I am trying to test the JIRA Oauth 2.0 flow for my app.
I created my app in the develop console, set the permission and the call back url.
after redirect user to the auth url, in the callback from JIRA , the authorization code I get is always a JWT, and when I use it try to get the access_token , it get the response as a bad request. I use curl to test use the code to get access token, and get the error of “invalid authorization code.”
router.get('/jsm', async function(req,res){
const code = req.query.code;
if (code) {
// Exchange the code for an access token
try{
const params = new URLSearchParams();
params.append('grant_type', 'authorization_code');
params.append('client_id', CLIENT_ID);
params.append('client_secret', CLIENT_SECRET);
params.append('code', code);
params.append('redirect_uri', REDIRECT_URI);
const tokenResponse = await fetch('https://auth.atlassian.com/oauth/token', {
method: 'POST',
header: {
'Content-Type': 'application/json',
},
body: params
});
if (tokenResponse.ok) {
const data = await tokenResponse;
console.log(data)
} else {
console.log(tokenResponse.ok)
console.log(tokenResponse)
}
} catch (error) {
console.error('Error exchanging authorization code:', error);
res.redirect('/error-page');
}
}
I output the req query and code from the callback request from JIRA, the value of code is not like an authorization code.
if I try to use the code to get access_token, I will receive the error 400 bad request
