fix(jwt): allow jwt's to be used in query proxy calls (#16010)

http/query.go

@@ -21,6 +21,7 @@ import (
 	"github.com/influxdata/flux/parser"
 	"github.com/influxdata/flux/repl"
 	"github.com/influxdata/influxdb"
+	"github.com/influxdata/influxdb/jsonweb"
 	"github.com/influxdata/influxdb/query"
 	"github.com/influxdata/influxql"
 )
@@ -368,6 +369,8 @@ func decodeProxyQueryRequest(ctx context.Context, r *http.Request, auth influxdb
 		token = a
 	case *influxdb.Session:
 		token = a.EphemeralAuth(req.Org.ID)
+	case *jsonweb.Token:
+		token = a.EphemeralAuth(req.Org.ID)
 	default:
 		return pr, n, influxdb.ErrAuthorizerNotSupported
 	}

jsonweb/token.go

@@ -124,3 +124,13 @@ func (t *Token) GetUserID() influxdb.ID {
 func (t *Token) Kind() string {
 	return kind
 }
+
+// EphemeralAuth creates a influxdb Auth form a jwt token
+func (t *Token) EphemeralAuth(orgID influxdb.ID) *influxdb.Authorization {
+	return &influxdb.Authorization{
+		ID:          t.Identifier(),
+		OrgID:       orgID,
+		Status:      influxdb.Active,
+		Permissions: t.Permissions,
+	}
+}