Forge Custom UI Consent Screen not shown any more and app gets stuck in loading screen

Shridhar · October 11, 2023, 2:59pm

Hi,
I have a free and Open source Marketplace app developed and is working fine since an year. But recently it stopped working and after debugging I identified that the issue is with oAuth authentication itself:

Technical Details about the app:

App is a React based app and is built using CRA.
The APP is available as Web, Browser Extension and Jira Cloud Forge app as well.
The app is using @forge/bridge library and following code for calling Jira API.import { requestJira } from ‘@forge/bridge’;await requestJira(‘/rest/api/2/myself’, { method:‘GET’ });
The above API is just a sample. However it is failing for any API calls.
I had came across the following article and I am currently not participating in this Preview feature. However I tried setting features.autoUserConsent to true to see if that solves the issue and it doesn’t: https://developer.atlassian.com/platform/forge/simplified-user-consent/
I have attached some screenshots of API response and console error log handled by my application. I also tried to debug the flow inside requestJira method and attached screenshot of that screen as well.

Expected Behavior:

If a new user visits the app for the first time, when the first API call happens, the user would be prompted with the Consent screen to accept OAuth authentication.
Once the user accepts it, the application works fine.

Current behavior:

It continues to work for existing users who has already authenticated.
If a new user visits the app for the first time, the consent screen is not showing up and call to requestJira() is also not failing in most of the cases. So the app keeps waiting for the promise to resolve from the requestJira() function call and the app is stuck in the loading screen for ever.

How to reproduce

If you are using any forge based Jira Cloud app, just deauthorize yourself and try using the app. I believe it should break if my assumption is correct.

And this behavior is not just impacting this application or single instance of Jira. The company where I work for has a separate app built for internal use case and I tried to deauthorize myself from that app and now that is also not working. So I assume this issue is a global issue which started happening recently. But as I don’t see any questions related to this in community, was not very sure if I’m missing something.

The Web App and Browser extension version of same app which supports 3 different types of authentication which includes oAuth as well is working fine without any issues. Its just with this Forge App I am facing this issue.

Any insights are greatly appreciated. Thanks in advance.

Here are the mentioned screenshots:

I couldn’t add other images due to limitation in the count of media items I can add.

Regards,
Shridhar
https://jiraassistant.com/

AdamMoore · October 11, 2023, 7:37pm

Hey Shridar, did you say you were going to attach some screenshots? Which extension point are you using?

I’ve tested a few of my Jira cloud apps and de-authing and re-authing myself is working fine so I don’t think it’s affecting every app.

We have had some similar reports to yours though so we’re investigating what the cause might be. Any other details you can provide would be great.

ccurti · October 12, 2023, 12:31am

Hi @Shridhar,

A fix has been deployed and the consent screen should now appear for the app.

Please be aware that with the current fix, the app will be loaded as well below the consent screen. This is a temporary measure to allow users to be able to consent, a full solution to revert to the previous and expected behavior is being worked on.

Thank you for your patience,
Caterina

Shridhar · October 12, 2023, 4:42am

Hi @AdamMoore, Thank you for reaching out to me. Apologies I missed the images. However I have also raised a support ticket and there I have attached the images.

It was my assumption that I told it could be issue with all the apps. The assumption was due to the fact that I have been using a different app which is private to my company and that too was broken yesterday with similar behavior. Hence I felt it could be a global issue.

Now I see the fix provided is working and so I hope you must have already got the required details. Thank you all for your prompt response to the incident.

hannes-finesoftware · October 12, 2023, 10:18am

Hi @ccurti @AdamMoore, I can confirm the @Shridhar’s bug report for my app, and can also confirm that the current fix works. Looking forward to the final solution / revert.

For future reference, what was happening is that at the moment when the app does the first request via @forge/bridge, a GraphQL is performed but returns a MutationError with message No Atlassian OAuth token found for this user and extension, and the app blows up into some odd error state.

Best, Hannes