forked from atlassian-api/atlassian-python-api
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathjira_oauth2.py
More file actions
85 lines (71 loc) · 3.19 KB
/
Copy pathjira_oauth2.py
File metadata and controls
85 lines (71 loc) · 3.19 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
# Example server with Flask demonstrating use of Jira OAuth 2.0.
# Server needs to be deployed. Example code is requesting access token from
# Jira. User has to grant access rights. After authorization the
# token and Using access token, Jira cloud ID is identified and
# the available projects are returned.
from requests_oauthlib import OAuth2Session
from atlassian.jira import Jira
from flask import Flask, request, redirect, session
import requests
app = Flask(__name__)
app.secret_key = ""
# JIRA OAuth URLs
authorization_base_url = "https://auth.atlassian.com/authorize"
token_url = "https://auth.atlassian.com/oauth/token"
# Create OAuth 2.0 Integration in Atlassian developer console
# https://developer.atlassian.com/console/myapps/
# Click Authorization → “Configure” under OAuth 2.0 and
# Enter callback url {server}/callback and save
# Click “Permissions” and Add “Jira platform REST API” and other required permissions.
# Click “Configure” under Jira platform REST API and Add permissions like
# “View user profiles“, “View Jira issue data“ and “Create and manage issues”
# Goto setting and copy client id and secret.
client_id = ""
client_secret = ""
redirect_uri = "" # {server_url}/callback
# 2. Redirect to Jira for authorization
# The server request to {server_url}/login is redirected to Jira.
# The user is asked to grant access permissions.
@app.route("/login")
def login():
scope = ["read:me", "read:jira-user", "read:jira-work"]
audience = "api.atlassian.com"
jira_oauth = OAuth2Session(client_id, scope=scope, redirect_uri=redirect_uri)
authorization_url, state = jira_oauth.authorization_url(
authorization_base_url,
audience=audience,
)
session["oauth_state"] = state
return redirect(authorization_url)
# 3. Jira redirects user to callback url with authorization code
# This should be set to {server_url}/callback.
# Access token is fetched using authorization code
@app.route("/callback")
def callback():
jira_oauth = OAuth2Session(client_id, state=session["oauth_state"], redirect_uri=redirect_uri)
token_json = jira_oauth.fetch_token(token_url, client_secret=client_secret, authorization_response=request.url)
return "Token: {}<p />Projects: {}".format(token_json, ", ".join(get_projects(token_json)))
# 4. Access Token used for Jira Python API
# Using access token, accessible resources are fetched and
# First resource id is taken as jira cloud id,
# Jira Client library is called with jira cloud id and token information.
def get_projects(token_json):
req = requests.get(
"https://api.atlassian.com/oauth/token/accessible-resources",
headers={
"Authorization": "Bearer {}".format(token_json["access_token"]),
"Accept": "application/json",
},
)
req.raise_for_status()
resources = req.json()
cloud_id = resources[0]["id"]
oauth2_dict = {
"client_id": client_id,
"token": {
"access_token": token_json["access_token"],
"token_type": "Bearer",
},
}
jira = Jira(url="https://api.atlassian.com/ex/jira/{}".format(cloud_id), oauth2=oauth2_dict)
return [project["name"] for project in jira.projects()]