I'm developing a connection between our Java application and JIRA. I'm trying to use com.atlassian.jira.rest.client.api.AuthenticationHandler for it and it works fine. I want to be able to connect through 2 legged OAuth. But I'm not able to find out how to impersonate a user.
Could you help me please?
Community moderators have prevented the ability to post new answers.
The problem with your example of 4 years ago is JIRA (with version 7) I've found have removed the option to link the incoming link configuration for an OAuth client to an authorised JIRA user.
In other words, if you want 2LO (2 legged OAuth) to work - that is a trusted client app making calls to JIRA (without a user dynamnically authorising requests in the middle = 3 legged), you have no way to set the JIRA user the incoming application OAuth maps to.
I've posted this: https://answers.atlassian.com/questions/41817257
In the hope someone can help
Hi Blanka,
See this tutorial: https://developer.atlassian.com/jiradev/jira-apis/jira-rest-apis/jira-rest-api-tutorials/jira-rest-api-example-oauth-authentication. I was able to follow it about 4 years ago when I was writing my very first JIRA integration addon and it went fine. As I know nothing changed for oauth so it should work for you as well.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Volodymyr,
thank you for your comment!
I have already used the net.oauth.core library. But I don't know how to impersonate a user. I mean I want to send JQL request to JIRA so that the results will respect permissions of another user.
I suppose I need to set some parameter at OAuthMessage. I have already tried to use these params: xoauth_requestor_id, user_id, oauth_user_id, xoauth_user_id, but without success.
I use JiraRestClientFactory and I proceeded according to Abbas Sarraf comment, you can see it below on this page. It works good. I only need to create requests as different users.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I do not remember technical details but I suspect that it's not possible. You are authenticated under some user and requests are made under this user. If you need requests under other user then you need to authenticate again.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thank you Volodymyr for your effort! I should probably create a new question and call it: How to impersonate a user.
I hope someone knows how to do it.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thank you @David Teague,
you are right. I found this documentation where they wrote: "Atlassian OAuth with impersonation can only be used for application links between Atlassian applications."
So there is no way how to do at the moment if you want to use REST API.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Cheers Blanka for following this up. I suspected as much. I don't know why Atlassian removed 2-legged OAuth if they also removed Trusted applications. There is now no "secure" way of calling the API without passing clear text credentials if you want to do system to system calls.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.