Uploaded image for project: 'Bitbucket Data Center'
  1. Bitbucket Data Center
  2. BSERV-13662

The error message in Jira issue preview in Bitbucket is misleading for the non-existent issue keys in case of user doesn't have access to at least one Jira instances

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Medium Medium
    • None
    • 5.16.11, 7.21.9, 8.8.0
    • Integration - JIRA

      Issue Summary

      In the environments with more than one Jira instances connected to Bitbucket, where the user doesn't have application access permission to at least one of the Jira instances, an attempt to access non-existent Jira issue (i.e. UTF-8 in the commit message) will result in error 500 instead of 404.

      This is reproducible on Data Center: yes

      Steps to Reproduce

      1. Install Bitbucket and 2 Jira supported versions
      2. Connect all applications to the same user management (or use one Jira for user management)
      3. Link both Jira instances to Bitbucket with application links setting OAuth with impersonation
      4. Create a user that has full access to Bitbucket, access to one Jira and no access to another (still present in directory but without any application permissions or groups)
      5. Create a new commit with "UTF-8" in the commit message (or any word matching default Jira issue key regex 
        (?<=^|[a-z]\-|[\s\p{Punct}&&[^\-]])([A-Z][A-Z0-9_]*-\d+)(?![^\W_])
      6. Open Jira issue preview from the commit information

      Expected Results


      Actual Results


      The below exception is thrown in the atlassian-bitbucket.log file:

      2023-02-10 15:46:45,547 WARN  [http-nio-7990-exec-13] ie @1J4YJWPx946x3963x0 gbfbqa 172.29.218.145,10.108.14.83 "GET /rest/jira-integration/latest/issues HTTP/1.1" c.a.i.i.jira.DefaultJiraService Problem communicating with Jira instance 'InstEnv Jira - 2' at 'https://instenv-73975-273y.instenv.internal.atlassian.com'. Error: No content to map to Object due to end of input

      In case of opening in a new tab:

