REST call to retrieve current locale is forbidden Edited

Hi,

I'm trying to retrieve the locale currently set for my account from Jira/Cloud. I'm using the RestTemplate injected by Spring-Boot.

The Spring-Boot log shows me an ERROR 403 / Forbidden:

2017-11-03 20:23:22.774 DEBUG 4580 --- [nio-3000-exec-1] o.s.web.client.RestTemplate              : Created GET request for "https://kuespert-dev.atlassian.net/rest/api/2/mypreferences/locale"
2017-11-03 20:23:22.774 DEBUG 4580 --- [nio-3000-exec-1] o.s.web.client.RestTemplate              : Setting request Accept header to [text/plain, text/plain, application/json, application/json, application/*+json, application/*+json, */*, */*]
2017-11-03 20:23:22.775 DEBUG 4580 --- [nio-3000-exec-1] c.a.c.s.i.request.jwt.JwtGenerator       : Generating JWT with canonical request: CanonicalHttpUriComponentsRequest[method=GET,relativePath=/rest/api/2/mypreferences/locale,parameterMap=[]]
2017-11-03 20:23:22.917 DEBUG 4580 --- [nio-3000-exec-1] o.s.web.client.RestTemplate              : GET request for "https://kuespert-dev.atlassian.net/rest/api/2/mypreferences/locale" resulted in 403 (Forbidden); invoking error handler

The code to retrieve the locale is:

private static <T> T getJiraValue(RestTemplate template, String baseUrl, String restPath, Class<T> type) {
ResponseEntity<T> result = template.getForEntity(baseUrl + JIRA_REST_BASE_PATH + restPath, type);
return result.getBody();
}
public static Locale getCurrentLocale(RestTemplate template, String baseUrl) {
String jiraLocale = getJiraValue(template, baseUrl, "mypreferences/locale", String.class);
Locale locale = new Locale(jiraLocale);
return locale;
}

Can anybody help?

Update 2017/11/04:

Just found out that when I create the RestTemplate object myself via new, i.e. not using the one provided/injected by Spring-Boot/Atlassian-Connect, the REST call succeeds:

2017-11-04 23:36:07.333 DEBUG 6517 --- [nio-3000-exec-1] o.s.web.client.RestTemplate              : Created GET request for "https://kuespert-dev.atlassian.net/rest/api/2/mypreferences/locale"
2017-11-04 23:36:07.334 DEBUG 6517 --- [nio-3000-exec-1] o.s.web.client.RestTemplate              : Setting request Accept header to [text/plain, application/json, application/*+json, */*]
2017-11-04 23:36:07.818 DEBUG 6517 --- [nio-3000-exec-1] o.s.web.client.RestTemplate              : GET request for "https://kuespert-dev.atlassian.net/rest/api/2/mypreferences/locale" resulted in 200 (OK)
2017-11-04 23:36:07.818 DEBUG 6517 --- [nio-3000-exec-1] o.s.web.client.RestTemplate              : Reading [java.lang.String] as "application/json;charset=UTF-8" using [org.springframework.http.converter.StringHttpMessageConverter@4c4adbe]
2017-11-04 23:36:07.820  INFO 6517 --- [nio-3000-exec-1] c.xqual.jira.xstudio.helper.JiraHelper   : Jira user locale is: {"locale":"en_US"}

opposite to the version in which I used the RestTemplate injected by Spring-Boot:

2017-11-04 23:44:52.835 DEBUG 6542 --- [nio-3000-exec-1] o.s.web.client.RestTemplate              : Created GET request for "https://kuespert-dev.atlassian.net/rest/api/2/mypreferences/locale"
2017-11-04 23:44:52.835 DEBUG 6542 --- [nio-3000-exec-1] o.s.web.client.RestTemplate              : Setting request Accept header to [text/plain, text/plain, application/json, application/json, application/*+json, application/*+json, */*, */*]
2017-11-04 23:44:52.835 DEBUG 6542 --- [nio-3000-exec-1] c.a.c.s.i.request.jwt.JwtGenerator       : Generating JWT with canonical request: CanonicalHttpUriComponentsRequest[method=GET,relativePath=/rest/api/2/mypreferences/locale,parameterMap=[]]
2017-11-04 23:44:53.010 DEBUG 6542 --- [nio-3000-exec-1] o.s.web.client.RestTemplate              : GET request for "https://kuespert-dev.atlassian.net/rest/api/2/mypreferences/locale" resulted in 403 (Forbidden); invoking error handler
2017-11-04 23:44:53.070 DEBUG 6542 --- [nio-3000-exec-1] .m.m.a.ExceptionHandlerExceptionResolver : Resolving exception from handler [public java.lang.String com.xqual.jira.xstudio.configuration.ConfigurationController.getEditPage(com.atlassian.connect.spring.AtlassianHostUser,org.springframework.ui.Model)]: org.springframework.web.client.HttpClientErrorException: 403 Forbidden

