XSRF error - JIRA 10 Upgrade (403 error)

Hello everyone,
The below is the code i am trying to make the API work.
I went throught the below community link also.

I tried above, but then I was still getting 403 error as well as “XSRF check failed” . Then I tried doing below one by importing @XsrfProtectionExcluded.
I have written below line

import com.atlassian.annotations.security.XsrfProtectionExcluded;


//and main code is like this
@Api(value = "TestCase File Import Resource API(s)", description = "Following section describes the rest resources pertaining to IssueImporterResouece")
@Path("importer")
//@AnonymousAllowed
//@ResourceFilters(ZFJApiFilter.class)
@UnrestrictedAccess
@ZSFilterNameBinding
@UnlicensedSiteAccess
@XsrfProtectionExcluded
public class IssueImporterResource {

and below is the pom, still it is not able to detect the library i guess.
Am i doing it correctly or is someother way to do the above step?
I am using Java 17

<dependency>
            <groupId>com.atlassian.annotations</groupId>
            <artifactId>atlassian-annotations</artifactId>
            <version>5.0.1</version>
            <scope>provided</scope>
        </dependency>

Below is the maven dependency that i used
https://mvnrepository.com/artifact/com.atlassian.annotations/atlassian-annotations/5.0.1

Is the solution that i am trying correct or is there any other way to make it work?
Please guide me through the correct solution please. I have been stuck from last 5 days.
Java -17
Jira 10

Below is the function that I am trying to call.

@Produces(MediaType.APPLICATION_JSON)
	@Consumes(MediaType.MULTIPART_FORM_DATA)
	@Path("/fieldMapping")
	@POST
	public Response extractIssueMapping(@Context HttpServletRequest request) {

		Response authRes = handleAuthRes();
		if (authRes != null) return authRes;
		if (ZephyrUtil.CheckMemoryUsage(authContext)) return JiraUtil.buildErrorResponse(Status.SERVICE_UNAVAILABLE, null,
				authContext.getI18nHelper().getText("zephyr-je.service.temporary.unavailable.message")
				, null);
		Map<String, String> mapping = null;
		try {
			mapping = issueImportResourceDelegate.extractIssueMapping(request);
		} catch (Exception e) {
			return JiraUtil.buildErrorResponse(Response.Status.BAD_REQUEST, null, e.getMessage(), null);
		}
		return Response.status(Status.OK).entity(mapping).build();
	}

Below is the error I am getting

image1626×334 35 KB

image2698×422 54.1 KB

Hi @RaghunandanTata

W have used the @AnonymousSiteAccess annotation, which replaces the previous @AnonymousAllowed annotation (you have commented). You can find more details about this change in the link below:

Preparing for Secure Endpoints

Additionally, we encountered the exact same situation as you, and implementing the @AnonymousSiteAccess annotation has successfully resolved the issue for us.

It might be a good idea to test the annotations one by one.

Fabien

Nota bene : This post is a duplicate of the following one <component> not working in spring

Some good information about XSRF here : https://developer.atlassian.com/server/framework/atlassian-sdk/atlassian-rest-api-design-guidelines-version-1/#cross-site-request-forgery

Hi
Do you know any ways which don’t need to use @XsrfProtectionExcluded?
I am curious how FE can get XSRF token and how FE can send it to BE inside request.

Thanks,
cc @FabienPenchenat