0

I am having a Rest API and I need to gather some informations from the Jira Rest API, but with the permissions of the user who has the current request of my Rest API.

First I tried to follow this guide, but it requires verification over a link. Is there any other way how I can get access to the Jira Rest API without needing some verification link, etc. Or am I forced to use Basic Auth?

Safari
  • 3,302
  • 9
  • 45
  • 64

2 Answers2

0

It depends how your user is reaching JIRA, and does he input anywhere his credentials. If he does, you can create a Cookie Auth, or Basic Auth, and then reach the JIRA API with either of those.

But in ANY case, you need to use some kind of Auth.

I assume that in your case you do not want to use the OAuth method, as it needs a separate verification logic.

Ron
  • 5,900
  • 2
  • 20
  • 30
0

The only way is to simulate web browser, i.e. HTML Unit. Haven't test the code, but I hope you get the idea

  1. Create HTMLUnit browserless class
public class HtmlUnit {
    public void getLink(String url) throws IOException {
        java.util.logging.Logger.getLogger("com.gargoylesoftware").setLevel(Level.OFF);
        WebClient webClient = new WebClient(BrowserVersion.CHROME);
        webClient.getOptions().setCssEnabled(true);
        webClient.getOptions().setJavaScriptEnabled(true);
        webClient.getOptions().setThrowExceptionOnFailingStatusCode(false);
        webClient.getOptions().setThrowExceptionOnScriptError(false);
        webClient.getOptions().setUseInsecureSSL(true);
        webClient.getCookieManager().setCookiesEnabled(true);
        HtmlPage page = webClient.getPage(url);

        final HtmlForm form = page.getForms().get(0);

        // simulate login
        .......
        HtmlForm form = page.getForms().get(0);
        // end login and get redirect to approval page


        // simulate approval here
        HtmlForm form = page.getForms().get(0);
        final HtmlSubmitInput button = form.getInputByName("approve");
        page = button.click();
        page.getEnclosingWindow().getTopWindow().getEnclosedPage();

        HtmlElement element = page.getFirstByXPath("//*[@id=\"content\"]/p/text()");

        System.out.println(element.asText());
    }
}
  1. Add HTMLUnit to get temporary token path
public String getAndAuthorizeTemporaryToken(String consumerKey, String privateKey) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException {
// others code here
authorizationURL.temporaryToken = response.token;
        System.out.println("Retrieve request token. Go to " + authorizationURL.toString() + " to authorize it.");

        HtmlUnit htmlUnit = new HtmlUnit();
        htmlUnit.getLink(authorizationURL.toString());

        return response.token;
}

You will get something like this

You have successfully authorized 'DOMAIN'. Your verification code is 'VERIFICATION_CODE'. You will need to enter this exact text when prompted. You should write this value down before closing the browser window.

  1. Use regex or string finder to get the verification code from it.

  2. (Optional) If you don't want to simulate login (or using your browser cookie to Jira), try to save cookie from Jira and load it through HTML Unit.

Fahim Bagar
  • 798
  • 7
  • 17