how to make custom post request rest api call from our ondemand addon to jira?
822 views
Skip to first unread message
Neeraj Bodhe
Jul 2, 2014, 12:14:13 PM7/2/14
to atlassian-...@googlegroups.com
I am using the Webitems module in atlassian-connect.json to implement a jira addon.
I am able to make the rest api call of attaching a file to jira issue from the /editor method using the code " app.get('/editor', addon.authenticate(), function(req, res) ".
But when i make a custom ajax request to jira from the content loaded by the editor it gives this particular error "Authentication verification error: 401 Could not find authentication data on request" i.e from the addon to jira.
I am able to make the rest api call of attaching a file to jira issue from the /editor method using the code " app.get('/editor', addon.authenticate(), function(req, res) ".
But when i make a custom ajax request to jira from the content loaded by the editor it gives this particular error "Authentication verification error: 401 Could not find authentication data on request" i.e from the addon to jira.
The set of code i'm using is this
app.post('/attach', addon.authenticate(),function(req, res) {
addon.httpClient(req).post({
url: '/rest/api/2/issue/issue-key/attachments',
headers: {
'X-Atlassian-Token': 'nocheck'
},
form: {
file: [
fileData,
{
filename: 'test.png',
contentType: 'image/png'
}
]
}
}, function(err, callbackRes, body) {
});
});
Can anyone tell me how to make this working for custom ajax requests?
Travis Smith
Jul 2, 2014, 12:35:26 PM7/2/14
to atlassian-...@googlegroups.com
Neeraj,
This is a known issue, the header is stripped from the plugin-to-JIRA bridge (via AP.request).
https://ecosystem.atlassian.net/browse/AC-1148 should be related to what you're seeing.
Possibility related, https://ecosystem.atlassian.net/browse/AC-1183?focusedCommentId=131848&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-131848. About support for binary data call via AJAX.
Cheers,
--
You received this message because you are subscribed to the Google Groups "Atlassian Connect Dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to atlassian-connec...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
-Travis
Neeraj Bodhe
Jul 2, 2014, 12:44:28 PM7/2/14
to atlassian-...@googlegroups.com
Thanks for the instant reply Travis,
If you come across a work around for such a case, then please do post.
If you come across a work around for such a case, then please do post.
Neeraj Bodhe
Jul 3, 2014, 12:44:55 PM7/3/14
to atlassian-...@googlegroups.com
hi travis,
I think there's been a confusion. Here 'AP.require' is the request made from the js side which is a existing problem.
In my case We have defined a web item module in which a custom post request is done from the js side to the server side nodejs and here the nodejs performs the jira rest api using the addon.authenticate() . This is where my issue arises.
Travis Smith
Jul 3, 2014, 1:25:24 PM7/3/14
to atlassian-...@googlegroups.com
Neeraj,
So you in your nodejs app, you have a web item that loads (with JWT) and from the JS in that you want to make a request to your server and can't authenticate with JWT? What you'll want to do here is create new session based authentication. On the event that loads up the web item, set whatever authentication you need for your AJAX API. Then for that API remove add.authenticate() and add in your own session checker. https://github.com/expressjs/session is a candidate for helping you provide that session support. JWT auth isn't for client-to-server authentication, it's only for server-to-server. Sharing the secret with the client would make it not a secret any more.
Cheers,
--
You received this message because you are subscribed to the Google Groups "Atlassian Connect Dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to atlassian-connec...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
-Travis
Patrick Streule
Jul 3, 2014, 1:36:32 PM7/3/14
to atlassian-...@googlegroups.com
Neeraj, Travis,
Atlassian Connect Express luckily has support for this case already, so you don't need to roll your own session support (keep in mind that session cookies wouldn't be reliable as they are seen as third-party cookies by the browser).
You can find the description on how to do that using ACE here:
https://bitbucket.org/atlassian/atlassian-connect-express (in the section titled "How to send a signed HTTP request from the iframe back to the add-on service")
We are also planning to make this token support compliant with JWT, so you could use the addon.authenticate() middleware instead of addon.checkValidToken().
Regards,
Patrick
To unsubscribe from this group and stop receiving emails from it, send an email to atlassian-connect-dev+unsub...@googlegroups.com.
---Travis
Message has been deleted
Neeraj Bodhe
Jul 4, 2014, 7:29:04 AM7/4/14
to atlassian-...@googlegroups.com
hi patrick
can you tell me how can i fetch the value of userkey from req object or maybe in some other way?
can you tell me how can i fetch the value of userkey from req object or maybe in some other way?
addon.httpClient({
clientKey: req.session.clientKey,
userKey: userKey, // how to get this
appKey: addon.key
});
Peter Brownlow
Jul 6, 2014, 11:59:18 PM7/6/14
to atlassian-...@googlegroups.com
Hi Neeraj,
Usually you would include a query string param (e.g. something like ".../yourendpoint?someparam=somevalue&userKey={user.key}..." or ".../yourendpoint/{user.key}?someparam=somevalue..." where you supply the real value in place of "{user.key}" when creating the link and read it back when receiving the request).
-Peter
Message has been deleted
Neeraj Bodhe
Jul 7, 2014, 11:03:34 AM7/7/14
to atlassian-...@googlegroups.com
thanks peter, it worked.
Reply all
Reply to author
Forward
0 new messages