Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OAuth 2.0 #423

Open
marlinpierce opened this issue Dec 28, 2023 · 4 comments
Open

OAuth 2.0 #423

marlinpierce opened this issue Dec 28, 2023 · 4 comments
Labels
Enhancement Enhancements to existing features

Comments

@marlinpierce
Copy link
Contributor

I am creating this issue for a request client which supports OAuth 2.0.

@marlinpierce
Copy link
Contributor Author

I have work in progress for writing such a Request Client. I have it to a POC level. When I have a viable prototype I'll create a draft PR.

I created this issue to track discussion about such an implementation.

@marlinpierce
Copy link
Contributor Author

We use OAuth 2.0 for our Jira server. We have yet been passing the Access Token in a bearer authentication header as an additional default header. My RequestClient code uses the oauth2 gem to make calls to Jira.

@marlinpierce
Copy link
Contributor Author

I became busy so this will not be ready for the next release, 0.2.4. I will work on having it ready, with enough time for review and discussion, by the end of 2024, to be ready for the 0.2.5 release.

@bobbrodie bobbrodie added Maintenance Chores, dependency updates, etc. Enhancement Enhancements to existing features and removed Maintenance Chores, dependency updates, etc. labels Apr 27, 2024
@InbaKrish
Copy link

InbaKrish commented Oct 1, 2024

For the workaround I have followed the below for OAuth2 token based API authentication,

class JiraClient
  def initialize(token)
    headers = { 'Authorization' => 'Bearer ' + token }
    options = {
      site: 'https://api.atlassian.com',
      auth_type: :basic,
      default_headers: headers,
      context_path: '',
      rest_base_path: '/ex/jira/' + ENV['ATLASSIAN_CLOUD_ID'] + '/rest/api/2',
    }
    @client = JIRA::Client.new(options)
  end
end

The token required above is fetched from the Atlassian OAuth2 client using atlassian OAuth2 provider,

SCOPES = %w[
read:me
read:account
read:jira-work
read:jira-user
write:jira-work
]

OmniAuth.config.allowed_request_methods = [:get, :post]

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :atlassian_oauth2, ENV['ATLASSIAN_CLIENT_ID'], ENV['ATLASSIAN_CLIENT_SECRET'],
    scope: SCOPES.join(' '),
    prompt: "consent"
end

with 'omniauth-atlassian-oauth2' gem.

@marlinpierce you approve of this approach, I'm prepared and interested in starting to work on the contribution.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Enhancement Enhancements to existing features
Projects
None yet
Development

No branches or pull requests

3 participants