9WBjE
at com.atlassian.connect.spring.internal.auth.jwt.JwtAuthenticationProvider.verifyToken(JwtAuthenticationProvider.java:120) ~[atlassian-connect-spring-boot-core-3.0.1.jar:na]
at com.atlassian.connect.spring.internal.auth.jwt.JwtAuthenticationProvider.authenticate(JwtAuthenticationProvider.java:59) ~[atlassian-connect-spring-boot-core-3.0.1.jar:na]
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:182) ~[spring-security-core-5.7.5.jar:5.7.5]
at com.atlassian.connect.spring.internal.auth.jwt.JwtAuthenticationFilter.doFilterInternal(JwtAuthenticationFilter.java:86) ~[atlassian-connect-spring-boot-core-3.0.1.jar:na]
I checked the cacheable iframe to solve this issue, however cacheable iframe is not supported on issue details page https://developer.atlassian.com/cloud/jira/platform/modules/issue-content/
I tried using @IgnoreJwt for the initial iframe request, however it does not work.
Is there a way I can ignorejwt for the first iframe request?