我正在尝试在我正在开发的应用程序中使用JIRA Cloud REST API。最近我开始收到403错误。直到大约一周前,我的集成才可靠,但是这些错误响应已经开始变得非常频繁。
我按照3LO code grants的文档。目前,我有:
尝试使用JIRA Cloud REST API进行身份验证时,一切似乎都按预期工作。
https://accounts.atlassian.com/authorize
从JIRA访问数据。我在此请求中包含以下范围:offline_access read:jira-user read:jira-work
以确保所需的读取权限和令牌续订能力(即offline_access
)https://accounts.atlassian.com/oauth/token
请求访问令牌(使用提供的重定向code
)。这成功了,我现在有了有效的access_token
和refresh_token
'shttps://api.atlassian.com/oauth/token/accessible-resources
。我使用之前获得的access_token
来通过此调用获取我的网站cloud_id
。这按预期工作,我现在有我的网站cloud_id
https://api.atlassian.com/ex/jira/{MY_CLOUD_ID}/rest/api/3/search
。我通过这些请求标头以与以前相同的方式使用access_token
:
headers: {
'Authorization': `Bearer { MY_ACCESS_TOKEN }`,
'Accept': 'application/json'
}
如上所述,这在过去一周左右的时间内完美运行。不幸的是,JIRA文档没有列出403
作为search method的响应代码。
两件事......(1)本周早些时候发布了一篇文章,其中有人在云中的搜索行为也发生了变化。您可能想要查找该帖子以了解它是如何解决的(我会在片刻找到它,如果我找到它,我会在这里添加链接)。他和你一样使用“api / 3”...文档说“api / 3”处于测试阶段。那么也许试试“api / 2”?
(2)我不知道这段代码是否有用......它访问REST API,但我正在进行的调用与你的调用有很大的不同。这违反了JIRA的内部部署版本(最新的代码)。我没有要测试的云实例。
呼叫登录/验证:
Const APIAuthPath = "/rest/auth/1/session"
Sub Call_JIRALogin(pUserName, pPassword)
Dim JIRASendString As String, JIRASendURL As String
JIRASendURL = BaseURL1 & APIAuthPath
JIRASendString = " {"
JIRASendString = JIRASendString & Chr(34) & "username" & Chr(34) & ":" & Chr(34) & pUserName & Chr(34)
JIRASendString = JIRASendString & ","
JIRASendString = JIRASendString & Chr(34) & "password" & Chr(34) & ":" & Chr(34) & pPassword & Chr(34)
JIRASendString = JIRASendString & "}"
Set objHTTP = CreateObject("MSXML2.ServerXMLHTTP")
objHTTP.setOption 2, 13056
With objHTTP
.Open "POST", JIRASendURL, False
.setRequestHeader "Content-Type", "application/json"
.setRequestHeader "Accept", "application/json"
.send (JIRASendString)
CResponse1 = .responseText
cCookie1 = "JSESSIONID=" & Mid(CResponse1, 42, 32) & "; Path=/Jira" '*** Extract the Session-ID
CStatus1 = .Status
End With
后续电话:
Sub BBB_SingleIssue_Driver(inIssueId)
Dim JIRASendURL
CurrIssue = inIssueId
JIRASendURL = BaseURL1 & "/rest/api/2/issue/" & CurrIssue
With objHTTP
.Open "GET", JIRASendURL, False
.setRequestHeader "Set-Cookie", cCookie1 '*** see Create a "Cookie"
.send
CResponse1 = .responseText
CStatus1 = .Status
End With
If CStatus1 <> 200 Then
MsgBox ("Failed to retrieve issue " & CurrIssue & " status code : " & CStatus1)
GlobalHttpStatus = CStatus1
GlobalHttpResponse = CResponse1
GlobalStep = "Retrieve Issue: " & CurrIssue
GoTo SingleIssueErrOut
End If
' handle a good response
SingleIssueErrOut:
' handle an error
End Sub
最后的解决方案是在向JIRA的Cloud REST API发出请求时通过Basic Authentication头使用Authorization
:
https://CLOUD_ID.atlassian.net/rest/api/3/API_METHOD
头:
'Authorization': 'Basic ZGFjcmVAb...',
'Accept': 'application/json'
未来的according to the API documentation将删除基本身份验证,因此这被视为一种临时解决方案。