String response1A = restClients.authenticatedAs(hostUser).getForObject(“/wiki/rest/api/space/”, String.class); // sorry actually the base Url is already present in hostUser so removed now.
The code above receives the Error as: 403 Forbidden
Yes in app descriptor file,
“scopes”: [“READ”, “WRITE”, “ACT_AS_USER”]
Add-On or Plugin is installed in Jira ( Spring Boot Connect App)
UserController Class:
@RequestMapping(value = "/cidiControl", method = RequestMethod.GET)
public String cidiControl(@AuthenticationPrincipal AtlassianHostUser hostUser,
@ModelAttribute("mychoice") SelectChoice mychoice, Model model) {
**result = CliSatSer.getCidiMethod(hostUser, projectChosen);** // passing hostUser to Service Class and then to @Async method where executes the RestApis in threads.
model.addAttribute("CIDI_Data", result);
return "cidiView";
}
I haven’t personally experienced this error in relation to the base URL.
For the hostUser object, have you inspected the accountID if it corresponds to the user you want to impersonate (assuming it is xyzrom@senecaglobal.com based on your basic auth example)?
EDIT:
Also, have you tried restClients.authenticatedAsHostActor().getForObject()?
To personally test it, I tried doing a basic app right now that uses postInstallPage module. Clicking the Getting started button, I called this method and was able to get the expected response
Checking your screenshot, I noticed that the productType is Jira even if what you’re trying to do is a Confluence app. Your error might have something to do with the incorrect productType and possibly baseUrl.
Checking my AtlassianHostUser I got the following (notice the trailing /wiki in the baseUrl and productType which is different from yours)
I cannot see any glaring issue on the code snippet you provided. In order to have the same base code and progress the investigation, kindly share a repository of the app wherein you can hit the current error. It need not be the app with all the functionalities, just enough to run it and replicate the issue.
Thanks, @ramjeevan.tadi, the repo made it much easier to debug. I changed two things to make the code work:
Remove PROJECT_ADMIN scope in your descriptor file. It is not a valid Confluence scope. Based on testing this caused the status 500 you mentioned.
Once #1 is fixed, I am experiencing some thymeleaf related exceptions in your cidiControl mapping. To progress, I changed @Controller to @RestController in UserController.
These two changes worked for me. I didn’t do any PRs but these changes are pretty straight forward to do.
Followed the steps 1 and 2 in the source code and got the response data.
However, the requirement is like, the app will be installed in Jira domain and using Jira credentials, will call Confluence cloud REST APIs.
Still says : 403 Forbidden when tried the req. above
Is it a Cross Domain Resource Sharing issue?
As you said, may be the issue is with productType, OAuthID and baseUrl are different for call Confluence APIs.
Any workaround installing apps both in Jira and Confluence, making calls or any settings in Confluence need to be check?