JIRA Server v7.4.2
Confluence v6.2.3
I have CONNECTED Outgoing and Incoming OAuth authentications on both JIRA and Confluence. [images below]
I have administrator permissions in both JIRA and Confluence.
Our users go through SAML to sign in to JIRA and Confluence.
I am running the following script in the Script Console (Adaptavist ScriptRunner).
package examples.docs
import com.atlassian.jira.issue.Issue
import com.atlassian.applinks.api.ApplicationLink
import com.atlassian.applinks.api.ApplicationLinkService
import com.atlassian.applinks.api.application.confluence.ConfluenceApplicationType
import com.atlassian.sal.api.component.ComponentLocator
import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.sal.api.net.Request
import com.atlassian.sal.api.net.Response
import com.atlassian.sal.api.net.ResponseException
import com.atlassian.sal.api.net.ResponseHandler
import groovy.json.JsonBuilder
import org.apache.log4j.Logger
import org.apache.log4j.Level
def log = Logger.getLogger("com.acme.XXX")
log.setLevel(Level.DEBUG)
/**
* Retrieve the primary confluence application link
* @return confluence app link
*/
ApplicationLink getPrimaryConfluenceLink() {
def applicationLinkService = ComponentLocator.getComponent(ApplicationLinkService.class)
final ApplicationLink conflLink = applicationLinkService.getPrimaryApplicationLink(ConfluenceApplicationType.class);
conflLink
}
def issueManager = ComponentAccessor.getIssueManager()
Issue issue = issueManager.getIssueObject("ATW-30")
def confluenceLink = getPrimaryConfluenceLink()
assert confluenceLink // must have a working app link set up
def authenticatedRequestFactory = confluenceLink.createAuthenticatedRequestFactory()
// set the page title - this should be unique in the space or page creation will fail
def pageTitle = issue.key + " Discussion"
def pageBody = """<p> ${issue.summary}<p>
<p>${issue.description}</p>
Use this page to discuss the above...
"""
def params = [
type: "page",
title: pageTitle,
space: [
key: "TEST" // set the space key - or calculate it from the project or something
],
body: [
storage: [
value: pageBody,
representation: "storage"
]
]
]
authenticatedRequestFactory
.createRequest(Request.MethodType.POST, "rest/api/content")
.addHeader("Content-Type", "application/json")
.setRequestBody(new JsonBuilder(params).toString())
.execute(new ResponseHandler<Response>() {
@Override
void handle(Response response) throws ResponseException {
if(response.statusCode != HttpURLConnection.HTTP_OK) {
throw new Exception(response.getResponseBodyAsString())
}
}
})
This produces the following error:
2017-11-07 15:39:45,986 WARN [common.UserScriptEndpoint]: Script console script failed:
com.atlassian.applinks.api.CredentialsRequiredException: You do not have an authorized access token for the remote resource.
at com.atlassian.applinks.oauth.auth.ThreeLeggedOAuthRequestFactoryImpl.retrieveConsumerToken(ThreeLeggedOAuthRequestFactoryImpl.java:93)
at com.atlassian.applinks.oauth.auth.ThreeLeggedOAuthRequestFactoryImpl.createRequest(ThreeLeggedOAuthRequestFactoryImpl.java:86)
at com.atlassian.applinks.core.auth.ApplicationLinkRequestFactoryFactoryImpl$AbsoluteURLRequestFactory.createRequest(ApplicationLinkRequestFactoryFactoryImpl.java:180)
at com.atlassian.applinks.api.ApplicationLinkRequestFactory$createRequest.call(Unknown Source)
at examples.docs.Script70.run(Script70.groovy:66)
Two things I think could be problematic:
- Our users go through SAML to sign on to JIRA.
- The application links are OAuth, not OAuth Impersonation. I’m kind of confused about the difference – might I need to be using Impersonation?
Thank you for any assistance/guidance.
Evan