How to get the current logged user in the JWT Claim?

Hi,

I am developing an addon for hipchat. It is a simple To-Do App, just to understand how to develop an addon for this platform. Right now I have a sidebar where with a few input fields and a button to hit a rest api on my backend. And I was wondering how I can get the current authenticated user and send it on a JWT token.

I am aware I can call this API to get the current user:

HipChat.user.getCurrentUser()

But I would like to avoid to send the user to the backend service this way. I would rather like to invoke the auth api:

HipChat.auth.withToken( function(err, token) {})

and somehow have the current logged user in the token and send this token, along with all others fields, to my backend api.

Right now, the content of the token (among other fields) only gives me the roomId in the claims. ex:

{  
   "exp":1482419782,
   "iss":"xxxxxx-xxxx-xxxx-xxxx-xxxxxxxx",
   "prn":"887",
   "jti":"xxxxxxxxxxxxxx",
   "context":{  
      "room_id":1421,
      "user_tz":"UTC"
   },
   "iat":1482418882,
   "sub":"887"
}


Is there any other API to get the JWT token with the current logged user?

 

Thanks in advance

2 answers

1 accepted

Accepted Answer
1 vote

HI Valdemar - I'm not quite sure exactly what you mean by the "current logged user". The JWT that is used in the connect framework contains the userID as part of the `sub` field (the "subject" of the token). In your case, the user ID is 887. You can find more detailed information about the structure and passing of the JWT at https://developer.atlassian.com/hipchat/guide/jwt-token

If you're looking make an call to your backend from the javascript, you can use "HipChat.auth.withToken" method like you mentioned. This asynchronously creates the JWT for you to call your backend service, which will use it to authenticate the request as coming from a particular user. You can see more details of that flow at https://developer.atlassian.com/hipchat/guide/javascript-api under "Interacting with the add-on backend"

Hi Christopher, I got confused with the information in this link: https://developer.atlassian.com/static/connect/docs/latest/concepts/understanding-jwt.html#token-structure-claims.

In here there is a more detailed description of the logged user. 

But the sub field will be perfect for what I want!

Thank you for the help!

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Aug 10, 2018 in Hipchat

What should I think about when migrating HipChat to Slack?

...from the beginning. We have built up a lot of content in HipChat, with it being a core tool in our distributed company model. While it is true that we didn’t need to move to Slack immediately, we felt it...

506 views 1 10
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you