The main step in JIRA integration is authentication. JIRA provides mainly three methods for authentication
1. Simple mechanism
In this method, application passes the username and password as a plain text to the network layer. Based on whether it is http or https, the data is sent to the server unencrypted or encrypted.
below is a sample curl command that demonstrate this.
curl -v -u myusername:mypassword https://examplejira.atlassian.net/rest/api/latest/search?jql=project=TWCIOS&startAt=0&maxResults=200
2. Supplying Basic auth headers.
In this mechanism, application passes the Authorization header to the network layer. Authorizaton header is constructed by Base64 encoding the username:password combination.
For e.g.
curl -D- -X GET -H "Authorization: Basic VHlwZSAob3IgcGFzdGUpIGhlcmUuLi4=" -H "Content-Type: application/json" "http://kelpie9:8081/rest/api/2/issue/QA-31"
Where VHlwZSAob3IgcGFzdGUpIGhlcmUuLi4= Is the base64 encoded value of myusername:my password
OAuth based authentication
For providing OAuth based authentication, the basic terminologies related to the OAuth authentication needs to be in mind, they are Consumer, Service Provider, request, token, access token.
Step 1:
The first step is to register a new consumer in JIRA. This is done through the application links administration screens in JIRA. When creating the application link, we can specify URL which can be a placeholder URL or a correct URL of the client. If the client can be reached via http url, select the General Application type. After the application link has been created, edit the configuration and go to the incoming authentication configuration screen and select OAUTH. Enter in this the public key and the consumer key which the client will use when making request to JIRA.
After these configurations are done, press OK to ensure the authentication is enabled.
Step 2:
This step is about configuring the client.
Client will require the following information to make authentication request in JIRA.
request token url : JIRA_BASE_URL + "/plugins/servlet/oauth/request+token"
authorisation url : JIRA_BASE_URL + "/plugins/servlet/oauth/authorize
access token url : JIRA_BASE_URL + "/plugins/servlet/oauth/access-token
oath sign type : RSA-SHA1
consumer key : Key that is configured in step 1
In short the above in for below
1. Obtain a request token
2. Authorize the request token
3. Swap the request token with access token
Step 3:
Now having the access token, application can make the request to the specific REST JIRA APIs
References:
https://developer.atlassian.com/display/JIRADEV/JIRA+REST+API+Example+-+OAuth+authentication
https://developer.atlassian.com/display/JIRADEV/JIRA+REST+API+Example+-+Basic+Authentication#JIRARESTAPIExample-BasicAuthentication-Authenticationchallenge
No comments:
Post a Comment