JIRA REST API cookie based authentication fails when used with python requests

ahmed bajra November 28, 2019

I've been trying to get issue data from the REST API v2 by using cookie based authentication and the python requests library, the /auth/1/session requests returns a 200, cookies are set but all following requests on the same requests.Session object return a 401:

> from requests import Session
> s = Session()
> res = s.post("https://jira.url/jira/rest/auth/1/session",
... json={"username":"user","password":"pass"})
>
> res.status_code
200
> s.cookies
<RequestsCookieJar[<Cookie JSESSIONID=... for jira.url/jira>, <Cookie atlassian.xsrf.token=... for jira.url/jira>]>
> res = s.get("https://jira.url/jira/rest/api/2/issue/ISSUE-100")
> res.status_code
401
> r.request.headers
{'User-Agent': 'python-requests/2.18.4', 'Accept-Encoding': 'gzip, deflate', 'Accept': '*/*', 'Connection': 'keep-alive', 'Cookie': 'JSESSIONID=...; atlassian.xsrf.token=...'}

(In case it's not clear: I removed cookie contents, urls and credentials in the example above)

Furthermore, I get the following message in the response:

os_authType was 'any' and an invalid cookie was sent.

 It seems a bit strange; I'm using the same session, which keeps the connection alive by default, and still, the session cookie gets invalidated. 

Is this a problem by JIRA or does requests just not actually keep the Session open?

Thanks!

1 answer

0 votes
Gonchik Tsymzhitov
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
November 30, 2019

Hi!

Can you try to trace the requests?

logging.basicConfig(level=logging.DEBUG)

I had the same problem here

https://github.com/atlassian-api/atlassian-python-api/blob/master/atlassian/rest_client.py#L24

 

After keeping as object it works well. 

Vincent van ’t Zand March 27, 2023

Sorry, that link shows the current situation, but what was it before? You didn’t subclass object?

Suggest an answer

Log in or Sign up to answer