blob: 71aba6feddd40e37c541f77277efe40c65e0c5b3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
# frozen_string_literal: true
module JiraConnect
class CreateAsymmetricJwtService
ARGUMENT_ERROR_MESSAGE = 'jira_connect_installation is not a proxy installation'
def initialize(jira_connect_installation)
raise ArgumentError, ARGUMENT_ERROR_MESSAGE unless jira_connect_installation.proxy?
@jira_connect_installation = jira_connect_installation
end
def execute
JWT.encode(jwt_claims, private_key, 'RS256', jwt_headers)
end
private
def jwt_claims
{ aud: aud_claim, iss: iss_claim, qsh: qsh_claim }
end
def aud_claim
@jira_connect_installation.audience_url
end
def iss_claim
@jira_connect_installation.client_key
end
def qsh_claim
Atlassian::Jwt.create_query_string_hash(
@jira_connect_installation.audience_installed_event_url,
'POST',
@jira_connect_installation.audience_url
)
end
def private_key
@private_key ||= OpenSSL::PKey::RSA.generate(3072)
end
def public_key_storage
@public_key_storage ||= JiraConnect::PublicKey.create!(key: private_key.public_key)
end
def jwt_headers
{ kid: public_key_storage.uuid }
end
end
end
|
