Bugzilla - webservice via JSON-RPC

Question

Here's what i have tried soo far..

<html>
  <head>
    <title>bugstats.com</title>
  </head>
<script type="text/javascript"     src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
<script type="text/javascript" src="http://jquery-json.googlecode.com/files/jquery.json-    1.3.min.js"></script>
<script type="text/javascript" >
function hello(){
var myObject = {"method":"User.login", /* is this the right method to call? */
"params":[  { "login" :"user", /*should i include the login credentials here? */
"password" : "pass123" , 
"remember" : "True"} ]  };
var enc = $.toJSON(myObject);

$.ajax({"contentType":"application/json",
    "data": enc, 
    "crossDomain":"true",
    "dataType": "json", 
    "url": "https://bugzilla.company.com/bugzilla/jsonrpc.cgi", /* is this correct or should it be https://bugzilla.company.com/bugzilla/jsonrpc.cgi?method=User.login? */ 
    "type": "POST",
    success: function(){
            alert("Hallelujah");
                console.log(arguments); 

             },
    error: function () {
    alert("Failed")
    }

   });
}
function parseResponse(obj){
 alert("Success")
 console.log(obj)
}
</script>
  <body>
    <h1>bugzilla.com</h1>
    <input type="button" onclick="hello()" value="Click">
</body>

Reading upon this JSONPRC, not getting far.

When i click the button - make a call, to login/do anything for that matter - i get the following error -

OPTIONS https://bugzilla.company.com/bugzilla/jsonrpc.cgi 403 (Forbidden) jquery.min.js:19
XMLHttpRequest cannot load https://bugzilla.company.com/bugzilla/jsonrpc.cgi. Origin http://172.16.229.137 is not allowed by Access-Control-Allow-Origin.

From my understanding, "Access-Control-Allow-Origin" is caused because of "same origin policy" problem and hence i should use "jsonp". But,Jsonp - i.e, script injection can only be done via GET request. But,if i try the same JS script with a GET request - i get the following :

code: 32610
message: "For security reasons, you must use HTTP POST to call the 'User.login' method."

Confused on how to connect/login via Web services, i'm clearly doing something silly something majorly wrong here.. would be a great deal of help if anyone can help me connect and fetch the bug details.I've been at it since 8-10 days now.. :(

FYI:

• I do not have access to the server

• I'm on a client setup and accessing the Bugzilla server

Other links,

Ajax Call

Loggin In

BugzillaApc

Google Groups - Live conversation

Answer 1

You need to be using the Bugzilla_login and Bugzilla_password parameters to authenticate every call, which will be GET using jsonp. Your call will look like the following, using User.get as an example:

// Method parameters
var params = [{
  /* The authentication parameters */
  "Bugzilla_login": "YourUserName",
  "Bugzilla_password": "YourPassword",
  /* The actual method parameters */
  "ids": [1, 2]
}];
var myObject = {
  "method": "User.get",
  "params": JSON.stringify(params)
};

$.ajax({"contentType": "application/json",
    "data": myObject, /* jQuery will handle URI encoding */
    "crossDomain": "true",
    "dataType": "jsonp", /* jQuery will handle adding the 'callback' parameter */
    "url": "https://bugzilla.company.com/bugzilla/jsonrpc.cgi", 
    "type": "GET",
    ...

You have to do it this way because:

• You will be making a cross-domain call
• Because you can't set things like Access-Control-Allow-Origin you'll have to do it via jsonp (or proxying, but jsonp is simpler)
• jsonp is necessarily a GET request, not POST

The relevant docs:

• Connecting via GET - You'll be limited to retrieving information, changes require POST calls.
• Logging in via Bugzilla_login and Bugzilla_password