From 5d9234df094ce600ff541158d1491aa10d078a47 Mon Sep 17 00:00:00 2001
From: Shaun Dunning <shaun.dunning@uservoice.com>
Date: Fri, 22 Nov 2019 19:50:22 +0000
Subject: [PATCH] jira: update jira JWT subject per Atlassian's recent GDPR
 changes

Recently, Atlassian decided to remove `userKey` from JWT construction b/c they determined that it could contain personally identifiable information. They've since switched to the user account ID. This change updates the jira JWT to reflect these recent change.

Fixes golang/oauth2#312

Change-Id: I4bd66cf925fdf38e02dd665befb5ab5f19f14ee7
GitHub-Last-Rev: 344bb6046cbc665f0aa428e62b70eb77f19b1c31
GitHub-Pull-Request: golang/oauth2#389
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/185081
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
---
 jira/jira.go      | 2 +-
 jira/jira_test.go | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/jira/jira.go b/jira/jira.go
index 3441560..39aa713 100644
--- a/jira/jira.go
+++ b/jira/jira.go
@@ -81,7 +81,7 @@ func (js jwtSource) Token() (*oauth2.Token, error) {
 	exp := time.Duration(59) * time.Second
 	claimSet := &ClaimSet{
 		Issuer:       fmt.Sprintf("urn:atlassian:connect:clientid:%s", js.conf.ClientID),
-		Subject:      fmt.Sprintf("urn:atlassian:connect:userkey:%s", js.conf.Subject),
+		Subject:      fmt.Sprintf("urn:atlassian:connect:useraccountid:%s", js.conf.Subject),
 		InstalledURL: js.conf.BaseURL,
 		AuthURL:      js.conf.Endpoint.AuthURL,
 		IssuedAt:     time.Now().Unix(),
diff --git a/jira/jira_test.go b/jira/jira_test.go
index c49940d..07f6a63 100644
--- a/jira/jira_test.go
+++ b/jira/jira_test.go
@@ -30,7 +30,7 @@ func TestJWTFetch_JSONResponse(t *testing.T) {
 
 	conf := &Config{
 		BaseURL: "https://my.app.com",
-		Subject: "userkey",
+		Subject: "useraccountId",
 		Config: oauth2.Config{
 			ClientID:     "super_secret_client_id",
 			ClientSecret: "super_shared_secret",
@@ -69,7 +69,7 @@ func TestJWTFetch_BadResponse(t *testing.T) {
 
 	conf := &Config{
 		BaseURL: "https://my.app.com",
-		Subject: "userkey",
+		Subject: "useraccountId",
 		Config: oauth2.Config{
 			ClientID:     "super_secret_client_id",
 			ClientSecret: "super_shared_secret",
@@ -108,7 +108,7 @@ func TestJWTFetch_BadResponseType(t *testing.T) {
 
 	conf := &Config{
 		BaseURL: "https://my.app.com",
-		Subject: "userkey",
+		Subject: "useraccountId",
 		Config: oauth2.Config{
 			ClientID:     "super_secret_client_id",
 			ClientSecret: "super_shared_secret",
@@ -145,7 +145,7 @@ func TestJWTFetch_Assertion(t *testing.T) {
 
 	conf := &Config{
 		BaseURL: "https://my.app.com",
-		Subject: "userkey",
+		Subject: "useraccountId",
 		Config: oauth2.Config{
 			ClientID:     "super_secret_client_id",
 			ClientSecret: "super_shared_secret",