Closed jim-parian closed 4 years ago
lipkau
commented
5 years ago Thank you for the suggestion.
I did not quite understand what you are trying to accomplish.
You do not have to make -Credential optional in New-JiraSession, as if you don't need to authenticate with the server, you don't run New-JiraSession
jim-parian
commented
5 years ago Thank you for the suggestion.
I did not quite understand what you are trying to accomplish. You do not have to make
-Credentialoptional inNew-JiraSession, as if you don't need to authenticate with the server, you don't runNew-JiraSession
What I'm trying to say is that if you use Jira api token authentication, you can't use the New-JiraSession function because it requires Credentials (basic authentification).
I'd like to use this cmdlet with both types of authentication, because I find it more convenient.
Avoiding custom code is one of the great advantages of using a module to connect to an API.
lipkau
commented
5 years ago you can use New-JiraSession for authenticating with API Token.
You enter your normal username and as the password you use the API Token.
I would have expected that https://atlassianps.org/docs/JiraPS/about/authentication.html explains this well enough. If not, let me know how I can make the documentation better.
jim-parian
commented
5 years ago Ok I tried again to make a session with API token and it works. But for this, you have to provide the email user and the token as credentials. The documentation (https://atlassianps.org/docs/JiraPS/about/authentication.html#api-token) mention the username and the token which is not quite correct.
For me this following code works :
Set-JiraConfigServer 'https://xxx.atlassian.net'
$password = ConvertTo-SecureString 'tokenApi' -AsPlainText -Force
$creds = New-Object System.Management.Automation.PSCredential ('fakeusername@2p-mail.com', $password)
New-JiraSession -Credential $credsOutput :
Username WebSession
-------- ----------
fakeusername@2p-mail.com Microsoft.PowerShell.Commands.WebRequestSessionI also tried with :
$cred = Get-Credential 'user_email'
New-JiraSession -Credential $credsI encounter an issue that made me enter the credentials two time (I don't know why, ...) But it works at the second time.
I tried again with the username and the token API and the New-JiraSession works ! :
Username WebSession
-------- ----------
fakeusername Microsoft.PowerShell.Commands.WebRequestSessionBut I wasn't able to see any Issue of my JIRA server.
I have managed to establish a session with only the header with no credential (but it requires code change).
Finally I think that you have just to fix the documentation. You should indicate that with a token API, it is the email username that is expected and maybe you should add a snipet code to build a PSCredential object without the cmdlet Get-Credential.
achimismaili
commented
1 year ago I had a very similar failing behavior, that New-JiraSession threw error messages after switching to another Jira installation like
This thread helped me to drill down to the problem so I just wanted to add this different root cause here: For me the problem was that PowerShell Get-Credential was using the windows e-mail address with capital letters in my e-mail address (First.Last@company.com), but our new jira server was expecting basic authentication with email in lower case characters for the e-mail (first.last@company.com), so the email address is case sensitive (!) on the new server. After updating my connect-Jira script, which sets a default for JiraConfigServer to also set the usename to lower case, it worked again. I used this function:
[...]
function Get-LowerCaseCredentials () {
$credentials = Get-Credential
[string]$username = $credentials.UserName.ToLower()
[securestring]$password = $credentials.Password
$newCred = New-Object System.Management.Automation.PSCredential ($username, $password)
return $newCred
}
Set-JiraConfigServer -Server $JiraConfigServer
Write-Output "Please enter your windows credentials in the modal login window ..."
# Get the user credentials for authenticattion
$cred = Get-LowerCaseCredentials
# At least for cloud, TLS 1.2 is required, also connection is only possible with PAT as password
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
# see https://atlassianps.org/docs/JiraPS/commands/New-JiraSession/
New-JiraSession -Credential $cred
Context
I encounter the same issue that issue #350. The main reason is when you use JIRA in the cloud, you can't use basic authentification with username/password anymore (since 2018). The simpliest way is to use a token API passed in the header (like described as the resolution of the issue #350). It is possible to manage to process each request with Invoke-JiraMethod, but it is not very convenient to use it instead of others dedicated Cmdlet.
Description
I think the easiest way to prevent many people from getting stuck on this problem is to adapt the New-JiraSession method. Make the credential parameter optional seems the best way. (The solution that I implemented in my script and that works). Another solution would be to add a switch "-NoCred" to handle the case in that you want PS asking for credentials if omitted and the case in that you won't.
At least some examples, of how using API token, should be added to the documentation (here)
Additional Information
Here is the custom solution of the issue #350
You have to use API token as credentials :