Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Access Jira API using OAuth2.0 2-legged approach in .NET

How to create access token for JIRA Rest API? Of relevant data I have

  • User key
  • Private/public key combo

Jira's Rest API Oauth example assumes 3-legged approach, and is very unclear on what the actual parameters to send are (I wish Swagger is more widely used standard!).

In more detail, I have following use-case: When creating new employee in Web Forms (ASPX) portal application I need to create new JIRA account and assign it to project (and role inside the project).

As such I would like to use OAuth2 2-legged authentication to accomplish this. I can probably hack it with Basic Authentication, but I would really like to do it properly.

Problem arises when trying to find code examples that use this approach. .NET examples are really scarce, and even examples in other languages usually use Basic Authentication (username and password transmitted on each call) or few that use 3-legged approach.

I found AnotherJiraRestClient but looking at the code it's using RestClient nuget (this is good) but with HttpBasicAuthenticator (this is bad).

I went through all Authenticators that are on offer and OAuth2AuthorizationRequestHeaderAuthenticator looks promising but it requires me to already have access token. So that is why the question in the end is "How to create access token, using 2-legged approach?"

I already created application link on JIRA's side with this settings:

  • Application Type: Generic Application
  • Outgoing Authentication: (gives 500 server error on Jira's side... but don't think it matters as I am not using it)
  • Incoming Authentication: OAuth
    • Status: Configured
    • Consumer Key: TEST_JIRA_KEY
    • Public Key: ... (generated online private/public key combo)
like image 533
Igor Avatar asked Jun 03 '16 08:06

Igor


1 Answers

Atlassian currently doesn't support OAuth 2.0, but only 1.0(a).

There is a feature request for this: https://jira.atlassian.com/browse/JRA-43171

I have made an Open Source Jira client in C#, >=.NET 4.5 and fully async (with proxy support), which is available on GitHub and as a NuGet Package. See: https://github.com/dapplo/Dapplo.Jira

Today I added OAuth 1.0a support, which I got working and use the information here for testing: https://bitbucket.org/atlassian_tutorial/atlassian-oauth-examples/src/d625161454d1?at=default I used the public key from that repository to setup a test link on my Jira Cloud server, and use the private key in my test case.

The code for testing is here (it's commented out, as the OAuth process opens a browser, which is bad on the test-server) https://github.com/dapplo/Dapplo.Jira/blob/master/Dapplo.Jira.Tests/JiraOAuthTests.cs

I am still looking at a way to make the certificate/private key reading easier, but in a way this is not the job for the library itself...

If there are any questions, I guess issues on GitHub are the best way to communicate.

like image 167
Robin Krom Avatar answered Sep 21 '22 15:09

Robin Krom