Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/evrone/atlassian-jwt

Bitbucket fork for atlassian-jwt gem
https://github.com/evrone/atlassian-jwt

Last synced: 10 months ago
JSON representation

Bitbucket fork for atlassian-jwt gem

Awesome Lists containing this project

README 

          
# Atlassian::Jwt



In order to access the

[Atlassian Connect REST APIs](https://developer.atlassian.com/cloud/jira/platform/rest/)

an app authenticates using a JSON Web Token (JWT). The token is

generated using the app's secret key and contains a *claim* which

includes the app's key and a hashed version of the API URL the

app is accessing. This gem simplifies generating the claim.



This gem provides helpers for generating Atlassian specific JWT

claims. It also exposes the [ruby-jwt](https://github.com/jwt/ruby-jwt)

gem's `encode` and `decode` methods.



## Installation



Add this line to your application's Gemfile:



```ruby

gem 'atlassian-jwt'

```



And then execute:



```sh

bundle

```



Or install it yourself as:



```sh

gem install atlassian-jwt

```



## Generating a JWT Token



```ruby

require 'atlassian/jwt'



# The URL of the API call, must include the query string, if any

url = 'https://jira.atlassian.com/rest/api/latest/issue/JRA-9'

# The key of the app as defined in the app description

issuer = 'com.atlassian.example'

# The HTTP Method (GET, POST, etc) of the API call

http_method = 'get'

# The shared secret returned when the app is installed

shared_secret = '...'



claim = Atlassian::Jwt.build_claims(issuer, url, http_method)

jwt = JWT.encode(claim, shared_secret)

```



If the base URL of the API is not at the root of the site,

i.e. `https://site.atlassian.net/jira/rest/api`, you will need to pass

in the base URL to `build_claims`:



```ruby

url = 'https://site.atlassian.net/jira/rest/api/latest/issue/JRA-9'

base_url = 'https://site.atlassian.net'



claim = Atlassian::Jwt.build_claims(issuer, url, http_method, base_url)

```



The generated JWT can then be passed in an `Authorization` header or

in the query string:



```ruby

# Header

uri = URI('https://site.atlassian.net/rest/api/latest/issue/JRA-9')

http = Net::HTTP.new(uri.host, uri.port)

request = Net::HTTP::Get.new(uri.request_uri)

request.initialize_http_header({'Authorization' => "JWT #{jwt}"})

response = http.request(request)

```



```ruby

# Query String

uri = URI("https://site.atlassian.net/rest/api/latest/issue/JRA-9?jwt=#{jwt}")

http = Net::HTTP.new(uri.host, uri.port)

request = Net::HTTP::Get.new(uri.request_uri)

response = http.request(request)

```



By default the issue time of the claim is now and the expiration is 60

seconds in the future, these can be overridden:



```ruby

claim = Atlassian::Jwt.build_claims(

  issuer,

  url,

  http_method,

  base_url,

  (Time.now - 60.seconds).to_i,

  (Time.now + 1.day).to_i

)

```



## Decoding a JWT token



The JWT from the server is usually returned as a param. The underlying

Ruby JWT gem returns an array, with the first element being the claims

and the second being the JWT header, which contains information about

how the JWT was encoded.



```ruby

claims, jwt_header = Atlassian::Jwt.decode(params[:jwt], shared_secret)

```



By default, the JWT gem verifies that the JWT is properly signed with

the shared secret and raises an error if it's not. However, sometimes it

is necessary to read the JWT first to determine which shared secret is

needed. In this case, use `nil` for the shared secret and follow it with

`false` to tell the gem to to verify the signature.



```ruby

claims, jwt_header = Atlassian::Jwt.decode(params[:jwt], nil, false)

```



See the [ruby-jwt doc](https://github.com/jwt/ruby-jwt) for additional

details.



## Development



After checking out the repo, run `bin/setup` to install dependencies.



Run `rake spec` to run the tests.



Run `bin/console` for an interactive prompt that allows you to experiment.



Run `bundle exec rake install` to install this gem to your local machine.



To release a new version, update the version number in `version.rb`, and

then run `bundle exec rake release`. It will create a git tag for the

version, push git commits and tags, and push the `.gem` file to

[rubygems.org](https://rubygems.org).



## Contributing



Bug reports and pull requests are welcome on Bitbucket at:

https://bitbucket.org/atlassian/atlassian-jwt-ruby