gitlab-org--gitlab-foss/app/services/jira_connect/create_asymmetric_jwt_service.rb

51 lines
1.2 KiB
Ruby

# frozen_string_literal: true
module JiraConnect
class CreateAsymmetricJwtService
ARGUMENT_ERROR_MESSAGE = 'jira_connect_installation is not a proxy installation'
def initialize(jira_connect_installation)
raise ArgumentError, ARGUMENT_ERROR_MESSAGE unless jira_connect_installation.proxy?
@jira_connect_installation = jira_connect_installation
end
def execute
JWT.encode(jwt_claims, private_key, 'RS256', jwt_headers)
end
private
def jwt_claims
{ aud: aud_claim, iss: iss_claim, qsh: qsh_claim }
end
def aud_claim
@jira_connect_installation.audience_url
end
def iss_claim
@jira_connect_installation.client_key
end
def qsh_claim
Atlassian::Jwt.create_query_string_hash(
@jira_connect_installation.audience_installed_event_url,
'POST',
@jira_connect_installation.audience_url
)
end
def private_key
@private_key ||= OpenSSL::PKey::RSA.generate(3072)
end
def public_key_storage
@public_key_storage ||= JiraConnect::PublicKey.create!(key: private_key.public_key)
end
def jwt_headers
{ kid: public_key_storage.uuid }
end
end
end