Closed vitaly-zdanevich closed 6 years ago
The docs do not say that you can omit the trailing slash - do include it! That's why you are getting a redirect, in fact.
Now I get 500 :(
Without more information I suspect you're hitting https://github.com/mozilla/addons/issues/4989 because your JWT is incorrect (make sure the fields that should be integers, like iat
and exp
, are passed as integers and not as strings)
Can my JWT be incorrect if I am getting greenlight from jwt.io?
Probably because it's less strict than our own implementation, which does not like strings for things that should be NumericDate
per JWT spec. As mentioned in mozilla/addons#4989 we have a bug that causes us to return a 500 in that case, but it's still invalid. Don't use strings for those properties.
Ok, now iat
and exp
as numbers, getting 400 with another strange message:
{"error":"Duplicate add-on ID found."}
How it can be possible?
I can successfully upload next version through web UI.
Again it's difficult to say without more information, but it probably means you are not using the right API - you are probably using POST /api/v3/addons/
, which creates a new add-on, instead of PUT /api/v3/addons/[string:addon-id]/versions/[string:version]/
, which creates a new version. See the docs for more information.
But this api is POST, for Uploading without an ID
.
My code:
AMO_JWT_ISSUER=user:1321XXXXXX:XXX
AMO_SECRET=503084ad4069208XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
JWT_HEADER_BASE64=`printf %s '{"alg": "HS256", "typ": "JWT"}' | base64`
random() {
dd if=/dev/urandom bs=20 count=1 2>/dev/null | openssl sha1
}
UNIXTIME=`date +%s`
PAYLOAD_JSON=$(python3 - <<EOF
import json
print(
json.dumps({
'iss': "${AMO_JWT_ISSUER}",
'jti': "$(random)",
'iat': $UNIXTIME,
'exp': $(($UNIXTIME+99))
})
)
EOF
)
JWT_PAYLOAD_BASE64=`printf %s $PAYLOAD_JSON | base64`
FOR_SIGN="$JWT_HEADER_BASE64.$JWT_PAYLOAD_BASE64"
JWT_SIGNATURE_BASE64=`printf %s $FOR_SIGN | openssl dgst -binary -sha256 -hmac $AMO_SECRET | base64`
JWT=$JWT_HEADER_BASE64.$JWT_PAYLOAD_BASE64.$JWT_SIGNATURE_BASE64
curl "https://addons.mozilla.org/api/v3/addons/" \
--form "upload=@$FIREFOX_FILEPATH" \
--form "version=$VERSION" \
-H "Authorization: JWT $JWT" \
-v
Also it would be helpful for future developers to add some code examples to the documentation, in pure shell, Python3, node.
@diox something wrong with my code? I cannot find any error above...
Sorry, I don't have time to debug what's wrong with your code. We do have a node module implementing this API: https://github.com/mozilla/sign-addon/ and this is used by a CLI client: https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Getting_started_with_web-ext
According to this page I am trying to upload my WebExtension through the REST API. My code is:
I am getting:
I successfully checked my JWT at jwt.io.