Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authenticating via password should be deprecated #148

Closed
walidvb opened this issue May 28, 2020 · 3 comments
Closed

Authenticating via password should be deprecated #148

walidvb opened this issue May 28, 2020 · 3 comments
Assignees
@gioboa
Labels
question Further information is requested

Comments

@walidvb
Copy link

walidvb commented May 28, 2020
edited
Loading

Describe the issue
the plugin still offers password authentication, although JIRA responds with a deprecation error

Also, it would be good to explain how to generate an OAuth token within this plugin(or link to the relevant page): https://id.atlassian.com/manage-profile/security/api-tokens
(found in #129 )

To Reproduce
Steps to reproduce the behavior:

  1. Install plugin
  2. Run 'Setup Credentials'
  3. Add Url, email, and password
  4. See error in debug console

Expected behavior
I cannot use password, considering it is not supported

Log

{"statusCode":401,"body":"Basic authentication with passwords is deprecated.  For more information, see: https://confluence.atlassian.com/cloud/deprecation-of-basic-authentication-with-passwords-for-jira-and-confluence-apis-972355348.html\n","headers":{"server":"AtlassianProxy/1.15.8.1","content-type":"text/plain","strict-transport-security":"max-age=315360000; includeSubDomains; preload","date":"Thu, 28 May 2020 16:36:43 GMT","atl-traceid":"a0dc5bb4e9asdebee08","x-xss-protection":"1; mode=block","transfer-encoding":"chunked","x-content-type-options":"nosniff","connection":"close","expect-ct":"report-uri=\"https://web-security-reports.services.atlassian.com/expect-ct-report/global-proxy\", enforce, max-age=86400"},"request":{"uri":{"protocol":"https:","slashes":true,"auth":null,"host":"my-project.atlassian.net","port":443,"hostname":"my-project.atlassian.net","hash":null,"search":null,"query":null,"pathname":"/rest/api/2/status","path":"/rest/api/2/status","href":"https://my-project.atlassian.net/rest/api/2/status"},"method":"GET","headers":{"authorization":"Basic somestringthatwasherebutshouldntbepublicmaybe=","accept":"application/json"}}}
@walidvb walidvb added the question Further information is requested label May 28, 2020
@walidvb walidvb changed the title issue: your_title_here Authenticating via password should be deprecated May 28, 2020
@gioboa
Copy link
Owner

gioboa commented May 28, 2020
edited
Loading

Hi @walidvb,
if your Jira doesn't support basic authentication you can fill the password input with your user Jira token.
Basic authentication is supported for old Jira versions. 👍

@walidvb
Copy link
Author

walidvb commented May 28, 2020

My bad, I figured this would be for all JIRA users. thanks for your time and attention (maybe a mention to the url to create OAuth would be useful anyways!)
I'll let you close, as maintainer 🙏🏻

@walidvb walidvb closed this as completed May 28, 2020
@walidvb walidvb reopened this May 28, 2020
@gioboa
Copy link
Owner

gioboa commented May 28, 2020

Here I've mentioned about the token 👍

@gioboa gioboa closed this as completed May 28, 2020
@gioboa gioboa mentioned this issue Jul 1, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@gioboa gioboa

Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@walidvb @gioboa