Hi Java devs
I am currently facing an issue using the atlassian framework and specifically
atlassianHostRestClients.authenticatedAsAddon(host)
(With authenticatedAs(user) it is ok)
On my app Jira, I want to do CQL (for Confluence) call with (/api/search/cql) where issuer is the host.
The call fails with 401 UNAUTHORIZED.
The “culprit” is JwtGenerator which builds the token
JwtBuilder jwtBuilder = new JwtBuilder(expirationTime)
.issuer(addonDescriptorLoader.getDescriptor().getKey())
// .audience(host.getClientKey()) -- TODO Figure out whether we can / should set this?
.queryHash(queryHash)
.signature(host.getSharedSecret());
return jwtBuilder.build();
The given host is the confluence host, but the addonDescriptorLoader.getDescriptor().getKey() returns the Jira addon key !
If I dynamically put the Confluence addon key, it works fine.
So the question is: did somebody find a workaround ? How ? (Fork atlassian source, tweak spring loader, wait for atlassian fix, …)
Any hint is welcomed.
Thanks!
Laurent