Using cookies for REST API auth to retrieve information failing with 401

XMLWordPrintable

    • 18
    • Severity 3 - Minor
    • 3

      Summary

      Using cookies for REST API auth to retrieve information failing with 401.

      /rest/api/2/issue/{issue_key}

      Output:

      < HTTP/1.1 401 Unauthorized
 * Server nginx is not blacklisted
 < Server: nginx
 < Date: Tue, 01 Nov 2016 09:52:35 GMT
 < Content-Type: application/json;charset=UTF-8
 < Content-Length: 109
 < Connection: keep-alive
 < X-AREQUESTID: 712x16295x1
 < X-ASEN: SEN-5941992
 < X-AUSERNAME: anonymous
 < X-ATENANT-ID: milkcoffee.atlassian.net
 < Cache-Control: no-cache, no-store, no-transform
 < X-Content-Type-Options: nosniff
 < WWW-Authenticate: OAuth realm="https%3A%2F%2Fmilkcoffee.atlassian.net"
 <
 * Connection #0 to host milkcoffee.atlassian.net left intact
 \{"errorMessages":["You do not have the permission to see the specified issue.","Login Required"],"errors":\{}}

      Steps to reproduce

      1. Get a cookie from instance - curl -c cookies.txt -d "username=user_name&foobar" https://instance.atlassian.net/rest/auth/1/session
      2. Run a GET request for issue - curl -b cookies.txt https://instance.atlassian.net/rest/api/2/issue/ABC-1
      3. Error 401 will be returned

            Assignee:
            Unassigned
            Reporter:
            Fahd (Inactive)
            Votes:
            7 Vote for this issue
            Watchers:
            16 Start watching this issue

              Created:
              Updated:
              Resolved: