The Applink API is a mature tech, but I can’t find much info on it anymore, as if everyone knew how to use it correctly. So I’m both using this question to gather some info, and to ask why is the getAuthorizationURI() always null and why is CredentialsRequiredException never thrown.
- Confluence and Jira are both set up with “Same set of usernames” and “I am admin on both instances”. It means the link is created as “OAuth with impersonation”. I don’t know yet how it behaves the other settings.
- For each case below, I perform the request with a logged-in user on the Confluence side, using a REST call to a Jira resource that I’ve created, which has the @AllowAnonymous annotation, and I check which username is logged in on the Jira side.
- It doesn’t matter whether we use request.executeAndReturn(), request.execute() or request.execute(handler).
- Confluence 6.6.14.
Using the “admin” user in Confluence:
- createAuthenticatedRequestFactory(): the login “admin” in Confluence -> the user in Jira is “admin” (obvious),
- createImpersonatingAuthenticatedRequestFactory(): “admin” in Confluence -> “admin” in Jira,
- createNonImpersonatingAuthenticatedRequestFactory(): “admin” in Confluence -> not logged in Jira (anonymous).
Now with a user “test” that exists in Jira, but is not administrator on either instances:
- createAuthenticatedRequestFactory(): “test” in Confluence -> “test” in Jira,
- createImpersonatingAuthenticatedRequestFactory(): “test” in Confluence -> “test” in Jira.
- createNonImpersonatingAuthenticatedRequestFactory(): “test” in Confluence -> anonymous in Jira.
- requestFactory.getAuthorisationURI() always returns null,
- CredentialsRequiredException is never thrown.
Now with a user “test2” that doesn’t exist in Jira:
- createAuthenticatedRequestFactory(): “test2” in Confluence -> anonymous in Jira,
- createImpersonatingAuthenticatedRequestFactory(): “test2” in Confluence -> anonymous in Jira.
- createNonImpersonatingAuthenticatedRequestFactory(): “test2” in Confluence -> anonymous in Jira.
- requestFactory.getAuthorisationURI() always returns null,
- CredentialsRequiredException is never thrown.
Now with any user (admin or not) and Applinks configured as OAuth (simple, without impersonation):
- createAuthenticatedRequestFactory(): logged in Confluence -> CredentialsRequiredException when doing the request in Jira. Also, getAuthorisationURI() returns a URL before sending the request. When authorized, Jira uses whatever user they used (“test” in Confluence can be mapped with “test3” in Jira).
- createImpersonatingAuthenticatedRequestFactory(): Same as above - CredentialsRequiredException and “test” in Confluence -> “test3” in Jira.
- createNonImpersonatingAuthenticatedRequestFactory(): Logged in Confluence -> Anonymous in Jira and no request for log in. getAuthorisationURI() returns null, so it won’t even try to log in.
Question: Why are my users “test” and “test2” in the first section always anonymous in Jira? I thought OAuth would return an authorizationURI so we could ask the user to log in/update their tokens?