Hi I am using JWT authentication to connect jira rest api.
https://xxx.atlassian.net/rest/api/2/issue/68658?overrideScreenSecurity=true¬ifyUsers=false is not working whereas
https://xxx.atlassian.net/rest/api/2/issue/68658?overrideScreenSecurity=true
Whenever I include 2 query strings in url . It is throwing 401 exception. Could some one help me how to pass multiple query string parameters while using query string hash?
Hi, @sbonagiri.
To have a better context as to how you are invoking the endpoint, do you mind sharing code snippets of what you tried?
Thanks,
Ian
Hi @ianRagudo, Below are code snippets I am using
putData(ConfigurationManager.AppSettings[âJiraBaseUrlâ], â/rest/api/2/issue/â + 68658, âoverrideScreenSecurity=true¬ifyUsers=falseâ, customValue);
public void putData(string baseUrl, string apiPath, string queryString, string data)
{
string token = generatePayLoad(âPUTâ, baseUrl, apiPath, queryString);
var stringContent = new StringContent(data, Encoding.UTF8, âapplication/jsonâ);
using (var httpClient = new HttpClient { BaseAddress = new Uri(baseUrl) })
{
httpClient.DefaultRequestHeaders.Accept.Clear();
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue(âapplication/jsonâ));
httpClient.DefaultRequestHeaders.TryAddWithoutValidation(âAuthorizationâ, "JWT " + token);
using (var response = httpClient.PutAsync(apiPath + "?" + queryString, stringContent).Result)
{
string resp = response.Content.ReadAsStringAsync().Result;
}
}
}
public string generatePayLoad(string method,string baseUrl, string apiPath,string queryString)
{
var unixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc);
long issuedAt = (long)Math.Round((DateTime.UtcNow - unixEpoch).TotalSeconds);
long expiresAt = issuedAt + 3600L;
string canonical_request = method + â&â + apiPath + â&â + queryString;
string signed_canonical_requestByte = getQSH(canonical_request);
var payload = new Dictionary<string, object>()
{
{ âqshâ, signed_canonical_requestByte},
{ âissâ, âcom.FactSet.JIRAIntegrationsâ },
{ âiatâ, issuedAt },
{ âexpâ, expiresAt },
};
IJwtAlgorithm algorithm = new HMACSHA256Algorithm();
IJsonSerializer serializer = new JsonNetSerializer();
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder);
return encoder.Encode(payload, jwtToken);
}
static string getQSH(string qstring)
{
System.Security.Cryptography.SHA256Managed crypt = new System.Security.Cryptography.SHA256Managed();
StringBuilder hash = new StringBuilder();
byte[] crypto = crypt.ComputeHash(Encoding.UTF8.GetBytes(qstring));
foreach (byte theByte in crypto)
{
hash.Append(theByte.ToString("x2"));
}
return hash.ToString();
}
Let me know if I need to provide any other info
Hello @sbonagiri , have you tried URL encoding the query string? Based on this document âCreating a query string hashâ part, it says that query strings should be percent encoded. This makes sense since you only encounter the error when you include 2 query strings in the URL, which means you introduce â&â in the query string.
Kindly try it out. Thanks!
Ian
@ianRagudo I tried following one as well
apiHelper.putData(ConfigurationManager.AppSettings[âJiraBaseUrlâ], â/rest/api/2/issue/â + 68658, âoverrideScreenSecurity=true%26notifyUsers=falseâ, customValue);
but this one also failed. Do you think if I need to try something else?
I think we forgot this rule/step in computing the canonical query string
Sort the parameters primarily by their percent-encoded names and secondarily by their percent-encoded values.
Kindly try ânotifyUsers=false%26overrideScreenSecurity=trueâ instead.
Thatâs awesome⊠It fixed issue even though I didnt encode &. Thank you som much @ianRagudo
Youâre welcome @sbonagiri . Glad you made it work. In order to guide other community member/s who might experience the same problem, kindly mark the answer that solves the issue.
Have an awesome day 