Details
-
Bug
-
Resolution: Answered
-
Low
-
None
-
5.1
-
None
-
5.01
-
Description
I am at the start point of the OAuth process, requesting a Request Token. The problem is that Jira 5.1 filters are eating my request, in other words, the Jira filters prevent that the request for the Request token completes.
My code is in a Jira plug-in that should manage the OAuth flow in this context: http://myserver:8080/rest/oslc/latest/oauth/, and example of the Request Token would be: http://myserver:8080/rest/oslc/latest/oauth/request_token.
Is there a Jira filter that catches the URLs with strings containing "oauth" in the address? How does it work?
Or is Jira looking for a Header in the request in order to check for OAuth requests?
Could somebody help to understand how/why the Jira server is handling these OAuth requests? I do not want that Jira deals with them, my plug-in should handle the OAuth requests by itself (of course, as long as they reach its app context).
More info
Description
I have a plug-in that uses OAuth, so a Change Management (CM) application using REST can consume/link Issues from Jira using OAuth. The plug-in that I have is like a middle man to provide REST services to the CM app.
Expected behavior
My plug-in works with Jira 4.2, the OAuth works well there. But when I deploy my plug-in into Jira 5.1, something goes wrong with the OAuth process.
I have my plug-in handling the OAuth authentication without Jira intervention. But it looks like there is a Jira OAuth filter that is preventing me to complete my request for the Request Token.
Workaround:
-I had to change my plug-in filter weight so my code runs before the Jira filters.
-I had to modify my code, so when the oauth request arrives in the context of my plug-in, I stop the filter chain (something that I do not really wanted to do) so Jira does not eats the request and prevent that the process flows. If the filter flows naturally after my code is reached, Jira filters eat my request.
Jira Server logs
[INFO] [talledLocalContainer] 2012-12-18 15:05:18,403 http-2990-8 WARN anonymous 897x945x1 8po31g X.X.XX.XXX /rest/oslc/latest/oauth/request_token [remoteapps.modules.oauth.OAuth2LOAuthenticator] Exception authenticating request
[INFO] [talledLocalContainer] net.oauth.OAuthException: Unknown consumer: f51bccc75a1f82c2cc514f8fe92e1b2d
[INFO] [talledLocalContainer] at com.atlassian.labs.remoteapps.OAuthLinkManager.validateOAuth2LORequest(OAuthLinkManager.java:123)
[INFO] [talledLocalContainer] at com.atlassian.labs.remoteapps.modules.oauth.OAuth2LOAuthenticator.authenticate(OAuth2LOAuthenticator.java:86)
[INFO] [talledLocalContainer] at com.atlassian.labs.remoteapps.modules.oauth.OAuth2LOFilter.mayProceed(OAuth2LOFilter.java:100)
[INFO] [talledLocalContainer] at com.atlassian.labs.remoteapps.modules.oauth.OAuth2LOFilter.doFilter(OAuth2LOFilter.java:58)
[INFO] [talledLocalContainer] at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:74)
[INFO] [talledLocalContainer] at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:42)
My plug-in does have a consumer registered with the key showed in the log, but as the Jira server does not (and I do not need to register it) the app fails to continue with the OAuth process.
Thanks in advance
