I'm writing an application that invokes REST calls to Jira, and want to use oAuth to authenticate the application (not the user of the application) with Jira. I understand that I can use basic authentication in this model, but given the warnings about deprecation of the basic authentication mechanism for cloud, and the generally better security of the oAuth model, I'd prefer not to use basic authentication
That said, the authentication that has to happen is application-to-application; not user-to-application. I need for my application to have privileges that the user might not have him/herself (i.e. the ability to aggregate data from multiple projects, some of which my application user might not have access to). This then, has to be a "headless" interaction between Jira and my application.
I'm having a hard time with two pieces of this process:
- The sample application clearly has the user interacting with the authentication process; I can't find a sample that is non-interactive
- I'm getting caught up in the differences between Google's implementation and Spring's implementation (we're a Spring shop here, and I'm not sure if Google packages are permitted in our code).
If anyone can point me in the direction of examples of headless oAuth with Spring, I would very much appreciate it.
