Hello,
Pretty new to web dev type of projects but currently I am attempting to set up a script to generate JIRA tickets. I am trying to do a simple create JIRA issue from a button click, but I think that authorization is stopping me, or possibly inexperience. I think that the issue is that the access token from JIRA needs to be base64 encoded, but I can’t find a way to do that in perspective. I get a 500 error with this code (leading me to think something is wrong with the authorization header), and a 401 error when I input the username and password as one of the parameters for the system.net.httpPost() function, and exclude the headerValues.
Here is my code, with being my identifiable info redacted:
accessToken = '<myUsername>:<JIRA_API_Token>'
uri = "http://<My Company's JIRA Project page>"
headers = {"Authorization":"Basic " + accessToken, "Content-Type":"application/json"}
issueData = """{
"fields": {
"project":
{
"key": "VPI"
},
"summary": "REST ye merry gentlemen.",
"description": "Creating of an issue using project keys and issue type names using the REST API",
"issuetype": {
"name": "Bug"
}
}
}"""
newIssue = system.net.httpPost(url = uri, postData = issueData, headerValues = headers, throwOnError = True)
If base64 encoding is not possible, what would be an alternative for this issue?
If it helps: I am using ignition version:
8.1.7 (b2021060314)
Thanks,
First, I would switch to using system.net.httpClient(). It’s better in a myriad of ways.
For a concrete example, you can directly post your JSON content as a Python dictionary:
accessToken = '<myUsername>:<JIRA_API_Token>'
uri = "http://<My Company's JIRA Project page>"
headers = {"Authorization":"Basic " + accessToken}
issueData = {
"fields": {
"project":
{
"key": "VPI"
},
"summary": "REST ye merry gentlemen.",
"description": "Creating of an issue using project keys and issue type names using the REST API",
"issuetype": {
"name": "Bug"
}
}
}
response = system.net.httpClient().post(url = uri, data = issueData, headers = headers)
print response
For your specific question, you can use various Python builtin modules to encode to base64, or an Ignition builtin, or one from the Java standard library. There’s not really a lot of difference. For instance:
toEncode = "<myUsername>:<JIRA_API_Token>"
from base64 import b64encode
print b64encode(toEncode)
from java.util import Base64
print Base64.getEncoder().encodeToString(toEncode)
Both print the same output, but the ‘Java way’ is a whole lot more verbose 
Okay thanks, I think that this is working, but my JIRA permissions or configurations are not set up properly, as I keep getting a 405 error. I’ll mark this as the solution, though.
Thanks.
Currently for the system.net.httpClient() only basic auth is supported, which is why I was having issues with API key authorization. The only way I have gotten the request to work is to send my JIRA username and password as a string in the username and password parameters (which is then added to the authorization header I believe, which is base64 encoded before being sent). This is obviously is not the most secure and ideal way to do this request. Is there a more secure way to send the basic authorization , or will other authorization types be supported in the future?
Is this JIRA on premise I assume? Almost all their APIs use HTTP Basic auth and it looks like your not using HTTPS, so there is really nothing secure about the request anyway. HTTP Basic is old, but still widely used, really nothing wrong with doing it that way especially for on-premise systems. Even most of the JIRA API examples use HTTP Basic auth.
If you want to get really fancy/advanced, you could try using the Jira Java library, but your would need to install it to Ignition and learn how to use that library. (Even the Java library supplied by Jira uses HTTP Basic auth by default)
Yes, we are using JIRA on premise. But what you said makes sense. If it isn’t a big issue with on premise, then I will probably just continue doing it this way. Thanks for your reply
If you’re worried about a MITM intercepting traffic, use HTTPS - that way even if someone captures the packets, they’re useless.
There’s nothing significantly worse about Basic Auth as compared to Digest or NLTM or whatever else…as long as it’s HTTPS. Over HTTP, no authorization header is really secure.
1 Like