search

gioboa / jira-plugin

Jira plugin for VsCode
https://marketplace.visualstudio.com/items?itemName=gioboa.jira-plugin
MIT License
265 stars 41 forks source link

Unable to auth to a federated instance #173

Closed klevermonicker closed 2 years ago

klevermonicker commented 2 years ago

I have an hosted JIRA at work. I want so badly to use this plugin, but I can't auth using my email/token combination. When I try it immediately logs info about a CAPTCHA but we don't do that. Our Federation is a redirect out to our SSO and I think that's registering as a CAPTCHA. How can I fix this so I can use this amazing plugin?

gioboa commented 2 years ago

Hi, this issue can be related to this one https://github.com/gioboa/jira-plugin/issues/26 ?

klevermonicker commented 2 years ago

I actually looked at that one first, and what has me super confused. I've gone through those steps in the browser, no captcha was presented and it just worked. Let me grab some logs and post them.

I tried logging in through the URL and the flow is login.jsp redirects to our SSO, which calls back to jira and I never hit a CAPTCHA, yet the problem persists

This is the first initial error:

<h1>Forbidden (403)</h1>\n

</div>\n                        </div>
</div>\n                    
<div class=\"aui-message aui-message-warning warning\">\n                            
    <p>Encountered a <code>&quot;403 - Forbidden&quot;</code> error while loading this page.</p>\n                            
    <p>Basic Authentication Failure - Reason : AUTHENTICATION_DENIED</p>\n                            <p>
        <a href=\"/secure/MyJiraHome.jspa\">Go to Jira home</a></p>\n                        
    </div>\n                
</main>\n        
</div></div>\n
</body>\n
</html>\n","headers":{"date":"Mon, 09 May 2022 18:52:11 GMT",
"content-type":"text/html;charset=UTF-8",
"transfer-encoding":"chunked",
"connection":"close",
"set-cookie":["AWSALB=<snip>; Expires=Mon, 16 May 2022 18:52:11 GMT; Path=/",
"AWSALBCORS=<snip>; Expires=Mon, 16 May 2022 18:52:11 GMT; Path=/; SameSite=None; Secure",
"JSESSIONID=<snip>; Path=/; Secure; HttpOnly"],
"server":"nginx/1.19.10",
"x-arequestid":"712x24980654x2",
"x-anodeid":"<snip>",
"referrer-policy":"strict-origin-when-cross-origin",
"x-xss-protection":"1; mode=block",
"x-content-type-options":"nosniff",
"x-frame-options":"SAMEORIGIN",
"content-security-policy":"frame-ancestors 'self'",
"strict-transport-security":"max-age=31536000, max-age=31536000; includeSubDomains",
"x-seraph-loginreason":"AUTHENTICATION_DENIED",
"www-authenticate":"OAuth realm=\"<snip>"",
"x-asessionid":"15wrqp8",
"x-authentication-denied-reason":"CAPTCHA_CHALLENGE; login-url=<snip>"},
"request":{"uri":{"protocol":"https:",
"slashes":true,
"auth":null,
"host":"<snip>",
"port":443,
"hostname":"<snip>",
"hash":null,
"search":null,
"query":null,
"pathname":"/rest/api/2/project",
"path":"/rest/api/2/project",
"href":"https://<snip>/rest/api/2/project"},
"method":"GET",
"headers":{"authorization":"<snip>",
"accept":"application/json"}}}

