[jira] (MCHANGES-324) Plugin logs into JIRA, but doesn't seem to make the status request with the session

Tue, 15 Apr 2014 23:40:23 -0700 

    [ 
https://jira.codehaus.org/browse/MCHANGES-324?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=344992#comment-344992
 ] 

Richard Barnett commented on MCHANGES-324:
------------------------------------------

I just saw that 2.10 has been released so thought I'd test it.

Using 2.9 with the MCHANGES-291 patch works.
Using the release of 2.10 does not.  
I think the JIRA api request for {{.../status}} is missing the 
{{studio.crowd.tokenkey}} cookie from the {{/session}} response.

Patched 2.9 {{-X}} output:
{code}
...
Address: https://palomamobile.atlassian.net/rest/api/2/status
Http-Method: GET
Content-Type: application/json
Headers: {Accept=[application/json], Content-Type=[application/json], 
Cookie=[studio.crowd.tokenkey=02a9...sg00; Domain=.palomamobile.atlassian.net; 
Path=/; Secure; HttpOnly, studio.crowd.tokenkey=""; 
Domain=.palomamobile.atlassian.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; 
Path=/; Secure; HttpOnly, JSESSIONID=357B...C779; Path=/; Secure; HttpOnly, 
atlassian.xsrf.token=BEV2-GO5R-UEXG-O36M|7809ad18ca297320d74fe09e58528ed0c6bd63b7|lout;
 Path=/; Secure]}

Response-Code: 200
Headers: {Cache-Control=[no-cache, no-store, no-transform], 
connection=[keep-alive], Content-Length=[5769], 
content-type=[application/json;charset=UTF-8], Date=[Wed, 16 Apr 2014 06:16:24 
GMT], Server=[nginx], 
Set-Cookie=[atlassian.xsrf.token=BEV2-GO5R-UEXG-O36M|8cabb1d1131c4474fb2e0b9752bc96705d0c9e86|lin;
 Path=/; Secure], 
Strict-Transport-Security=[max-age=315360000;includeSubdomains], 
Vary=[Accept-Encoding], X-AREQUESTID=[976x17573x1], X-ASEN=[SEN-2342040], 
X-ASESSIONID=[105s9dl], X-AUSERNAME=[richard], 
X-Content-Type-Options=[nosniff], X-Seraph-LoginReason=[OK]}
...
Payload: [{...},...]
{code}

2.10 {{-X}} output:
{code}
...
Address: https://palomamobile.atlassian.net/rest/api/2/status
Http-Method: GET
Content-Type: application/json
Headers: {Accept=[application/json], Content-Type=[application/json], 
Cookie=[$Version="1"; JSESSIONID=B587...D705; $Path=/, $Version="1"; 
atlassian.xsrf.token=BEV2-GO5R-UEXG-O36M|5fff433f88eef360c36b07b6a3613bf8aac947c9|lout;
 $Path=/, $Version="1"; studio.crowd.tokenkey=""]}

Response-Code: 200
Headers: {Cache-Control=[no-cache, no-store, no-transform], 
connection=[keep-alive], Content-Length=[2], 
content-type=[application/json;charset=UTF-8], Date=[Wed, 16 Apr 2014 06:07:58 
GMT], Server=[nginx], 
Strict-Transport-Security=[max-age=315360000;includeSubdomains], 
Vary=[Accept-Encoding], X-AREQUESTID=[967x17557x1], X-ASEN=[SEN-2342040], 
X-ASESSIONID=[b0z5dq], X-AUSERNAME=[anonymous], 
X-Content-Type-Options=[nosniff]}
...
Payload: []
{code}

> Plugin logs into JIRA, but doesn't seem to make the status request with the 
> session
> -----------------------------------------------------------------------------------
>
>                 Key: MCHANGES-324
>                 URL: https://jira.codehaus.org/browse/MCHANGES-324
>             Project: Maven Changes Plugin
>          Issue Type: Bug
>          Components: jira
>            Reporter: Antony Stubbs
>            Assignee: Dennis Lundberg
>             Fix For: 2.10
>
>
> After successful login, I end up with:
> {code}
> Nov 11, 2013 5:47:19 PM org.apache.cxf.interceptor.LoggingOutInterceptor
> INFO: Outbound Message
> ---------------------------
> ID: 3
> Address: https://xxxxxxxxxxxxxxxxx/rest/api/2/status
> Http-Method: GET
> Content-Type: application/json
> Headers: {Accept=[application/json], Content-Type=[application/json]}
> --------------------------------------
> Nov 11, 2013 5:47:19 PM org.apache.cxf.interceptor.LoggingInInterceptor
> INFO: Inbound Message
> ----------------------------
> ID: 3
> Response-Code: 200
> Encoding: UTF-8
> Content-Type: application/json;charset=UTF-8
> Headers: {Cache-Control=[no-cache, no-store, no-transform], 
> connection=[keep-alive], Content-Length=[2], 
> content-type=[application/json;charset=UTF-8], Date=[Mon, 11 Nov 2013 
> 22:47:30 GMT], Server=[nginx], 
> Set-Cookie=[atlassian.xsrf.token=B14E-GL73-6FKZ-OP3B|dd19dbabf6f82c59be235929d3f1ee8d9e41fa4a|lout;
>  Path=/], Strict-Transport-Security=[max-age=315360000;includeSubdomains], 
> Vary=[Accept-Encoding], X-AREQUESTID=[1067x34467x1], X-ASEN=[SEN-2356824], 
> X-AUSERNAME=[anonymous]}
> Payload: []
> {code}
> Which returns nothing as you can see. I think that may be because it has 
> X-AUSERNAME=[anonymous] ? Instead of using the session it created...
> After logging into jira in chrome, pasting the just the rest url into the 
> browser returns all the different status (works as I'd expect).



--
This message was sent by Atlassian JIRA
(v6.1.6#6162)

Reply via email to