Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create token auth option #991

Merged
merged 7 commits into from
Oct 24, 2021
Merged

Conversation

skaiaa
Copy link
Contributor

@skaiaa skaiaa commented Dec 10, 2020

I've implemented token based auth by adding proper class inheriting from AuthBase and adding basic_auth parameter to constructor. Results in adding header in form: "authorization" : "Bearer <token>".

@studioj
Copy link
Collaborator

studioj commented May 11, 2021

@skaiaa you think it would be possible to test this implementation on jira server?
Ci atm only tests jira server and it would be a nice addition to the rest of the test suite.
Dunno exactly how to handle auth stuff but the jira server instance is a fresh install for each CI run

@skaiaa
Copy link
Contributor Author

skaiaa commented May 11, 2021

@studioj I tested the change manually with our automation scripts with Jira. Im not familiar with this repo, I can see only those tests: https://github.com/pycontribs/jira/blob/master/tests/tests.py and the file looks massive and scary - what is a proper process for adding unit/integration tests to the repo?

@studioj
Copy link
Collaborator

studioj commented May 12, 2021

@studioj I tested the change manually with our automation scripts with Jira. Im not familiar with this repo, I can see only those tests: https://github.com/pycontribs/jira/blob/master/tests/tests.py and the file looks massive and scary - what is a proper process for adding unit/integration tests to the repo?

Great!
I'm not a tox expert refering to @adehad for this
As a minimum run tox -e lint to find the issues with the current lint test in ci.
I think running tox -e test will run the tests locally for you.
@adehad extended the readme to get started with local execution. If you feel there is improvement needed you could always extend the readme :-).

For testing oauth I was just wondering if it's possible for it to be tested on a local fresh install of jira server keeping in mind security and privacy

@adehad
Copy link
Contributor

adehad commented May 12, 2021

@skaiaa I completely agree that the tests.py is scary.

If I may suggest we make a new file called test_auth.py in the tests folder where we add a test?

As @studioj mentioned, we use tox in our CI, this is paired with docker container that runs a Jira Server instance we test against.
A quickstart may be found here:
https://github.com/pycontribs/jira/blob/master/README.rst#development

The Jira url is stored in the environment variable CI_JIRA_URL, you can also find the user's available in the CI test as environment variables:
https://github.com/pycontribs/jira/blob/master/tox.ini#L44

As the Jira instance is created fresh each time, I'm not sure how best we would get the auth token unless it remains constant. Happy to try and figure that out with you, maybe we might need to get a bit creative!

@adehad
Copy link
Contributor

adehad commented May 15, 2021

Looks like we can use the REST API to generate a PAT:

https://confluence.atlassian.com/enterprise/using-personal-access-tokens-1026032365.html#UsingPersonalAccessTokens-CreatingPATsusingRESTAPI

(@skaiaa could you maybe add me as a collaborator on your fork? I can try and help directly on that branch)

@skaiaa
Copy link
Contributor Author

skaiaa commented May 16, 2021

@adehad Sure I will add you and we can work on this together. Sorry for not responsiveness, pretty crazy week at work, let's get this done in upcoming week.

@adehad
Copy link
Contributor

adehad commented May 16, 2021

@skaiaa no worries, no pressure ! We all have stuff going on !

@studioj
Copy link
Collaborator

studioj commented Aug 28, 2021

Hey @skaiaa any news ? :-) it seems that @adehad bumped the jira server version in our CI system

@adehad adehad force-pushed the create-token-auth-option branch from 20815f2 to ceb0dd8 Compare October 24, 2021 14:54
@adehad
Copy link
Contributor

adehad commented Oct 24, 2021

@ametzger can you give this branch a whirl and see if it works for you?

@adehad adehad merged commit 73d056e into pycontribs:main Oct 24, 2021
svermeulen pushed a commit to svermeulen/jira that referenced this pull request Oct 31, 2021
* Added quick token_auth to client

* Create TokenAuth class and properly implement token authorization

* add test for bearer token auth

Co-authored-by: Anna Przybycień <aprzybycien@atlassian.com>
Co-authored-by: adehad <26027314+adehad@users.noreply.github.com>
Co-authored-by: Alex Metzger <asm@asm.io>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Replacing password with PAT not working add support for JIRA / Confluence Server Personal Access Tokens
3 participants