Notice the missing JWT creation log entry.

This is really strange, since it implies that no authorization is required to access user-specific settings. Shouldn't it be just the other way round?

4 answers

1 accepted

Accepted Answer
0 votes

Closing this question as the title does not match the problem anymore. Will create a new question.

0 votes
Alexey Matveev Community Champion Nov 03, 2017

Hello,

I can not see any authentication to Jira in your code. How do you authenticate? 

Hi,

I'm authenticating via (hopefully) automatically set JWT via Spring RestTemplate retrieved via this call:

@Autowired
private AtlassianHostRestClients atlassianHostRestClients;
...
RestTemplate template = atlassianHostRestClients.authenticatedAsAddon();

See the line from log:

... Generating JWT with canonical request: ...

Thought about that, but I'd like to avoid creating my own JWT handling as it's stated in the atlassian-connect-spring-boot doc at https://bitbucket.org/atlassian/atlassian-connect-spring-boot that this library will handle the JWT signing:

Features

atlassian-connect-spring-boot-starter provides the following features:

...

  • Signing of outbound requests made either as the add-on or as a user
    ...

Just found the solution: the RestTemplate returned by authenticateAsAddon() is not allowed to make request which retrieve user-specific settings.

For such requests the RestTemplate returned by the authenticateAsHostUser() must be used:

RestTemplate template = atlassianHostRestClients.authenticatedAsHostActor();

This worked for me yesterday. Today I'm getting this error log:

2017-11-06 21:52:50.844 DEBUG 1432 --- [nio-3000-exec-1] o.s.web.client.RestTemplate              : GET request for "https://kuespert-dev.atlassian.net/rest/api/2/mypreferences/locale" resulted in 500 (Internal Server Error)
...
2017-11-06 21:52:50.871 DEBUG 1432 --- [nio-3000-exec-1] .w.s.m.s.DefaultHandlerExceptionResolver : Resolving exception from handler [public java.lang.String com.xqual.jira.xstudio.configuration.ConfigurationController.getEditPage(com.atlassian.connect.spring.AtlassianHostUser,org.springframework.ui.Model)]: org.springframework.web.client.HttpServerErrorException: 500 Internal Server Error
2017-11-06 21:52:50.898 DEBUG 1432 --- [nio-3000-exec-1] o.s.web.servlet.DispatcherServlet        : Could not complete request

org.springframework.web.client.HttpServerErrorException: 500 Internal Server Error
    at org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:81) ~[spring-web-4.3.12.RELEASE.jar:4.3.12.RELEASE]
    at org.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:700) ~[spring-web-4.3.12.RELEASE.jar:4.3.12.RELEASE]
    at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:653) ~[spring-web-4.3.12.RELEASE.jar:4.3.12.RELEASE]
    at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:613) ~[spring-web-4.3.12.RELEASE.jar:4.3.12.RELEASE]
    at org.springframework.web.client.RestTemplate.getForEntity(RestTemplate.java:312) ~[spring-web-4.3.12.RELEASE.jar:4.3.12.RELEASE]
    at com.xqual.jira.xstudio.helper.JiraHelper.getJiraValue(JiraHelper.java:34) ~[classes/:na]
    at com.xqual.jira.xstudio.helper.JiraHelper.getCurrentLocale(JiraHelper.java:82) ~[classes/:na]

I did not change anything in my code since yesterday. So what happened.

Did anybody experience the same behaviour?

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted Sep 18, 2018 in Jira

What modern development practices are at the heart of how your team delivers software?

Hey Community mates! Claire here from the Software Product Marketing team. We all know software development changes rapidly, and it's often tough to keep up. But from our research, we've found the h...

24,198 views 2 7
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you