Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Token login with Fisheye/Crucible not working for REST request

Lars Hüper
Lars Hüper June 29, 2012

Hi,
I try to access Fisheye via the REST API. For authentication, I use the login method with a token (/rest-service/auth-v1/login?username=...&password=...).
The login works, and I retrieve a token (e.g. user:520:0c999f1087dd488e7b9335ace63bd62d).
Now, I try to query a repository, using this token:
http://fisheye.tecracerde.local:8060/rest-service-fe/search-v1/query/Faurecia_Helios?FEAUTH=user%3A520%3A0c999f1087dd488e7b9335ace63bd62d&query=select%20revisions%20where%20comment%20matches%20HELIOS-219

I receive a 401 Unauthorized message. When I put the URL in a browser, it shows me the detailed response: Client must be authenticated to access this resource.

When I try the same procedure in my browser, it works - but in that case, I have a cookie FSESSIONID in my browser, so I assume, that this is the reason, why it works in the browser. When I delete the cookie in my browser, I receive the same error message as above, although the FEAUTH token is given via the URL.

Has anyone faced the same problem?

Thanks in advance,
Lars

Watch
Like David Grierson likes this
1782 views

5 answers

1 accepted

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

0 votes
Answer accepted
Lars Hüper
Lars Hüper April 29, 2014

Finally I solved it by fetching the FESESSIONID Cookie from the header.

Here's my solution in Groovy:

def authenticate(auth_user, auth_pw) {
   def addr = FISHEYE_URL + "/rest-service/auth-v1/login?userName=${auth_user}&password=${auth_pw}"
       this.auth_user = auth_user
       this.auth_pw = auth_pw
       println "Trying to authenticate."
   def conn = addr.toURL().openConnection()
   if( conn.responseCode == 200 ) {
      def result = new XmlParser().parseText(conn.content.text)
           println "Authentication successful. Token=" + result.token.text()
      token = result.token.text()
           conn.getHeaderField('Set-Cookie').split(';').each { if (it.split('=')[0]=="FESESSIONID") sessionCookie = it.split('=')[1] }
   } else {
     println "Authentication failed."
     println "${conn.responseCode}: ${conn.responseMessage}"
   }
}

And to fetch revisions, I add the cookie to the header:

def fetchRevisions(repository, issue, rootPath) {
   def http = new HTTPBuilder(FISHEYE_URL)
   http.request(GET,TEXT) { req ->
      uri.path = "${SEARCH_SERVICE}${repository}"
      uri.query = [ FEAUTH: token, query: "${SEARCH_QUERY} ${issue}" ]
      headers.'User-Agent' = 'Mozilla/5.0'
      headers.Accept = 'application/json'
      headers.'Content-Type' = 'application/json'
           headers.Cookie = 'FESESSIONID='+sessionCookie

      response.success = { resp, reader ->
        assert resp.status == 200
        def jsonResult = parseJSON(reader.text)
        jsonResult.fileRevisionKey.each { f ->
           println "${f.rev}: ${f.path}"
           downloadRevision(repository,f.path,f.rev,rootPath,issue)
        }
      }
       
     }
}
View More Comments
Chris Tasker
Chris Tasker February 23, 2015

Hiya, I think I'm experiencing the sample problem as you. I was wondering if you'd be able to share your fix? I'm rather new to CURL and FECRU Rest etc. Thanks alot!

Like
Lars Hüper
Lars Hüper February 23, 2015

Hi Chris, I updated my response with the code, that I used to solve it. Hope this helps. BR Lars

Like
Reply
1 vote
rverschoor
rverschoor
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 30, 2012

Browsers have surprised me too often with stubbornly caching, encodings, and grabbing the cookiejar when you're looking the other way.
When I test REST calls, I always start with cURL.
If it works in cURL, I can continue with trying to script in e.g. Python.

Anyway, the call you're trying works fine for me with cURL. 

Get a token:
$ curl "http://localhost:8060/rest-service/auth-v1/login?userName=rene&password=password"
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<loginResult>
  <token>rene:0:e64f1c17b35ad9cb5b34f42fa5b298da</token>
</loginResult>

Try the search REST call without authentication:
$ curl "http://localhost:8060/rest-service-fe/search-v1/query/p4sample?query=select%20revisions%20where%20comment%20matches%20test"
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<status>
  <status-code>401</status-code>
  <message>Client must be authenticated to access this resource.</message>
</status>

Call search again, this time with token:
$ curl "http://localhost:8060/rest-service-fe/search-v1/query/p4sample?FEAUTH=rene:0:e64f1c17b35ad9cb5b34f42fa5b298da&query=select%20revisions%20where%20comment%20matches%20test"
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<fileRevisionKeyList>
  <fileRevisionKey rev="743" path="Jamgraph/MAIN/QAResults/jam-ndd.1.out"/>
  <fileRevisionKey rev="806" path="Jamgraph/DEV/QAResults/jam-ndd.1.out"/>
</fileRevisionKeyList>

I suggest you give cURL a spin to see if that works for you.

Reply
0 votes
Lars Hüper
Lars Hüper April 1, 2014

No reaction, but still Fisheye is not working correctly. In version 3.3, basic authentication is longer supported, so I have to give up here. No chance to get my revisions out of Fisheye via the REST API. And no help from Atlassian - only repeated e-mails asking me to close the issue.

This is really disappointing.

Reply
0 votes
Lars Hüper
Lars Hüper March 12, 2014

Hi, 1,5 years ahead - are there any improvements on this?

View More Comments
Steven Toth
Steven Toth April 21, 2014

I had an issue with it until I enclosed the curl request parameter in quotes as in the example by Rene.

You should also check if the remote REST api is enabled for your server? You can enable it on the "Server" page on the Administration console.

Like
Reply
0 votes
Lars Hüper
Lars Hüper June 30, 2012

Hi Rene,

I've tried with cURL, but the behaviour stays the same. It looks to me, that there might be a configuration problem with my Fisheye instance. But I have no idea, where. We use Crowd authentication with our JIRA instance. Perhaps, this causes the trouble?

Reply

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

Atlassian logo
Answers Developer Questions
TAGS
AUG Leaders

Atlassian Community Events

    See all events