Loading...

Type: Bug
Resolution: Unresolved
Priority: Medium
Fix Version/s: None
Affects Version/s: 5.16.11, 7.21.9, 8.8.0
Component/s: Integration - JIRA
Labels:
- dob-pr

Support reference count:
3
Symptom Severity:
Severity 3 - Minor
UIS:
1
Bug Fix Policy:
View Atlassian Server bug fix policy

Issue Summary

In the environments with more than one Jira instances connected to Bitbucket, where the user doesn't have application access permission to at least one of the Jira instances, an attempt to access non-existent Jira issue (i.e. UTF-8 in the commit message) will result in error 500 instead of 404.

This is reproducible on Data Center: yes

Steps to Reproduce

Install Bitbucket and 2 Jira supported versions
Connect all applications to the same user management (or use one Jira for user management)
Link both Jira instances to Bitbucket with application links setting OAuth with impersonation
Create a user that has full access to Bitbucket, access to one Jira and no access to another (still present in directory but without any application permissions or groups)
Create a new commit with "UTF-8" in the commit message (or any word matching default Jira issue key regex
```
(?<=^|[a-z]\-|[\s\p{Punct}&&[^\-]])([A-Z][A-Z0-9_]*-\d+)(?![^\W_])
```
Open Jira issue preview from the commit information

Expected Results

Actual Results

The below exception is thrown in the atlassian-bitbucket.log file:

2023-02-10 15:46:45,547 WARN  [http-nio-7990-exec-13] ie @1J4YJWPx946x3963x0 gbfbqa 172.29.218.145,10.108.14.83 "GET /rest/jira-integration/latest/issues HTTP/1.1" c.a.i.i.jira.DefaultJiraService Problem communicating with Jira instance 'InstEnv Jira - 2' at 'https://instenv-73975-273y.instenv.internal.atlassian.com'. Error: No content to map to Object due to end of input

In case of opening in a new tab:

