jira-oauth
Python library for Jira OAuth
RSA private and public key creations
-
Create RSA private key and store it in file oauth.pem
$ openssl genrsa -out oauth.pem 1024 -
Create RSA public key and store it in file oauth.pub
$ openssl rsa -in oauth.pem -pubout -out oauth.pub -
Share RSA public key oauth.pub with your Jira Admin, as they need it during Jira Application Link creation.
Jira Application Link Creation Steps
- Login as a Jira administrator
- Go to Application links section under Application area
- Enter dummy url (as oauth token used for API access and not web access) https://jira-oauth1-rest-api-access
- Click on Create new link button
- Click Continue on next screen
- Enter something like Jira OAuth1 REST API access as a Application Name
- Check Create incomindg link checkbox.
- Don't need to fill any other information. Click on Continue
- Now you should able to see new Application link with name Jira OAuth1 REST API access created and available under section Configure Application Links section
- Click on pencil icon to configure Incoming Authentication
- Enter jira-oauth1-rest-api-access (or any other appropriate string) as Consumer key
- Enter same string jira-oauth1-rest-api-access (or any other appropriate string) as Consumer Name
- Enter content of RSA public key (stored in file oauth.pub) as public key
- Click on Save
Prepare for OAuth Dance
Create starter_oauth.config in ~/.oauthconfig folder:
[oauth_config]
jira_url=https://jira.example.com
consumer_key=jira-oauth1-rest-api-access
test_jira_issue=IDEV-1Perform Jira OAuth Dance
- Python Virtual Environment that we create earlier is active.
- Run jira-oauth.
- Authenticate in browser as directed below.
- After successful OAuth generation, you will get another set of values for oauth_token and oauth_token_secret. These are you tokens that you need to use access Jira without passing credentials.
$ jira-oauth Request Token: oauth_token=6AOSSREyS9HaACqEcHjcD6RJVms2NjEr, oauth_token_secret=gnpJMfbgUyG8W4dKzFW4PKFbGttV2CWm
Go to the following link in your browser: https://jira.example.com/plugins/servlet/oauth/authorize?oauth_token=6AOSSREyS9HaACqEcHjcD6RJVms2NjEr Have you authorized me? (y/n) y
Access Token: oauth_token=lmOh7LEdvZ2yxKIm5rdQY2ZfZqNdvUV4, oauth_token_secret=gnpJMfbgUyG8W4dKzFW4PKFbGttV2CWm You may now access protected resources using the access tokens above.
Accessing IDEV-1 using generated OAuth tokens: Success! Issue key: IDEV-1, Summary: Internal Devepment Issue #1
## Run with Docker
cp -R ~/.oauthconfig ./
docker build -t jira-oauth .
docker run -p 8080:8080 -it --rm jira-oauth
## Credits
Thank you, Raju Kadam, for implementing https://github.com/rkadam/jira-oauth-generator