Gadget Oauth Tokens using old HTTP BaseUrl

Because I like to live dangerously here are the screenshots again

Working Confluence to Jira token for jira gadget in confluence

Now the working screenshot repeated itself, well the broken one is still in a comment above

I am going to try and post some images - I hope it works.

The confluence database bandana entry should have the confluence oauth information:

The jira oauthconsumer table has the JIRA oauth information:

The jira oauthspconsumer table has the Confluence oauth information:

So...everything I typed after the last image was deleted and the last image was duplicated.

Here is what I tried to post:

I am still trying to reproduce the issue on my test instance. I do have the old base URLs in the database and in the UI when I view the tokens (I changed both base URLS, then revoked and recreated the tokens, deleted and recreated applinks and gadget feed) but my gadgets do not require me to login and approve every time so I am not sure we are on the right track.
Changes manually made to the database do not usually go into effect until a restart so I look forward to hearing whether that helps.
I hope you backed up the database before updating it, in case the applications have trouble after the changes.

So I came in this morning and my sites are using self signed ssl certs all of a sudden?

I didn't do anything to that configuration, could messing with the oauth db entries have done anything to the cert configuration?

Actually, no they're not, it's worse, they didn't actually start. The inseucre cert page just went to the default apache page, as if tomcat wasn't even running. That or apache stole port 443 because it got updated

Investigating further

Nevermind, false alarm, apache just had a yum update so the default ssl conf file came back and apache tried to steal port 443 from tomcat. It's a downside to using authbind to make tomcat run on 443 for jira and confluence and then still using apache on port 80 for making easy shortcut urls without having to restart tomcat.

Going to test the connections again.

Ok so the behavior is a bit different now. I am still getting the wrong url in the token description for links from jira to confluence, but there are some good things, let me explain...

JIRA gadgets in Conflunece

This I believe is working as expected.

Whenever I add a gadget I haven't added to any other page I get the Login & Approve button. 

If I add a JIRA gadget that I have previously added to any confluence page I can configure it to the already linked jira without any additional steps.

If I go look at the token descriptions, they all have the proper urls.

Confluence gadgets on JIRA Dashboards

So perhaps these are supposed to work differently, but based on the way the previous linking works, when I add a confluence gadget to a JIRA dashboard that I have previously added to any other JIRA dashboard, it shouldn't ask me for a login.

Granted, I did just test whether or not reauthentication was prompted for viewing the same instance of a gadget and that has been fixed. As in, I set up a confluence page gadget on a dashboard and then went to a different computer and viewed that dashboard and I was able to view it without it asking me to login again. 

However, if I try to add another confluence page gadget on the same or a different dashboard, it prompts me to login & approve the gadget again. i.e. If I already approved the quickNav gadget on a dashboard once, I get prompted for approval again if add another instance of the quick nav gadget to the same or a different dashboard. And then duplicate tokens are on the confluence authorized applications page for that gadget.

If I understand the way the gadget/token authentication should be working correctly, then there should be one oauth token per gadget. When I add confluence gadgets in JIRA its asking for a new token for every instance of any gadget. 

TL:DR

JIRA gadgets in confluence pages work exactly as they should now, yay! Thank you!  

Confluence gadgets in JIRA dashboards are sort of working, it no longer re-requests access every time its viewed once a gadget instance has been allowed. There are however still 2 minor issues occurring. 

- The token descriptions for confluence gadgets linked to JIRA dashboards have the icon, name, and url of confluence instead of JIRA.

- When linking confluence gadgets on a JIRA dashboard it asks for a new token/approval for every instance of a gadget rather than the expected token per type of gadget. 

I accepted my outline of the commands I got from the referenced workarounds as the solution for now. Though I still hope for further help on the confluence side tokens when linking confluence gadgets on jira dashboards

Thanks for following up!

Sorry for the delayed response. I am getting help from some colleagues and we will update you when we have more troubleshooting steps.

@DarkSideMilk You will be getting a notification from our portal shortly, as well as a request for logs.

I wanted to let you know that issue with the forum posting duplicate images and dropping parts of posts has been fixed, so we shouldn't experience that trouble again.

