Jira/Forge Project page with Custom UI asks for permissions every time

VladyslavKurmaz · July 29, 2022, 9:58am

Hi Dev Community!

I’ve created simple Jira Forge application with CustomUI using Google Charts library.

But every time, I activate application (click on it in browser) Jira asks me to allow access.
After successful confirmation I can see test chart, but when I switch to another page and move back - Jira asks for permission confirmation again (console log has no errors).

Am I missing some tweaks in manifest file?
Thanks in advance.

Please find below link to the repository with forge app and reproducible issue

ccurti · August 1, 2022, 4:09am

Hi @VladyslavKurmaz,

Welcome to the Atlassian developer community.

I just tried to reproduce the problem but, in my tests, after allowing access the first time and seeing the chart, I don’t get the request to allow access anymore regardless of what I try.

Here is a screenshot showing, for reference, the allow access (also called consent screen) showing the request to www.gstatic.com domain for the data egress:

One thing to check is if the app appears under the “Connected apps” here: Atlassian account. It should if the consent was successful, maybe you could try to remove it from there and re-consent to the app to see if that resolves the problem.

Or maybe there is a specific sequence of steps which leads to this problem and you can share them with us.

Thanks,
Caterina

VladyslavKurmaz · August 3, 2022, 8:31am

Hi Caterina.
Thanks a lot for the quick response.
…
This is what I did:

Revoke access to the application

011314×948 94.6 KB
Open application and confirm consent link

021066×1274 61.9 KB
Unfortunately, behaviour of the system didn’t change - every time I click on application link - I have to confirm consent request.
…
But then, I installed test application from my original post

032004×1332 180 KB

and after that my first application started work as expected and test application asks consent confirmation every time. Looks like issue jump from one application to another
After that I uninstalled second (test) application and my initial application works fine.
I did this exercise three times - behaviour is the same.
…
Could someone with SaaS admin right check my account and/or application/deployment.
This is link to the application with corresponding GUIDs in it
Log in with Atlassian account
…
Thanks in advance.

ccurti · August 4, 2022, 6:51am

Hi @VladyslavKurmaz,

I’ve checked with the Forge team and this might be a known ongoing issue.

Would you be able to update the app with a major version upgrade and do a deploy and upgrade of such new major version and confirm if that resolves the problem?
Here are the changes that would cause a major version:
https://developer.atlassian.com/platform/forge/environments-and-versions/#major-upgrades
The most common one is a scope change one and you could just do a “dummy change” (e.g. by adding a scope that is not needed) to trigger that.

By the way, we can’t simply access sites. That requires consent from the site admin and it can only be granted when there is an active customer support ticket.

Let’s see how the test above goes and, if that doesn’t happen, we can have a look at getting access.

Thanks,
Caterina

VladyslavKurmaz · August 13, 2022, 5:48pm

Hi @ccurti ,

Unfortunately, I was not able to fix this issue for my app.
This is what I did:

created new forge app from scratch (jira-project-page)
made no changes, built app, deployed and installed into my JIra tenant
confirmed that “hello world” app works as expected
added react-google-charts into package.json and updated nested app and manifest

import React, { useEffect, useState } from 'react';
import { Chart } from "react-google-charts";

const chartData = [
  ["Task", "Hours per Day"],
  ["Work", 11],
  ["Eat", 2],
  ["Commute", 2],
  ["Watch TV", 2],
  ["Sleep", 7],
];

const chartOptions = {
  title: "My Daily Activities",
};

function App() {
  return (
    <Chart
      chartType="PieChart"
      data={chartData}
      options={chartOptions}
      width={"100%"}
      height={"400px"}
    />
  );
}
export default App;

modules:
  jira:projectPage:
    - key: ttb-exit-interview-project-page
      resource: main
      resolver:
        function: resolver
      title: TTB Exit Interview
  function:
    - key: resolver
      handler: index.handler

permissions:
  content:
    styles:
      - 'unsafe-inline'
    scripts:
      - 'unsafe-hashes'
      - 'unsafe-inline'
  external:
    scripts:
      - 'https://www.gstatic.com'
    styles:
      - 'https://www.gstatic.com'

resources:
  - key: main
    path: static/app/build
app:
  id: ari:cloud:ecosystem::app/39d52f71-1b83-4f25-bcc9-21e8e01c78f5

than I tried to install an app with --upgrade option, but got an error

Screenshot 2022-08-13 at 20.22.112338×604 58.6 KB
after that I ran deploy & install commands again, confirm consent link
and after this, I was able to see test chart
but when I opened app page again, I had to confirm consent link every single time

Screenshot 2022-08-13 at 20.23.561410×412 22 KB

…
I’m pretty sure, if someone can create new dev account, new Jira tenant and install application from Github (from initial post) the issue can be easily confirmed.
I’m doing just basic things based on documentation.

VladyslavKurmaz · September 9, 2022, 10:57am

I also found the same behaviour with font permissions

permissions:
  external:
    fonts:
      - "https://fonts.gstatic.com/"

Consent link has to be confirmed every time I open forge app.
This is fresh forge app created from scratch.

ShobhitSharma · September 23, 2022, 9:26am

Hi VladyslavKurmaz,

This issue sounds related to the “repeated consent prompt” problem where user consent was only “refreshed” if you reloaded the page. So navigating within the product before returning to the original page still had the old data from before the user provided consent.

This issue has recently been fixed and the fix was deployed earlier in the week which should be available in Jira Cloud from build JF-PROD-30504 onwards. If you could check the value of window.BUILD_KEY in your browser console then try to reproduce the issue that would be really helpful. If the build is newer than JF-PROD-30504 and the issue persists then we will need to continue our investigation.

Thanks!