Last active
January 8, 2019 23:15
-
-
Save aripatrick/e2a9df954e625a7716d79d4e991f3be9 to your computer and use it in GitHub Desktop.
JIRA oAuth Dance with suppressed insecure HTTPS URL warnings and SSL certificate checks
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| from requests.packages.urllib3.exceptions import InsecureRequestWarning | |
| from oauthlib.oauth1 import SIGNATURE_RSA | |
| from requests_oauthlib import OAuth1Session | |
| from jira.client import JIRA | |
| def read(file_path): | |
| """ Read a file and return it's contents. """ | |
| with open(file_path) as f: | |
| return f.read() | |
| # Suppress InsecureRequestWarning for HTTPS URL | |
| requests.packages.urllib3.disable_warnings(InsecureRequestWarning) | |
| # The Consumer Key created while setting up the "Incoming Authentication" in | |
| # JIRA for the Application Link. | |
| CONSUMER_KEY = 'CONSUMER KEY GOES HERE' | |
| # The contents of the rsa.pem file generated (the private RSA key) | |
| RSA_KEY = read('/PATH/TO/rsa.pem') | |
| # The URLs for the JIRA instance | |
| JIRA_SERVER = 'https://JIRA_URL.com' | |
| REQUEST_TOKEN_URL = JIRA_SERVER + '/plugins/servlet/oauth/request-token' | |
| AUTHORIZE_URL = JIRA_SERVER + '/plugins/servlet/oauth/authorize' | |
| ACCESS_TOKEN_URL = JIRA_SERVER + '/plugins/servlet/oauth/access-token' | |
| # Step 1: Get a request token | |
| oauth = OAuth1Session(CONSUMER_KEY, signature_type='auth_header', | |
| signature_method=SIGNATURE_RSA, rsa_key=RSA_KEY) | |
| # verify: False to skip SSL certificate check | |
| request_token = oauth.fetch_request_token(REQUEST_TOKEN_URL, verify=False) | |
| print("STEP 1: GET REQUEST TOKEN") | |
| print(" oauth_token={}".format(request_token['oauth_token'])) | |
| print(" oauth_token_secret={}".format(request_token['oauth_token_secret'])) | |
| print("\n") | |
| # Step 2: Get the end-user's authorization | |
| print("STEP2: AUTHORIZATION") | |
| print(" Visit to the following URL to provide authorization:") | |
| print(" {}?oauth_token={}".format(AUTHORIZE_URL, request_token['oauth_token'])) | |
| print("\n") | |
| while raw_input("Press any key to continue..."): | |
| pass | |
| # Step 3: Get the access token | |
| # verifer = u'verified' is an ugly hack to get around the verification string | |
| # that the server should (but doesn't) supply as part of authorization response | |
| access_token = oauth.fetch_access_token(ACCESS_TOKEN_URL, verifier = u'verified') | |
| print("STEP2: GET ACCESS TOKEN") | |
| print(" oauth_token={}".format(access_token['oauth_token'])) | |
| print(" oauth_token_secret={}".format(access_token['oauth_token_secret'])) | |
| print("\n") | |
| # Now you can use the access tokens with the JIRA client. Hooray! | |
| # verify: False to skip SSL certificate check | |
| jira = JIRA(options={'server': JIRA_SERVER, 'verify': False}, oauth={ | |
| 'access_token': access_token['oauth_token'], | |
| 'access_token_secret': access_token['oauth_token_secret'], | |
| 'consumer_key': CONSUMER_KEY, | |
| 'key_cert': RSA_KEY, | |
| }) | |
| # print all of the project keys just as an example | |
| for project in jira.projects(): | |
| print(project.key) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment