Add reason for unauthorized in jira connect API
What does this MR do and why?
Adds a reason to 401 unauthorized responses from api/v4/integrations/jira_connect/subscriptions
to avoid confusion around what authentication method has failed.
This API endpoint is behind the jira_connect_oauth
feature flag.
Related to: #362338 (closed)
How to set up and validate locally
- In rails console enable the invite modal
Feature.enable(:jira_connect_oauth)
- Request the endpoint with a wrong auth token:
curl --location --request POST 'http://127.0.0.1:3000/api/v4/integrations/jira_connect/subscriptions' \ --header 'accept: application/json' \ --header 'Authorization: Bearer invalid_token' \ --header 'Content-Type: application/json' \ --data-raw '{ "jwt": "invalid_jwt", "namespace_path": "flightjs" }'
- This should result in
{ "message": "401 Unauthorized" }
- Got to
http://localhost:3000/-/profile/personal_access_tokens
- Create a new token with the
api
scope - Copy the token
- Request the endpoint with the new, valid auth token but invalid JWT
curl --location --request POST 'http://127.0.0.1:3000/api/v4/integrations/jira_connect/subscriptions' \ --header 'accept: application/json' \ --header 'Authorization: Bearer {{ ADD YOUR VALID TOKEN HERE }' \ --header 'Content-Type: application/json' \ --data-raw '{ "jwt": "invalid_jwt", "namespace_path": "flightjs" }'
- This should result in
{ "message": "401 Unauthorized - JWT authentication failed" }
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Andy Schoenen