Send JWTClient requests with a custom token about atlassian-connect-core HOT 9 CLOSED

@egarazlic please write a whole picture here with details as you wrote in the email.

from atlassian-connect-core.

Story for issue

But have some errors

Every time someone install addon it will be created tenant row in database table(tenant) for a verification.
In table there are rows
[id 1: test.atlassian.net dummy tenant row] this is generated automaticly.
[id 2:xxxx.atlassian.net with keys]
[id 3:zzzzz.atlassian.net with keys]

Addon Is using Angular 4 integrated with Laravel.

First Call of addon Larave page Route (somepage)
{
$jwt = request('jwt', request()->header('Authorization'));
$data['user']=$jwt;
return view('ng-cli-app2',$data);
}
And in view is updated jwt.
Angular Part:
set JWT in localStorage.

After that on Angular HTTP request I set jwt in header with intercepter. and caling Laravel/Route in middleware with auth jwt

public function LaravelRoute(Request $request){

   /**
    $result= \Illuminate\Support\Facades\DB::table('tenant')->get();
    Still only 3 records 
   **/
    $jwt = request('jwt', request()->header('Authorization'));
    $user=(array)(base64_decode(explode(".", $jwt)[1]));
    $user=json_decode($user[0], true);
 /* 

The user from jwt is curent user of instance
**/

    $client = new JWTClient(Auth::user());

/**
Auth User is user who installed addon in tennant not user who is using addon
**/
if use something like this
$client->get('/rest/api/2/myself')
I got info from user who installed addon
*/
}

Is there a way to use client->get() with parameters from jwt. not from Auth::user();

from atlassian-connect-core.

@egarazlic you can extract "clientKey" from a JWT token:

$parts = JWTHelper::decode($jwt);
$clientKey = array_get($parts, 'body.iss');

$tenant = $this->tenantService->findByClientKeyOrFail($clientKey);
$client = new JWTClient($tenant);

from atlassian-connect-core.

@brezzhnev But it is not the question about singing with diferent tenant user.
Let me explain.
Me and you are users in Jira Instance.
If we have installed addon on JIRA and it gets its tenant row with key as in plugin.php
After installation if I am logged as user(wickelid) in Jira and run the addon passing my JWT it keeps geting signed with key from adon..if i run rest/api/2/myself it gets info from plugin key.

Or if you try to use your account in adon with key brezzhnev it keeps you loged in rest api as adon key.

Is there a way to use scope act as user with JWTClient
something as new JWTClient(Auth::user(),[user_key_to_act]);

from atlassian-connect-core.

@egarazlic your way of explanation is a little bit difficult.

So, as far as I understood (I hope I did that), you need to pass a custom JWT token to JWTClient?

from atlassian-connect-core.

@brezzhnev yes I need to pass custom JWT token to have authenticated as other user (curently loged in jira) not as adon-key user

from atlassian-connect-core.

@egarazlic there are two possible ways to do it:

With a fake Tenant
Create a Tenant instance and fill the fields addon_key, shared_secret, then pass it to the JWTClient.

Override HTTP Client
The constructor has the $client option, you can use it to pass your own configured client.
It means you able to initialize any middlewares. In your case, you can do something like this:

/**
 * Create the HTTP Client with a custom JWT token
 *
 * @param string $token
 *
 * @return \GuzzleHttp\Client
 */
public function createHttpClient(string $token)
{
    $stack = new \GuzzleHttp\HandlerStack();
    $stack->setHandler(new \GuzzleHttp\Handler\CurlHandler());

    $stack->push(\GuzzleHttp\Middleware::mapRequest(function (\Psr\Http\Message\RequestInterface $request) use ($token) {
        return new \GuzzleHttp\Psr7\Request(
            $request->getMethod(),
            $request->getUri(),
            array_merge($request->getHeaders(), ['Authorization' => 'JWT ' . $token]),
            $request->getBody()
        );
    }));

    return new \GuzzleHttp\Client(['handler' => $stack]);
}

...

$client = new JWTClient($tenant, null, $this->createHttpClient($jwtToken));

All your requests will be signed by passed JWT token.

These ways are workarounds, I'll think how to make it flexible.

from atlassian-connect-core.

@egarazlic is it working for you?

from atlassian-connect-core.

Let's consider it as closed.

from atlassian-connect-core.