JIRA authentication credentials issue

[fm555]

I have added the following variables to my .Renviron file:

JIRA_USER="my_username" JIRA_TOKEN="my_password" JIRA_SESSION_COOKIE="my_JSESSIONID_cookie" JIRA_API_URL="https://jira.host/jira/rest/api/2/search?jql=long_name"

If I type in the console the name of the variables, it gives the correct value, except for JIRA_SESSION_COOKIE, which gives error object JIRA_SESSION_COOKIE not found. Is there any mistake in the JIRA_SESSION_COOKIE variable in the .Renviron file? The readme says that the "=" and the ";" should be omitted, right? I got the JSESSIONID cookie value from Postman, I guess I am using the correct cookie.

After defining these variables, I am trying to run the example provided in the Usage section:

get_boards() %>% head(1) %>% pull(id) -> my_board

Error: Could not find Jira authenticaiton credentials.

I guess the line above should also work with my JIRA url? In Postman, I can access the JIRA API with basic authentication, using my username and password, and the cookies (JSESSIONID).

Is it possible to access the JIRA API with sprintr and basic authentication? Could you please provide an example?

[davidski]

Sorry for the long delay in getting back to you.

The basic auth mechanism had a documentation error. To use basic auth (username & password), please set JIRA_USER to your username (the same as you use in Jira), JIRA_API_KEY to your password (as used by Jira), and JIRA_API_URL to the API base of your server. Note that that's different than setting JIRA_TOKEN (this was a documentation only fix, so no re-install of the library is required). I've just verified that setting these three environment variables is sufficient for basic auth against a local Jira 7.9 server.

The JIRA_API_URL you have set looks incorrect based on what I have experienced on JIRA. That should typically be just the bast hostname of the server, so something like https://jira.host/ (assuming that your server is on the jira.host domain name) rather than the full URL with the API endpoint of jira/rest/api/2/search?jql=long_name.

The JIRA_SESSION_COOKIE method is no longer supported in the current versions of this library. It was always a terribly ugly hack and is not a supported method for accessing the Jira API per Atlassian. As much as I recommend using OAuth over Basic Auth, I recommend basic auth over the JIRA_SESSION_COOKIE evilness 100 times more. ;)

[fm555]

Thank you @davidski. I modified the variables as you said. I am trying to run the example provided in the Usage section:

find_story_point_mapping() Error: API did not return json

get_boards() %>% head(1) %>% pull(id) -> my_board Error: API did not return json

So, now I do not get the error in Jira authentication credentials, but I get another error (API did not return json). Does this mean that the basic authentication worked? Could you provide a simple example to test if the JIRA authentication is working? If the JIRA_API_URL is something like https://jira.host/, where do you specify the full URL with the API endpoint of jira/rest/api/2/search?jql=long_name ?

Any suggestion to solve this issue?

Thanks! :)

[davidski]

The JIRA_API_URL setting is the base hostname of the Jira server. Sprintr's functions such as get_boards(), get_issue(), etc. handle the specific API endpoints for you. That's the point of having an R interface...abstracting the API away. :) You can call endpoints directly via the jira_api() and jira_api_post() functions...though I don't recommend it. :wink:

On your auth issue, I'm confused with the ongoing thread on RStudio Community as to whether this is Jira Server or Jira Cloud (you refer to API Token's there, which I though were a Jira Cloud-only feature). Taking a step back, confirm that you have basic connectivity and credentials working with a curl request:

curl -D- -u YOURUSERNAME -X GET -H "Content-Type: application/json" https://YOURJIRAHOSTNAME/rest/api/2/field

The above (when substituted with your user name and jira server name), will prompt you for your password and, if successful, drop the list of Jira fields to your console (as a big blob of JSON). If you get a 401 or other authentication error, then you don't have the right credentials and need to fix that before proceeding. :smile: If it does work (🤞), put the values of YOURUSERNAME into JIRA_API_USER, the password into JIRA_API_TOKEN, and the https://YOUJURAHOSTNAME/ into JIRA_API_URL.

[fm555]

Thanks @davidski and sorry for the confussion. At the RStudio Community, I did not know that the API Token was a JIRA-Cloud only feature (and I do not use JIRA Cloud), so it does not work for me.

I have tried the curl request replacing my username and jira server name, but got an error message:

Error: unexpected symbol in "curl -D- -u my_username"

In the curl call, I have tried my_username (without quotation marks) and "my_username" (with quotation marks), but got the same error message. I guess I can run this curl call in R, without loading additional libraries? Am I missing something in the curl call?

If I am loged in to JIRA, and I paste the https://YOURJIRAHOSTNAME/rest/api/2/field in the browser, I got an error (404 not found, the requested url /rest/api/2/field was not found on this server". Does this mean that I need to fix an authentication problem with my JIRA account before proceeding with R?

If I paste https://YOURJIRAHOSTNAME/jira/rest/api/2/search?jql=long_name to the browser, it works, but pasting https://YOURJIRAHOSTNAME/rest/api/2/field to the browser gives error. Any suggestion?

Do you need more information?

[davidski]

The curl request is a shell (such as bash on Linux/MacOS or powershell/cmd.exe on Windows) command and not an R command. :) Please try that from a terminal and not from the R prompt!

The API URLs are not expected to work by pasting directly into a fresh browser window. The Jira API requires you to authenticate, which is why they work after you auth manually, which sets the Jira cookie which future tabs/calls can use. We need to verify you have the right credentials for any sort of API access before going any further. Using curl (or postman, which I seem to recall you also used, though I have less experience with that tool) is a good way of doing so.

[fm555]

I have tried the curl call in powershell, but gives error (translating from Spanish, the error is something like Invoke-WebRequest the parameter can not be processed because the "-u" parameter is ambiguous. Possible coincidences are -UseBasicParsing -Uri -UseDefaultCredentials -UserAgent. (....)". I guess I may need to install a curl library, perhaps?

As you said the other option is Postman (which I used before), and, given the problems with powershell, I tried Postman. I got an error message (404 not found, the requested url /rest/api/2/field was not found on this server).

If I login to JIRA in the browser, and then I paste the full API URL in another window it works (I can see the json). But, if I login to JIRA, and I paste "https://YOURJIRAHOSTNAME/rest/api/2/field" in another window gives error 404. Should I see the json of the field API in the browser if I am loged in to JIRA?

What are the next steps? Thanks! 😊

[davidski]

Yes, you'll need a fully functional curl binary to run that. I'm afraid I rarely work on Windows and can't offer much help there apart from pointing you towards https://curl.haxx.se/windows/ where you can get a curl executable.

When you're saying your pasting in https://YOURJIRAHOSTNAME/rest/api/2/field into your browser. You're not literally pasting that in, are you? YOURJIRAHOSTNAME should be replaced with whatever the hostname of your Jira server is. You mention you're pasting in the "full API URL" in a browser window and that works...what is that URL? How does it differ from the one above? Once you have authenticated to Jira in a browser, any other URLs you put into that browser session should pick up your authentication.

This is all well before sprintr or curl is coming into play. If you have local IT support, I suggest connecting with them. You must have a clear understanding of what the server hostname, your username, and password are.

[fm555]

In reference to curl, if I have tested Postman and the JIRA API works, Probably no need to test with curl, if we have tested with Postman and it works? Or is there any additional information that is possible to get with curl and not with Postman?

In case it helps, this is the information I have about Postman and the JIRA API. I could access to the JIRA API successfully using Postman (not the latest official Postman release, but a beta version, Postman Canary, which allowed to configure proxy with authentication). To access with Postman I had to first send a POST to url_jira_ini (the authentication site), and after that it generates 2 cookies (atlassian.xsrf.token and JSESSIONID), then I could send a GET to url_jira (the JIRA API that I want to access), which is using basic authentication and the cookie JSESSIONID to access the JIRA API.

In case it may be useful, to access the JIRA API in Postman Canary (after configuring the proxy for authentication), I followed the next steps:

• Delete all cookies previously generated by JIRA.
• In the Authorization section, add Authorization "BasicAuth", and include username and password.
• In the Body section, select "Raw" and "JSON (application/json)". And in the Body add the following text:
• {"username": "myusername" , "password" : "mypassword" }
• Send a POST to the JIRA API authentication (url_jira_ini)
• Check if it gives 200, and that it gives a JSESSIONID in the cookies (token needed to access the JIRA API).
• Send a GET to the JIRA API (url_jira)

I will try to clarify the part of the url pasted in the browser. I first login to Jira in the browser with my username and password. Then I open a new window in the browser (while I am still loged in Jira), and I paste the following url: https://YOURJIRAHOSTNAME/jira/rest/api/2/search?jql=long_name (where YOURJIRAHOSTNAME is replaced with the real hostname) and the link works because it whows the json. This link was what I called "full API URL". This link includes a query. The query uses a "currentUser()" part, something like "https://YOURJIRAHOSTNAME/rest/api/2/search?jql=your jql_query+currentUser()+long_text", which means, I guess, that a user must be previously logged in to the JIRA host to access the JIRA API.

However, if I paste the link that you mentioned, https://YOURJIRAHOSTNAME/rest/api/2/field (where YOURJIRAHOSTNAME is replaced with the real hostname) in another window of the browser, then it gives an error message (404 not found, the requested url /rest/api/2/field was not found on this server). So, in this case, I am authenticated to JIRA, but the link https://YOURJIRAHOSTNAME/rest/api/2/field (where YOURJIRAHOSTNAME is replaced with the real hostname) does not work. Should that link work? Is there any missing part in the link (for instance, jql query or similar)?

I am also in contact with local IT support.