verify claims in try, update test

Author: ceorourke

src/sentry/integrations/jira/webhooks/installed.py

@@ -63,13 +63,13 @@ def post(self, request: Request, *args, **kwargs) -> Response:
                 )
             try:
                 decoded_claims = authenticate_asymmetric_jwt(token, key_id)
+                verify_claims(decoded_claims, request.path, request.GET, method="POST")
             except InvalidKeyError:
                 lifecycle.record_halt(halt_reason="JWT contained invalid key_id (kid)")
                 return self.respond(
                     {"detail": "Invalid key id"}, status=status.HTTP_400_BAD_REQUEST
                 )
 
-            verify_claims(decoded_claims, request.path, request.GET, method="POST")
             data = JiraIntegrationProvider().build_integration(state)
             integration = ensure_integration(self.provider, data)
 

tests/sentry/integrations/jira/test_installed.py

@@ -144,7 +144,15 @@ def test_without_key_id(self, mock_record_event: MagicMock) -> None:
         )
 
     @patch("sentry.integrations.utils.metrics.EventLifecycle.record_event")
+    @responses.activate
     def test_with_invalid_key_id(self, mock_record_event: MagicMock) -> None:
+        responses.add(
+            responses.GET,
+            "https://connect-install-keys.atlassian.com/fake-kid",
+            body=b"Not Found",
+            status=404,
+        )
+
         self.get_error_response(
             **self.body(),
             extra_headers=dict(