/jira-oauth

Python library for Jira OAuth

Primary LanguagePythonApache License 2.0Apache-2.0

jira-oauth

License PyPI - Python Version PyPI

Python library for Jira OAuth

RSA private and public key creations

  • Create RSA private key and store it in file oauth.pem
$ openssl genrsa -out oauth.pem 1024
  • Create RSA public key and store it in file oauth.pub
$ openssl rsa -in oauth.pem -pubout -out oauth.pub
  • Share RSA public key oauth.pub with your Jira Admin, as they need it during Jira Application Link creation.

Jira Application Link Creation Steps

  • Login as a Jira administrator
  • Go to Application links section under Application area
  • Enter dummy url (as oauth token used for API access and not web access) https://jira-oauth1-rest-api-access
  • Click on Create new link button
  • Click Continue on next screen
  • Enter something like Jira OAuth1 REST API access as a Application Name
  • Check Create incomindg link checkbox.
  • Don't need to fill any other information. Click on Continue
  • Now you should able to see new Application link with name Jira OAuth1 REST API access created and available under section Configure Application Links section
  • Click on pencil icon to configure Incoming Authentication
    • Enter jira-oauth1-rest-api-access (or any other appropriate string) as Consumer key
    • Enter same string jira-oauth1-rest-api-access (or any other appropriate string) as Consumer Name
    • Enter content of RSA public key (stored in file oauth.pub) as public key
    • Click on Save

Prepare for OAuth Dance

Create starter_oauth.config in ~/.oauthconfig folder:

[oauth_config]
jira_url=https://jira.example.com
consumer_key=jira-oauth1-rest-api-access
test_jira_issue=IDEV-1

Perform Jira OAuth Dance

  • Python Virtual Environment that we create earlier is active.
  • Run jira-oauth.
  • Authenticate in browser as directed below.
  • After successful OAuth generation, you will get another set of values for oauth_token and oauth_token_secret. These are you tokens that you need to use access Jira without passing credentials.
$ jira-oauth
Request Token: oauth_token=6AOSSREyS9HaACqEcHjcD6RJVms2NjEr, oauth_token_secret=gnpJMfbgUyG8W4dKzFW4PKFbGttV2CWm

Go to the following link in your browser: https://jira.example.com/plugins/servlet/oauth/authorize?oauth_token=6AOSSREyS9HaACqEcHjcD6RJVms2NjEr
Have you authorized me? (y/n) y

Access Token: oauth_token=lmOh7LEdvZ2yxKIm5rdQY2ZfZqNdvUV4, oauth_token_secret=gnpJMfbgUyG8W4dKzFW4PKFbGttV2CWm
You may now access protected resources using the access tokens above.

Accessing IDEV-1 using generated OAuth tokens:
Success!
Issue key: IDEV-1, Summary: Internal Devepment Issue #1

Run with Docker

cp -R ~/.oauthconfig ./
docker build -t jira-oauth .
docker run -p 8080:8080 -it --rm jira-oauth

Credits

Thank you, Raju Kadam, for implementing https://github.com/rkadam/jira-oauth-generator