Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How do you impersonate a user with JIRA oauth?

Albert Ferguson
Albert Ferguson January 2, 2014

I have successfully gotten the JIRA Oauth rest demo working, and I can query issues, and have also created a remote link by adding the changes in this answer
https://answers.atlassian.com/questions/51273/modifying-the-rest-oauth-example-to-include-a-json-body-in-the-request">https://answers.atlassian.com/questions/51273/modifying-the-rest-oauth-example-to-include-a-json-body-in-the-request

The problem I am having is I cannot find anywhere in the documentation or tutorial how to specify the user for 2-legged oauth authentication.

Is anyone able to point me in the right direction for specifying the user when making updates?

Thanks

Watch
Like Brad Leary likes this
7063 views

4 answers

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

3 votes
Martin Cassidy
Martin Cassidy April 27, 2014

I've now been able to get this working using the Jira Java Rest Client, if you're using another client it should be easy enough to apply the same solution. Here's a link to my solution: https://answers.atlassian.com/questions/263719/using-oauth-and-the-jira-java-rest-client?page=1#288617

What you need to do is:

  1. Create a public and private key pair
  2. Setup the trusted application using the Jira gui, enabling the 2 legged oauth option
  3. Send requests as you normally would (foret about request tokens and access and access tokens, and include the following paramaters in the query string of your request
    1. oauth_consumer_key - the name of your consumer as set in the trusted application setup through the Jira gui
    2. oauth_token - an empty string
    3. oauth_signature_method - should be RSA-SHA1 as this is all Jira supports
    4. oauth_signature - the signature for your request, you'll have to generate this using your private key. If using Java, I recommend the net.oauth classes, same as in the Jira Oauth example (https://developer.atlassian.com/display/JIRADEV/JIRA%2520REST%2520API%2520Example%2520-%2520OAuth%2520authentication)
    5. oauth_timestamp - Again, you can generate this automatiacally with net.oauth
    6. oauth_nonce - again, generate automatically as above
    7. user_id - optional, if specified, Jira will run the restfull request as the specified user. If not given, jira will run the request using the user you specified in the Execute as of the trusted application configuration.
View More Comments
Harinath T
Harinath T January 4, 2018

Martin Cassidy

@Martin Cassidy

I am unable to process the user impersonate with the user_id parameter. Below is the code which I have.

OAuthConsumer consumer = new OAuthConsumer(callback, consumerKey, null, serviceProvider);
consumer.setProperty(RSA_SHA1.PRIVATE_KEY, privateKey);
consumer.setProperty(OAuth.OAUTH_SIGNATURE_METHOD, OAuth.RSA_SHA1);

 consumer.setProperty("user_id", "userB"); 

 I tried with "user_id" but not able to create the issues with the userB username.

Can you please provide me the solution how we can do user impersonate while creating/updating issues.

How I can specify the user when making updates on the issues.

Thanks you

Like
Andreas Stenius
Andreas Stenius May 4, 2018

@Harinath T this used to work, but since ~7.5.0 or some such, it doesn't any more. Not sure what is the cause for this, but Jira no longer seems to accept an empty oauth_token and the user_id parameter is not regarded.

I think there may be a new config option for 2 legged impersonation for oauth that might have been introduced (not sure yet, I'm still investigating this myself right now, as what we had stopped working when I had to replace an old oauth token.)

Edit: Sorry for the mis-information. As it turned out I was no longer a system administrator, merely an administrator. You need to enable 2-legged impersonation option for the incomming oauth link in order for it to work properly.

Like
Harinath T
Harinath T May 4, 2018

 

@Andreas Stenius

Thanks for answering. I have done this by creating own plugin.

In that plugin I have created a Filter with ComponentAccessor and ApplicationUser objects.

Like
Reply
1 vote
Luke Cyca
Luke Cyca May 6, 2014

I got this working using the API from Python.

https://gist.github.com/lukecyca/907c4a62758c068fd464

Reply
0 votes
Witek
Witek April 7, 2014

Any success with 2-legged authentication and user impersonation? Can you share your results?

View More Comments
Albert Ferguson
Albert Ferguson April 13, 2014

Hi Witold, I have not been able to get it to work as yet. I have been hoping that by leaving this question here, someone would provide an answer.

If I get it working I will post the details here.

Like
Witek
Witek April 13, 2014

Thnx for answering. I spent 2 days on this with no luck. With 2-legged authentication, I expected the first token to be preauthorized - it's not. And I have no idea how to specifiy user when calling rest api.

Like
Reply
0 votes
Martin Cassidy1
Martin Cassidy February 17, 2014

I'm trying to do this as well but can't seem to find any docs about it.

Reply

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

Atlassian logo
Answers Developer Questions
TAGS
AUG Leaders

Atlassian Community Events

    See all events