jipdate thinks 401 Unauthorized is a recoverable error

[pm215]

If you get the password or username wrong then JIRA will give you a 401 Unauthorized response, but jipdate doesn't handle it very gracefully:

$ ./jipdate.py -t -u peter.maydell -q -f /tmp/status.txt
Username (john.doe@foo.org): peter.maydell
Username not found in config.yml, want to store it? (y/n) n
Password: 
WARNING:root:Got recoverable error from GET https://dev-projects.linaro.org/rest/api/2/serverInfo, will retry [1/3] in 19.6700271926s. Err: 401 
WARNING:root:Got recoverable error from GET https://dev-projects.linaro.org/rest/api/2/serverInfo, will retry [2/3] in 33.6201041765s. Err: 401 
WARNING:root:Got recoverable error from GET https://dev-projects.linaro.org/rest/api/2/serverInfo, will retry [3/3] in 53.8470725899s. Err: 401 
Traceback (most recent call last):
  File "./jipdate.py", line 602, in <module>
    main(sys.argv)
  File "./jipdate.py", line 575, in main
    jira, username = get_jira_instance(g_args.t)
  File "./jipdate.py", line 445, in get_jira_instance
    return (JIRA(g_server, basic_auth=credentials), username)
  File "/home/petmay01/.local/lib/python2.7/site-packages/jira/client.py", line 317, in __init__
    si = self.server_info()
  File "/home/petmay01/.local/lib/python2.7/site-packages/jira/client.py", line 1771, in server_info
    j = self._get_json('serverInfo')
  File "/home/petmay01/.local/lib/python2.7/site-packages/jira/client.py", line 2172, in _get_json
    r = self._session.get(url, params=params)
  File "/home/petmay01/.local/lib/python2.7/site-packages/jira/resilientsession.py", line 150, in get
    return self.__verb('GET', url, **kwargs)
  File "/home/petmay01/.local/lib/python2.7/site-packages/jira/resilientsession.py", line 146, in __verb
    raise_on_error(response, verb=verb, **kwargs)
  File "/home/petmay01/.local/lib/python2.7/site-packages/jira/resilientsession.py", line 56, in raise_on_error
    r.status_code, error, r.url, request=request, response=r, **kwargs)
jira.exceptions.JIRAError: JiraError HTTP 401 url: https://dev-projects.linaro.org/rest/api/2/serverInfo
        text: 

<html>

<head>
    <title>Unauthorized (401)</title>

...followed by pages and pages of raw HTML/Javascript.

It would be nice to recognize this error code and give the user a helpful error message like "Username or password not recognized".

[jbech-linaro]

Yeah, this isn't nice, I will fix it.

[jbech-linaro]

I started look into this, but it seems like @chazy fix here https://github.com/Linaro/jipdate/commit/a3dca58801ba6992478545488c6f083213084c77 actually took care of this to some degree. But the (new) error message doesn't mention anything about wrong username or password.

(I'm starting to wonder if this was actually is what Glen V. also saw in another email thread, i.e., eventually he used wrong credentials and that is the reason we saw the captcha stuff. I can see that too when deliberately giving wrong password).

[ibiris]

I have been having the same issue. I cannot use jipdate at all because of this. It does not matter what I try, whether it's my own issues or those assigned to others. I always get this error. This is the latest master, which I presume includes this fix a3dca58. The fix actually also does not work for me, I do what it is suggested in the message but then the next attempt to run jipdate also fails and asks again to do the same action.

I'll try to dig a bit more to figure where it fails.

[jbech-linaro]

Ilias, strange, it very seldom this is showing up for me, it seems to happen either when I haven't been logged into the projects.linaro.org for a while. Occasionally there is a need to enter a Captcha and that is something that the script doesn't handle. But, in those cases I simply go to projects.linaro.org, enter my credentials and the captcha and after that things are working again from the script. The other case when I face issues is when I mistype my password. But most of the time I never have any issues. If you cannot get it to work, please ping me and we can have a Hangout trying to narrow down the problem. Just to be sure, you are running Python2 and not Python3? The latter doesn't work.

[ibiris]

I did another pull this morning and it seems to work now - this included the updates from 13 Oct.

[pm215]

Just a note that I think it's particularly awkward that jipdate does retries for wrong-password, because that tends to trigger JIRA into "you need to enter a captcha" mode. If you ^C out of the script before it has a chance to do a bunch of wrong-password retries it looks like JIRA doesn't go into captcha mode. So the current behaviour is actively unhelpful rather than merely a UI ugliness...

[chazy]

Where does jipdate do this retry? I couldn't find that in the code. Is it in the main JIRA module?

[jbech-linaro]

Where does jipdate do this retry? I couldn't find that in the code. Is it in the main JIRA module?

It must be, we're only using the Python "password" module to get the password from the console/shell and then we simply call the login Jira login method. We are not doing any re-tries in the jipdate code. @ototo has some OAuth(?) login code that eventually would work a bit better than plain passwords. It could eventually be worth adding that as yet another login alternative.

[pm215]

It's in ResilientSession's __recoverable method in jira/resilientsession.py.

[pm215]

https://github.com/pycontribs/jira/commit/e9301fe14cbdcb1baa68372dc37cf63a36cb218f suggests that retrying on 401 Unauthorized is a deliberate behaviour, attempting to work around Atlassian Cloud sometimes spuriously returning it.