Create my own Trusted Application

Dmitry Andrejev
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
January 24, 2013

I'm trying to create my own application and add it as Trusted Application in Jira via Application Link functionality.

When I use Generic Application type, then none is displayed under Incoming Authentication and Outgoing Authentication columns.

I've tried to set application type to Confluence and then Jira tries to access /admin/appTrustCertificate file, which of course is missing in my application.

Question 1:

How can I generate this appTrustCertificate file?

Question 2:

How to specify username (without knowing a password) in JIRA REST API request when trusted application incoming authentication is used.

4 answers

1 accepted

0 votes
Answer accepted
Renjith Pillai
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
January 27, 2013

As the webhook is not going to execute on a browser session (am not sure how to correctly word this), I am thinking this might not work. For both trusted/oauth to function, it will be a remote server access initiated while you are in the context of an application open by an user.

In your case, these is a disconnect, as the webhook triggers your script which in turn is accessing JIRA.

I may be completely wrong, but this is what I think.

Dmitry Andrejev
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
January 27, 2013

I've just checked. Smart commit plugin somehow is able to add jira issue comment on behalf of user, who made a commit.

Dmitry Andrejev
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
January 27, 2013

But what about "Smart Commits" plugin, that for example adds a comment to an issue based on svn commit message?

Does it add a comment from user, who made a commit OR just user, which was used to create an application link?

Dmitry Andrejev
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
January 27, 2013

I saw following code in "Smart Commits" FishEye plugin:

impersonationService.doAsUser(PluginMetadata.PLUGIN_ID, user.getUserName(), new Operation<Void, RuntimeException>()

Then I suppose it's possible by a plugin, but how api doing that just from REST API call without writing a plugin?

Renjith Pillai
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
January 29, 2013

Yeah, you are right, you should be able to do it from your web app as well, but I am unable to guide you :(

I am guessing from within the atlassian app it goes via the App Links api which is not available when you are on your on web app - https://developer.atlassian.com/display/APPLINKS/Application+Links

Dmitry Andrejev
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
February 2, 2013

Maybe I need to quickly update created records in Jira database after transition is performed to make them appear as created from another user.

Renjith Pillai
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
February 4, 2013

Don't do that Dmitry, you will get into trouble with index going our of sync.

0 votes
Renjith Pillai
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
February 4, 2013

Dmitry,

Did you see this developer docs on making OAuth calls to JIRA? https://developer.atlassian.com/display/JIRADEV/JIRA+REST+API+Example+-+OAuth+authentication

If you can configure in JIRA this and per user get a OAuth approval, you should be able to push that users changes back into JIRA. Am not sure about the life of the token though.

Dmitry Andrejev
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
February 4, 2013

I'm new to OAuth, mostly used used classes that provided integration, but don't know how the technology works.

So does this work like this:

  1. every user (that can make commits) create a token on his side and give it to me
  2. webhook knows token of each user, who made a commit and uses it to perform REST call to Jira

am I correct?

I saw empty list of active OAuth tokens under Jira user profile, but I didn't see a button to generate one :(

Dmitry Andrejev
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
February 4, 2013

Or do I need to creae a different application link to be used with each user, who made a commit?

Renjith Pillai
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
February 4, 2013

Not really. When the user accesses the site, he will be prompted to authorize, (it's termed OAuth dance), the application receives a token which can be retained to perform actions on behalf of the user. That's the same concept for facebook login also - http://developers.facebook.com/docs/concepts/login/

May be you should try to read the tutorial a couple of times - https://developer.atlassian.com/display/JIRADEV/JIRA+REST+API+Example+-+OAuth+authentication and try to use the client sample code in your web app.

0 votes
Dmitry Andrejev
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
January 26, 2013

The bigger picture is:

  1. commit comes to FishEye
  2. FishEye goes to my script, that is specified as WebHook in FishEye
  3. my script should be able to connect to Jira REST API on behalf of user, who performed a commit
  4. my script then transitions issue based on commit message given by WebHook

Problem is with item #3, because I don't know how to connect to Jira REST API only knowing username, but not a password.

That's why I thought, that "Trused Application" term is right one to allow "my script" issue API calls on behalf of any user.

0 votes
Renjith Pillai
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
January 26, 2013

Can you get the screenshots of exactly what the problem is?

Suggest an answer

Log in or Sign up to answer