VerifierMissing exception while doing Oauth authentication with JIRA

RVal
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
August 19, 2016

Hi

I generated pair of RSA keys and setup Generic Application link on JIRA side and provided all the needed fields for incoming Oauth authentication. On client side I tried to run sample python script copied from here. When I started client it successfully obtained Request Token and gave me JIRA user authorization link. When I authorized access with JIRA I saw JIRA saying

Access Approved
You have successfully authorized 'oauth-consumer'. Please close this browser window and click continue in the client.

But when my client continued to the next step it threw VerifierMissing('No client verifier has been set.') exception

Where can I get the verifier ? JIRA does not give me one with "Access Approved" message. Although according to this page it should produce Verifier with authorization. Am I doing something wrong ?

Another question. Is my understanding correct that if I finally mange to get Access Token from JIRA my client application should save it somewhere to reuse it later and not to ask for user authorization every time it runs ?

Thank you

1 answer

1 accepted

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

6 votes
Answer accepted
RVal
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
August 22, 2016

Apparently JIRA does not care about Verifier. OAuth1Session imported from requests_oauthlib complained about missing Verifier so I assumed I need to provide a valid Verifier I obtain from JIRA at authorization step. But when I provided some random string as verifier parameter while creating OAuth1Session it started working for me. So I had to modify atlassian oauth example example to make it work with JIRA 6.4.9. Here is the modified code.

from oauthlib.oauth1 import SIGNATURE_RSA
from requests_oauthlib import OAuth1Session
from jira.client import JIRA

def read(file_path):
    """ Read a file and return it's contents. """
    with open(file_path) as f:
        return f.read()

# The Consumer Key created while setting up the "Incoming Authentication" in
# JIRA for the Application Link.
CONSUMER_KEY = 'oauth-sample-consumer'
CONSUMER_SECRET = 'dont_care'
VERIFIER = 'jira_verifier'

# The contents of the rsa.pem file generated (the private RSA key)
RSA_KEY = read('private.pem')

# The URLs for the JIRA instance
JIRA_SERVER = 'http://YOUR_JIRA_SERVER'
REQUEST_TOKEN_URL = JIRA_SERVER + '/plugins/servlet/oauth/request-token'
AUTHORIZE_URL = JIRA_SERVER + '/plugins/servlet/oauth/authorize'
ACCESS_TOKEN_URL = JIRA_SERVER + '/plugins/servlet/oauth/access-token'

# Step 1: Get a request token
oauth = OAuth1Session(CONSUMER_KEY, client_secret= CONSUMER_SECRET, signature_method=SIGNATURE_RSA, rsa_key=RSA_KEY)
request_token = oauth.fetch_request_token(REQUEST_TOKEN_URL)

resource_owner_key = request_token['oauth_token'];
resource_owner_secret = request_token['oauth_token_secret'];

print("STEP 1: GET REQUEST TOKEN")
print("  oauth_token={}".format(resource_owner_key))
print("  oauth_token_secret={}".format(resource_owner_secret))
print("\n")

# Step 2: Get the end-user's authorization
print("STEP2: AUTHORIZATION")
print("  Visit to the following URL to provide authorization:")
print("  {}?oauth_token={}".format(AUTHORIZE_URL, request_token['oauth_token']))
print("\n")

raw_input("Press any key to continue...")

oauth = OAuth1Session(CONSUMER_KEY, client_secret= CONSUMER_SECRET, resource_owner_key=resource_owner_key, resource_owner_secret=resource_owner_secret, verifier=VERIFIER, signature_method=SIGNATURE_RSA, rsa_key=RSA_KEY)

# Step 3: Get the access token
access_token = oauth.fetch_access_token(ACCESS_TOKEN_URL)

print("STEP2: GET ACCESS TOKEN")
print("  oauth_token={}".format(access_token['oauth_token']))
print("  oauth_token_secret={}".format(access_token['oauth_token_secret']))
print("\n")

# Now you can use the access tokens with the JIRA client. Hooray!
jira = JIRA(options={'server': JIRA_SERVER}, oauth={
    'access_token': access_token['oauth_token'],
    'access_token_secret': access_token['oauth_token_secret'],
    'consumer_key': CONSUMER_KEY,
    'key_cert': RSA_KEY
})

# print all of the project keys just as an exmaple
for project in jira.projects():
    print(project.key)
paulinew February 2, 2019

Is there a way to automate the authorization without visiting the URL? Thanks!!

Like # people like this
Peddinti Hemanth Satyakumar May 8, 2019

Is there a possible way to automate the authorization without visiting the URL in Python Script?

Like # people like this
TAGS
AUG Leaders

Atlassian Community Events