Skip to content

Commit 5d9234d

Browse files
Shaun Dunningbradfitz
Shaun Dunning
authored and
bradfitz
committed
jira: update jira JWT subject per Atlassian's recent GDPR changes
Recently, Atlassian decided to remove `userKey` from JWT construction b/c they determined that it could contain personally identifiable information. They've since switched to the user account ID. This change updates the jira JWT to reflect these recent change. Fixes #312 Change-Id: I4bd66cf925fdf38e02dd665befb5ab5f19f14ee7 GitHub-Last-Rev: 344bb60 GitHub-Pull-Request: #389 Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/185081 Reviewed-by: Brad Fitzpatrick <[email protected]> Run-TryBot: Brad Fitzpatrick <[email protected]> TryBot-Result: Gobot Gobot <[email protected]>
1 parent 0f29369 commit 5d9234d

File tree

2 files changed

+5
-5
lines changed

2 files changed

+5
-5
lines changed

jira/jira.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -81,7 +81,7 @@ func (js jwtSource) Token() (*oauth2.Token, error) {
8181
exp := time.Duration(59) * time.Second
8282
claimSet := &ClaimSet{
8383
Issuer: fmt.Sprintf("urn:atlassian:connect:clientid:%s", js.conf.ClientID),
84-
Subject: fmt.Sprintf("urn:atlassian:connect:userkey:%s", js.conf.Subject),
84+
Subject: fmt.Sprintf("urn:atlassian:connect:useraccountid:%s", js.conf.Subject),
8585
InstalledURL: js.conf.BaseURL,
8686
AuthURL: js.conf.Endpoint.AuthURL,
8787
IssuedAt: time.Now().Unix(),

jira/jira_test.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@ func TestJWTFetch_JSONResponse(t *testing.T) {
3030

3131
conf := &Config{
3232
BaseURL: "https://my.app.com",
33-
Subject: "userkey",
33+
Subject: "useraccountId",
3434
Config: oauth2.Config{
3535
ClientID: "super_secret_client_id",
3636
ClientSecret: "super_shared_secret",
@@ -69,7 +69,7 @@ func TestJWTFetch_BadResponse(t *testing.T) {
6969

7070
conf := &Config{
7171
BaseURL: "https://my.app.com",
72-
Subject: "userkey",
72+
Subject: "useraccountId",
7373
Config: oauth2.Config{
7474
ClientID: "super_secret_client_id",
7575
ClientSecret: "super_shared_secret",
@@ -108,7 +108,7 @@ func TestJWTFetch_BadResponseType(t *testing.T) {
108108

109109
conf := &Config{
110110
BaseURL: "https://my.app.com",
111-
Subject: "userkey",
111+
Subject: "useraccountId",
112112
Config: oauth2.Config{
113113
ClientID: "super_secret_client_id",
114114
ClientSecret: "super_shared_secret",
@@ -145,7 +145,7 @@ func TestJWTFetch_Assertion(t *testing.T) {
145145

146146
conf := &Config{
147147
BaseURL: "https://my.app.com",
148-
Subject: "userkey",
148+
Subject: "useraccountId",
149149
Config: oauth2.Config{
150150
ClientID: "super_secret_client_id",
151151
ClientSecret: "super_shared_secret",

0 commit comments

Comments
 (0)