Using AuthenticatedAsAddon returns 401

Jira Development Jira Cloud
, , , ,
1

Hi Java devs

I am currently facing an issue using the atlassian framework and specifically
atlassianHostRestClients.authenticatedAsAddon(host)
(With authenticatedAs(user) it is ok)

On my app Jira, I want to do CQL (for Confluence) call with (/api/search/cql) where issuer is the host.

The call fails with 401 UNAUTHORIZED.

The “culprit” is JwtGenerator which builds the token

        JwtBuilder jwtBuilder = new JwtBuilder(expirationTime)
                .issuer(addonDescriptorLoader.getDescriptor().getKey())
                // .audience(host.getClientKey()) -- TODO Figure out whether we can / should set this?
                .queryHash(queryHash)
                .signature(host.getSharedSecret());
        return jwtBuilder.build();

The given host is the confluence host, but the addonDescriptorLoader.getDescriptor().getKey() returns the Jira addon key !
If I dynamically put the Confluence addon key, it works fine.

So the question is: did somebody find a workaround ? How ? (Fork atlassian source, tweak spring loader, wait for atlassian fix, …)
Any hint is welcomed.

Thanks!
Laurent

2

Hi @LaurentNonnenmacher, I would like a bit more context here.

Is it correct that you have two Connect apps with different keys that you are backing by a single Spring Boot service using atlassian-connect-spring-boot? If so, that isn’t really a use case we support.

1 Like
3

Hi

We have actually 2 Springboot apps (so with 2 distinct atlassian-connect app).
And one “Jira” springboot app should retrieve data from Confluence instance (via connect rest API), without using a user, but only the AtlassianHost.

4

@LaurentNonnenmacher if you have two different Spring Boot applications running, I imagine you could do this either

  1. by sharing a database and using different tables to back AtlassianHostRepository (seems hacky).
  2. having the two apps communicate, i.e. proxying your requests from your Jira app to Confluence via your Confluence app.
5

Ok,

Sharing the database will not solve the connection from Jira SpringBoot and Confluence Cloud API instance.

But agree on the second point.
Thanks!