I'm looking to replace the use of basic auth for a cookie based auth in one of my Google Apps Scripts - there are requests in a loop and I'm making way too many basic auth requests to be healthy. I can get the Cookie information:
["JSESSIONID=0F8028217C13F800D4BF8DC39039CECB; Path=/; HttpOnly", "atlassian.xsrf.token=BGEC-SXY8-GZJS-KSG2|14ea1fe89392c0e5c8345642b124d0af56e059b3|lout; Path=/", "crowd.token_key=\"\"; Domain=.example.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; HttpOnly", "crowd.token_key=p4nxzZ7IEoq8FO4gbhNEIw00; Domain=.example.com; Path=/; Secure; HttpOnly"]
and I think I'm sending that back in the header of my subsequent requests, but I still get a 401.
* Should I be sending the whole cookie array?
* Why do I have "Expires=Thu, 01-Jan-1970 00:00:10" in there?
The header being passed in looks like this:
({cookie:["JSESSIONID=FC8EC06AB4C02C6C2801EAE1F29799E1; Path=/; HttpOnly", "atlassian.xsrf.token=BGEC-SXY8-GZJS-KSG2|7e80e224abe5f460e3789e2c5316eb7b23c10173|lout; Path=/", "crowd.token_key=\"\"; Domain=.example.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; HttpOnly", "crowd.token_key=p4nxzZ7IEoq8FO4gbhNEIw00; Domain=.example.com; Path=/; Secure; HttpOnly"]})
* Do I need fuller headers to Jira to accept the request?
My Jira application is handing off to crowd for auth, as seen in the crowd tokens.
Any help with this is much appreciated!
Community moderators have prevented the ability to post new answers.
I got it working by passing the following through (javascript). The payload must be passed through here as well if you want to query or edit jira tickets via the API:
({headers:{Cookie:"crowd.token_key=TTiGG72Unkyfu09Keax6Xw00;
atlassian.xsrf.token=BGEC-SXY8-GZJS-KSG2|399d85922ef29a9ca8a77d5618d1cb5f9e2eaecb|lout;
JSESSIONID=B59EEDA976328EFBDD81255A0F475DE0"},
payload:"{\"jql\":\" // etc tec (your query) }
contentType:"application/json", method:"post"})
Just sending JSESSIONID works for me, eg:
wget --header="Cookie: JSESSIONID=9975ACFD4C05998E2F72FA2D8AB9AEF9" http://.../jira/rest/
> Why do I have "Expires=Thu, 01-Jan-1970 00:00:10" in there?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I don't know how much this helps, but in my java app, I use the Apache Http Client., When i analyze the traffic from it, i can see that i send the following cookie data in the request header:
Cookie: JSESSIONID=9B5B6368EA6FDF4D767E0ABA5B818010; atlassian.xsrf.token=BW9V-8CUP-BCG3-MPMB|b1e2841e7a26d7393396733854dce73caeaecce7|lin
Cookie2: $Version=1
I am not using crowd.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.