I am not sure we can recover your comment. I just emailed you the notice I got when you posted the SQL queries earlier, in the hope that you will post them again.

I am very sorry about the duplicated images and posts disappearing - I have reported the issues to the team responsible for the forum. It has been happening to me as well, so I understand the frustration.

Thank you for the speedy reply.

I'm going to check out the work arounds and give them a try and report back. 

I do currently have Oauth with impersonation on my application links if that makes any difference.

I gave it a try but changing the descriptions in the database didn't fix the issue.

Also this bug only covers the baseurl for confluence being wrong in the token. I wasn't able to see the old references to the jira baseurl in the confluence or jira database. Perhaps they're in different tables?

It looks like Confluence reads the Jira URL from the Jira database. This bug report has a query to change the Jira URL in the Jira database: JIRA OAuth Consumer Description can't be edited

It refers to Stash but applies to any Atlassian application links.

The strategy is to change the Jira URL in the Jira database, then recreate the Application link, which should cause Confluence to pick up the new URL from Jira.

I look forward to hearing whether this procedure works for you.

I did not try changing the name (realized I did change the name of the installation technically) in the key nor recreating the application link, just tried to recreate the token link by relinking a new gadget.

I will check the oauth related tables in jira again for one that has the old jira url in it.

So that Bug report workaround was a lot more help and I am a lot closer to a working solution. Hadn't thought about how I had changed the Install/Site titles for both applications in their General Settings pages.

So what I did...

Confluence DB via psql commandline

Updated the name and description properties of the bandanavalue field in the bandana table in confluence. 

It's found with this select statement

SELECT * FROM bandana WHERE BANDANAKEY LIKE 'com.atlassian.oauth.consumer.ConsumerService:host.__HOST_SERVICE__';

Updated with these commands that replace the strings within the value

#replacing the name string
UPDATE bandana SET bandanavalue = replace(bandanavalue,'<property name="name" value="Confluence"/>','<property name="name" value="NewName"/>') WHERE BANDANAKEY LIKE 'com.atlassian.oauth.consumer.ConsumerService:host.__HOST_SERVICE__';

#replacing the description
UPDATE bandana SET bandanavalue = replace(bandanavalue,'<property name="description" value="Atlassian Confluence at http://oldUrl:8090"/>','<property name="description" value="Atlassian Confluence at https://newUrl"/>') WHERE BANDANAKEY LIKE 'com.atlassian.oauth.consumer.ConsumerService:host.__HOST_SERVICE__';

JIRA DB via psql command line

Updated the description and consumername fields in the oauthconsumer table to be the new jira name and url and updated the oauthspconsumer table to be the new confluence name and URL.

They are viewed with these select commands

#View JIRA oauth consumer information
select * from oauthconsumer;

#View Confluence Oauth consumer information
select * from oauthspconsumer;

I updated them like this

#update Jira Oauth consumer information
  #the consumername
UPDATE oauthconsumer SET consumername='newJiraName';
  #the description
UPDATE oauthconsumer SET description=replace(description,'http://oldJIRAurl','https://newJIRAUrl');

#update Confluence Oauth consumer information
  #the consumername
UPDATE oauthspconsumer SET consumername='newConfluenceName';
  #the description
UPDATE oauthspconsumer SET description=replace(description,'http://oldConfluenceUrl','https://newConfluenceUrl');

Delete and Recreate Application Links

Deleted the Application Link for confluence in JIRA

Deleted the link for JIRA in cofluence

Made the link to confluence from JIRA and followed the wizard to make the matching one.

The automatic method used oauth with impersonation

The Result

 So now when I make a gadget macro in confluence and view the tokens page in JIRA, it has the correct information Yay!

However when I link a confluence gadget in a dashboard and view the oauth links on the confluence side it now says that its linking to itself rather than JIRA. i.e. the description shows the confluence description when it should show the jira description.

The bottom part of my last comment is getting cut off. Trying to post it again, this is what should come after the picture that is repeating itself...

The bottom part of my last comment is getting cut off. Trying to post it again, this is what should come after the picture that is repeating itself...