Fix OAuth login failure for Atlassian accounts with colons in ID

Some Atlassian account IDs use the format '70121:uuid' which contains a colon — an invalid character in NATS KV keys (mapped to subjects). Sanitize by replacing colons with underscores in the OAuth KV key. No migration needed: affected users never had stored entries since the PUT always failed. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-03 13:31:35 +01:00 · 2026-03-03 13:31:35 +01:00 · 5b83dd7ed0
commit 5b83dd7ed0
parent f17072116d
1 changed files with 7 additions and 3 deletions
--- a/backend/src/services/jiraService.js
+++ b/backend/src/services/jiraService.js
@ -12,6 +12,10 @@ function getRequiredEnv(name) {
  return value;
 }

+function oauthKey(accountId) {
+  return `oauth.${accountId.replaceAll(':', '_')}`;
+}
+
 function getExpiresAt(expiresInSeconds) {
  if (!expiresInSeconds) return null;
  return Date.now() + (Number(expiresInSeconds) - 60) * 1000;
@ -114,7 +118,7 @@ export async function saveOAuthConnection(tokenPayload) {
    expiresAt: getExpiresAt(tokenPayload.expires_in)
  };

-  await kvOAuth.put(`oauth.${profile.accountId}`, JSON.stringify(connection));
+  await kvOAuth.put(oauthKey(profile.accountId), JSON.stringify(connection));

  return { connection, profile };
 }
@ -152,12 +156,12 @@ async function refreshAccessToken(connection) {
    expiresAt: getExpiresAt(refreshed.expires_in)
  };

-  await kvOAuth.put(`oauth.${connection.jiraAccountId}`, JSON.stringify(updated));
+  await kvOAuth.put(oauthKey(connection.jiraAccountId), JSON.stringify(updated));
  return updated;
 }

 async function getValidConnection(jiraAccountId) {
-  const entry = await kvOAuth.get(`oauth.${jiraAccountId}`);
+  const entry = await kvOAuth.get(oauthKey(jiraAccountId));
  if (!entry) throw new Error('Jira is not connected for this account.');

  const connection = entry.json();