2023-02-10 15:46:54,862 WARN  [http-nio-7990-exec-7] ie @1J4YJWPx946x3968x0 gbfbqa 172.29.218.145,10.108.14.83 "GET /plugins/servlet/jira-integration/issues/UTF-8 HTTP/1.1" c.a.i.i.jira.DefaultJiraService Problem communicating with Jira instance 'InstEnv Jira - 2' at 'https://instenv-73975-273y.instenv.internal.atlassian.com'. Error: No content to map to Object due to end of input
2023-02-10 15:46:54,863 ERROR [http-nio-7990-exec-7]  o.a.c.c.C.[.[.[/].[plugins] Servlet.service() for servlet [plugins] in context with path [] threw exception
com.atlassian.integration.jira.JiraCommunicationException: The server may be unreachable. Please ensure you are running Jira 5.0 or higher.
	at com.atlassian.internal.integration.jira.DefaultJiraService.newCommunicationException(DefaultJiraService.java:1361)
	at com.atlassian.internal.integration.jira.DefaultJiraService.newCommunicationException(DefaultJiraService.java:1354)
	at com.atlassian.internal.integration.jira.DefaultJiraService.findIssue(DefaultJiraService.java:306)
	at com.atlassian.internal.integration.jira.web.IssueJumpServlet.doGet(IssueJumpServlet.java:77)
	at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24)
	at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24)
	at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24)
	at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24)
	at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24)
	at com.atlassian.analytics.client.filter.UniversalAnalyticsFilter.doFilter(UniversalAnalyticsFilter.java:75)
	at com.atlassian.analytics.client.filter.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:33)
	at com.atlassian.stash.internal.spring.lifecycle.LifecycleJohnsonServletFilterModuleContainerFilter.doFilter(LifecycleJohnsonServletFilterModuleContainerFilter.java:42)
	at com.atlassian.bitbucket.internal.ratelimit.servlet.filter.RateLimitFilter.doFilter(RateLimitFilter.java:75)
	at com.opensymphony.sitemesh.webapp.SiteMeshFilter.obtainContent(SiteMeshFilter.java:181)
	at com.opensymphony.sitemesh.webapp.SiteMeshFilter.doFilter(SiteMeshFilter.java:85)
	at com.atlassian.plugin.connect.plugin.auth.scope.ApiScopingFilter.doFilter(ApiScopingFilter.java:81)
	at com.atlassian.troubleshooting.thready.filter.AbstractThreadNamingFilter.doFilter(AbstractThreadNamingFilter.java:46)
	at com.atlassian.stash.internal.spring.lifecycle.LifecycleJohnsonServletFilterModuleContainerFilter.doFilter(LifecycleJohnsonServletFilterModuleContainerFilter.java:42)
	at com.atlassian.stash.internal.web.auth.AuthorizationFailureInterceptor.doFilterInternal(AuthorizationFailureInterceptor.java:39)
	at com.atlassian.stash.internal.spring.security.StashAuthenticationFilter.doFilter(StashAuthenticationFilter.java:85)
	at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doInsideSpringSecurityChain(BeforeLoginPluginAuthenticationFilter.java:112)
	at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:75)
	at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:94)
	at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:67)
	at com.atlassian.oauth2.provider.core.web.AccessTokenFilter.doFilter(AccessTokenFilter.java:81)
	at com.atlassian.stash.internal.spring.lifecycle.LifecycleJohnsonServletFilterModuleContainerFilter.doFilter(LifecycleJohnsonServletFilterModuleContainerFilter.java:42)
	at com.atlassian.plugin.connect.plugin.auth.oauth2.DefaultSalAuthenticationFilter.doFilter(DefaultSalAuthenticationFilter.java:69)
	at com.atlassian.plugin.connect.plugin.auth.user.ThreeLeggedAuthFilter.doFilter(ThreeLeggedAuthFilter.java:109)
	at com.atlassian.plugins.authentication.basicauth.filter.DisableBasicAuthFilter.doFilter(DisableBasicAuthFilter.java:70)
	at com.atlassian.jwt.internal.servlet.JwtAuthFilter.doFilter(JwtAuthFilter.java:37)
	at com.atlassian.analytics.client.filter.DefaultAnalyticsFilter.doFilter(DefaultAnalyticsFilter.java:26)
	at com.atlassian.analytics.client.filter.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:33)
	at com.atlassian.troubleshooting.thready.filter.AbstractThreadNamingFilter.doFilter(AbstractThreadNamingFilter.java:46)
	at com.atlassian.stash.internal.spring.lifecycle.LifecycleJohnsonServletFilterModuleContainerFilter.doFilter(LifecycleJohnsonServletFilterModuleContainerFilter.java:42)
	at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doBeforeBeforeLoginFilters(BeforeLoginPluginAuthenticationFilter.java:90)
	at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:73)
	at com.atlassian.stash.internal.request.DefaultRequestManager.doAsRequest(DefaultRequestManager.java:84)
	at com.atlassian.stash.internal.hazelcast.ConfigurableWebFilter.doFilter(ConfigurableWebFilter.java:38)
	at java.base/java.lang.Thread.run(Thread.java:829)
	... 258 frames trimmed

Workaround

Currently there is no known workaround for this behavior. Make sure if you have set up OAuth with impersonation for Applinks that the user have application access permissions in all connected Jira instances.

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List

Screenshot 2023-02-10 at 16.44.49.png
104 kB
10/Feb/2023 3:45 PM
Screenshot 2023-02-10 at 16.45.01.png
169 kB
10/Feb/2023 3:45 PM
Screenshot 2023-02-10 at 16.46.51.png
94 kB
10/Feb/2023 3:57 PM
Screenshot 2023-02-10 at 16.47.00.png
156 kB
10/Feb/2023 3:57 PM

relates to

BSERV-13660 The error message in Jira issue preview in Bitbucket is misleading in case of the user doesn't have access to Jira

Long Term Backlog

Details

Description

Issue Summary

Steps to Reproduce

Expected Results

Actual Results

Workaround

Attachments

Attachments

Issue Links

Forms

Activity

People

Dates