This is after following the advice in #26

<a href=\"/secure/MyJiraHome.jspa\">Go to Jira home</a></p>\n

</div>\n
</main>\n
</div></div>\n
</body>\n
</html>\n","headers":
{"date":"Mon, 09 May 2022 19:03:45 GMT",
"content-type":"text/html;charset=UTF-8",
"transfer-encoding":"chunked",
"connection":"close",
"set-cookie":["AWSALB=<snip>; Expires=Mon, 16 May 2022 19:03:45 GMT; 
Path=/",
"AWSALBCORS=<snip>; Expires=Mon, 16 May 2022 19:03:45 GMT; Path=/; SameSite=None; Secure"],
"server":"nginx/1.19.10",
"x-arequestid":"723x26043078x8",
"x-anodeid":"prod-2.prod.entjira-prod.svc.cluster.local",
"referrer-policy":"strict-origin-when-cross-origin",
"x-xss-protection":"1; mode=block",
"x-content-type-options":"nosniff",
"x-frame-options":"SAMEORIGIN",
"content-security-policy":"frame-ancestors 'self'",
"strict-transport-security":"max-age=31536000, max-age=31536000; includeSubDomains",
"x-seraph-loginreason":"AUTHENTICATED_FAILED",
"www-authenticate":"OAuth realm=\"https%3A%2F%2F<snip>\""},
"request":{"uri":{"protocol":"https:",
"slashes":true,
"auth":null,
"host":"<snip>",
"port":443,"hostname":"<snip>",
"hash":null,
"search":null,
"query":null,
"pathname":"/rest/api/2/project",
"path":"/rest/api/2/project",
"href":"https://<snip>/rest/api/2/project"},
"method":"GET",
"headers":{"authorization":"Basic <snip>",
"accept":"application/json"}}}
<h1>Forbidden (403)</h1>\n
</div>\n
</div></div>\n
<div class=\"aui-message aui-message-warning warning\">\n
<p>Encountered a <code>&quot;403 - Forbidden&quot;</code> error while loading this page.</p>\n
<p>Basic Authentication Failure - Reason : AUTHENTICATION_DENIED</p>\n
<p><a href=\"/secure/MyJiraHome.jspa\">Go to Jira home</a></p>\n
</div>\n
</main>\n
</div></div>\n
</body>\n
</html>\n",
"headers":{"date":"Mon, 09 May 2022 18:52:11 GMT",
"content-type":"text/html;charset=UTF-8",
"transfer-encoding":"chunked",
"connection":"close",
"set-cookie":["AWSALB=<snip>; Expires=Mon, 16 May 2022 18:52:11 GMT; 
Path=/",
"AWSALBCORS=<snip>; Expires=Mon, 16 May 2022 18:52:11 GMT; Path=/; SameSite=None; 
Secure","JSESSIONID=<snip>; Path=/; Secure; HttpOnly"],
"server":"nginx/1.19.10",
"x-arequestid":"712x24980654x2",
"x-anodeid":"<snip>",
"referrer-policy":"strict-origin-when-cross-origin",
"x-xss-protection":"1; mode=block",
"x-content-type-options":"nosniff",
"x-frame-options":"SAMEORIGIN",
"content-security-policy":"frame-ancestors 'self'",
"strict-transport-security":"max-age=31536000, max-age=31536000; includeSubDomains",
"x-seraph-loginreason":"AUTHENTICATION_DENIED",
"www-authenticate":"OAuth realm=\"https%3A%2F%2F<snip>\"",
"x-asessionid":"15wrqp8",
"x-authentication-denied-reason":"CAPTCHA_CHALLENGE; login-url=https://<snip>/login.jsp"},
"request":{"uri":{"protocol":"https:",
"slashes":true,
"auth":null,
"host":"<snip>",
"port":443,
"hostname":"<snip>",
"hash":null,
"search":null,
"query":null,
"pathname":"/rest/api/2/project",
"path":"/rest/api/2/project",
"href":"https://<snip>/rest/api/2/project"},
"method":"GET",
"headers":{"authorization":"Basic <snip>",
"accept":"application/json"}}}

I've got the official Atlassian plugin working but it's ... unwieldy and I would much prefer to use your plugin.

gioboa commented 2 years ago

I will check the logs 👍

gioboa commented 2 years ago

@klevermonicker Are you using your user Jira token? did you try with a different user/account?

klevermonicker commented 2 years ago

I am using my JIRA token, and this behavior persists across accounts. It's the same set of credentials I am using with my stop gap solution of the official atlassian setup right now.

klevermonicker commented 2 years ago

I did a little poking this morning, and I realized I had a space in the name of the token. Which shouldn't matter, but I recreated it without the space. Now I'm getting a vastly different set of errors.

this.state.statuses.sort is not a function
this.state.statuses.sort is not a function
projects.filter is not a function
projects.filter is not a function
projects.filter is not a function
projects.filter is not a function
gioboa commented 2 years ago

The fastest way to understand the problem is hack the plugin code. In this folder you have all installed extensions ~/.vscode/extensions If you open with text editor this file ~/.vscode/extensions/gioboa.jira-plugin-xx.xx.xx/out/src/services/store.service.ts You can debug the code. console.log are visibile in VsCode dev tool - Help > Toggle Developer Tools you can check this.state.statuses after this line https://github.com/gioboa/jira-plugin/blob/05db0960eee536f45f855c126930e0d63a7c0cb2/src/services/store.service.ts#L35 in this method the plugin perform the connection to Jira and retrieves the statuses

github-actions[bot] commented 2 years ago

This issue has been automatically marked as stale because it has not had activity in the last 30 days. Remove stale label or comment or this will be closed in 5 days. Thank you for your contributions.