Link to Jira documentation where explain how to create offline token
Closed this issue · 11 comments
Hi.
I am trying to connect offline authorization in Jira. For this I use https://developer.atlassian.com/cloud/jira/service-desk/oauth-2-authorization-code-grants-3lo-for-apps But the resulting token does not work. Can you tell me how to generate the required token correctly? Or give me a link to the documentation that was used.
Thank you!
Hi @dubrsl
What is referred to as an offline token is the final token which goes into API calls like so:
curl --request GET \
--url <request URL> \
--header 'Authorization: Bearer ACCESS_TOKEN' \
--header 'Accept: application/json'
The token can be acquired by asking the user to go to a particular page where a token is shown to him and he manually copies it & pastes it when todocheck prompts for the token.
This page can be created however you like - e.g. having some kind of middleware on your server which outputs the user's token present in the Authorization header. It is not a standard protocol which is documented anywhere, but more of a "hook" for you to adapt the authorization mechanism you have on your server to the tool.
In your particular case, if you get to step 3.3 in the docs you linked & paste that token when prompted, todocheck should be able to integrate with your jira server seamlessly.
But there is no mechanism to integrate with your jira server out of the box. What you can do, is follow along the steps using curls initially & automate this process via a script which does the manual steps for you. Afterwards, set the "offline_url" in todocheck's configuration to point to a wiki where the process for getting a token is explained. Another alternative is to setup a page on your server which outputs a token ready to be used.
If, however, todocheck doesn't integrate \w your server using the token you pass, then we'll have to investigate this further by e.g. instrumenting the tool \w debug info to show the HTTP calls being made \w headers/etc.
Let me know if so.
Thank you Preslav for answer.
After 2 days sex with Jira's API seems its working.
- It was necessary set API version
diff --git a/issuetracker/issuetracker.go b/issuetracker/issuetracker.go
index 597bb20..9585c57 100644
--- a/issuetracker/issuetracker.go
+++ b/issuetracker/issuetracker.go
@@ -51,7 +51,7 @@ func TaskURLSuffixFor(taskID string, issueTracker config.IssueTracker) string {
func BaseURLFor(issueTracker config.IssueTracker, origin string) (string, error) {
switch issueTracker {
case config.IssueTrackerJira:
- return fmt.Sprintf("%s/rest/api/latest/issue/", origin), nil
+ return fmt.Sprintf("%s/rest/api/3/issue/", origin), nil
case config.IssueTrackerGithub:
tokens := common.RemoveEmptyTokens(strings.Split(origin, "/"))
if tokens[0] == "github.com" {
- Use offline_url is not convenient for me. I use checker in CI and refresh access token before every run. It seems to me it would be more convenient to specify the client_id, client_secret, refresh_token and for the utility to receive the access token itself. And
Yeah, it would definitely be easier for todocheck to have an integration \w OAuth 2.0 out of the box. That is currently not supported & I will revisit this in the future.
As for the change you've made by using a concrete API version (3, instead of latest) - what was the cause for that?
From Jira's docs:
The current API version is 2. However, there is also a symbolic version, called latest, which resolves to the latest version supported by the given Jira instance.
If your server's latest supported api is 3, won't latest auto-resolve to 3?
I use Cloud Jira and doc says:
This documentation is for version 3 of the Jira Cloud platform REST API, which is the latest version
And latest doesn't work
Is there maybe a plan to add support for Jira token authentication since this is pretty complicated for machine-to-machine authentication?
Hi @marko-ilic yes, you are right that implementing this kind of authentcation for Jira is very convoluted.
I'll spend some time researching what it takes to implement proper integration with Jira and publish a new release in the coming ~1-2 mos.
Hi @preslavmihaylov,
Having simplified Jira integration would be great.
Do you happen to have any progress updates on this part?
Thanks
Hi @kamkali I've planned to work on this feature in Q1 2022.
Hey folks, I've published a new release of todocheck which includes support for JIRA via API tokens.
I've tested it with a JIRA instance hosted on atlassian's site. Feel free to try it out and let me know if it works for you!
Closing this for now. If anything pops up, feel free to open a new ticket with details.