      2023-02-10 15:46:54,862 WARN  [http-nio-7990-exec-7] ie @1J4YJWPx946x3968x0 gbfbqa 172.29.218.145,10.108.14.83 "GET /plugins/servlet/jira-integration/issues/UTF-8 HTTP/1.1" c.a.i.i.jira.DefaultJiraService Problem communicating with Jira instance 'InstEnv Jira - 2' at 'https://instenv-73975-273y.instenv.internal.atlassian.com'. Error: No content to map to Object due to end of input
2023-02-10 15:46:54,863 ERROR [http-nio-7990-exec-7]  o.a.c.c.C.[.[.[/].[plugins] Servlet.service() for servlet [plugins] in context with path [] threw exception
com.atlassian.integration.jira.JiraCommunicationException: The server may be unreachable. Please ensure you are running Jira 5.0 or higher.
	at com.atlassian.internal.integration.jira.DefaultJiraService.newCommunicationException(DefaultJiraService.java:1361)
	at com.atlassian.internal.integration.jira.DefaultJiraService.newCommunicationException(DefaultJiraService.java:1354)
	at com.atlassian.internal.integration.jira.DefaultJiraService.findIssue(DefaultJiraService.java:306)
	at com.atlassian.internal.integration.jira.web.IssueJumpServlet.doGet(IssueJumpServlet.java:77)
	at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24)
	at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24)
	at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24)
	at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24)
	at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24)
	at com.atlassian.analytics.client.filter.UniversalAnalyticsFilter.doFilter(UniversalAnalyticsFilter.java:75)
	at com.atlassian.analytics.client.filter.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:33)
	at com.atlassian.stash.internal.spring.lifecycle.LifecycleJohnsonServletFilterModuleContainerFilter.doFilter(LifecycleJohnsonServletFilterModuleContainerFilter.java:42)
	at com.atlassian.bitbucket.internal.ratelimit.servlet.filter.RateLimitFilter.doFilter(RateLimitFilter.java:75)
	at com.opensymphony.sitemesh.webapp.SiteMeshFilter.obtainContent(SiteMeshFilter.java:181)
	at com.opensymphony.sitemesh.webapp.SiteMeshFilter.doFilter(SiteMeshFilter.java:85)
	at com.atlassian.plugin.connect.plugin.auth.scope.ApiScopingFilter.doFilter(ApiScopingFilter.java:81)
	at com.atlassian.troubleshooting.thready.filter.AbstractThreadNamingFilter.doFilter(AbstractThreadNamingFilter.java:46)
	at com.atlassian.stash.internal.spring.lifecycle.LifecycleJohnsonServletFilterModuleContainerFilter.doFilter(LifecycleJohnsonServletFilterModuleContainerFilter.java:42)
	at com.atlassian.stash.internal.web.auth.AuthorizationFailureInterceptor.doFilterInternal(AuthorizationFailureInterceptor.java:39)
	at com.atlassian.stash.internal.spring.security.StashAuthenticationFilter.doFilter(StashAuthenticationFilter.java:85)
	at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doInsideSpringSecurityChain(BeforeLoginPluginAuthenticationFilter.java:112)
	at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:75)
	at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:94)
	at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:67)
	at com.atlassian.oauth2.provider.core.web.AccessTokenFilter.doFilter(AccessTokenFilter.java:81)
	at com.atlassian.stash.internal.spring.lifecycle.LifecycleJohnsonServletFilterModuleContainerFilter.doFilter(LifecycleJohnsonServletFilterModuleContainerFilter.java:42)
	at com.atlassian.plugin.connect.plugin.auth.oauth2.DefaultSalAuthenticationFilter.doFilter(DefaultSalAuthenticationFilter.java:69)
	at com.atlassian.plugin.connect.plugin.auth.user.ThreeLeggedAuthFilter.doFilter(ThreeLeggedAuthFilter.java:109)
	at com.atlassian.plugins.authentication.basicauth.filter.DisableBasicAuthFilter.doFilter(DisableBasicAuthFilter.java:70)
	at com.atlassian.jwt.internal.servlet.JwtAuthFilter.doFilter(JwtAuthFilter.java:37)
	at com.atlassian.analytics.client.filter.DefaultAnalyticsFilter.doFilter(DefaultAnalyticsFilter.java:26)
	at com.atlassian.analytics.client.filter.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:33)
	at com.atlassian.troubleshooting.thready.filter.AbstractThreadNamingFilter.doFilter(AbstractThreadNamingFilter.java:46)
	at com.atlassian.stash.internal.spring.lifecycle.LifecycleJohnsonServletFilterModuleContainerFilter.doFilter(LifecycleJohnsonServletFilterModuleContainerFilter.java:42)
	at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doBeforeBeforeLoginFilters(BeforeLoginPluginAuthenticationFilter.java:90)
	at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:73)
	at com.atlassian.stash.internal.request.DefaultRequestManager.doAsRequest(DefaultRequestManager.java:84)
	at com.atlassian.stash.internal.hazelcast.ConfigurableWebFilter.doFilter(ConfigurableWebFilter.java:38)
	at java.base/java.lang.Thread.run(Thread.java:829)
	... 258 frames trimmed

      Workaround

      Currently there is no known workaround for this behavior. Make sure if you have set up OAuth with impersonation for Applinks that the user have application access permissions in all connected Jira instances.

        1. Screenshot 2023-02-10 at 16.44.49.png
          104 kB
          Anton Shaleev
        2. Screenshot 2023-02-10 at 16.45.01.png
          169 kB
          Anton Shaleev
        3. Screenshot 2023-02-10 at 16.46.51.png
          94 kB
          Anton Shaleev
        4. Screenshot 2023-02-10 at 16.47.00.png
          156 kB
          Anton Shaleev

              Unassigned Unassigned
              ashaleev Anton Shaleev
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: