|
| 1 | +# Example server with Flask demonstrating use of Jira OAuth 2.0. |
| 2 | +# Server needs to be deployed. Example code is requesting access token from |
| 3 | +# Jira. User has to grant access rights. After authorization the |
| 4 | +# token and Using access token, Jira cloud ID is identified and |
| 5 | +# the available projects are returned. |
| 6 | + |
| 7 | +from requests_oauthlib import OAuth2Session |
| 8 | +from atlassian.jira import Jira |
| 9 | +from flask import Flask, request, redirect, session |
| 10 | +import requests |
| 11 | + |
| 12 | +app = Flask(__name__) |
| 13 | +app.secret_key = "" |
| 14 | + |
| 15 | +# JIRA OAuth URLs |
| 16 | +authorization_base_url = "https://auth.atlassian.com/authorize" |
| 17 | +token_url = "https://auth.atlassian.com/oauth/token" |
| 18 | + |
| 19 | + |
| 20 | +# Create OAuth 2.0 Integration in Atlassian developer console |
| 21 | +# https://developer.atlassian.com/console/myapps/ |
| 22 | +# Click Authorization → “Configure” under OAuth 2.0 and |
| 23 | +# Enter callback url {server}/callback and save |
| 24 | +# Click “Permissions” and Add “Jira platform REST API” and other required permissions. |
| 25 | +# Click “Configure” under Jira platform REST API and Add permissions like |
| 26 | +# “View user profiles“, “View Jira issue data“ and “Create and manage issues” |
| 27 | +# Goto setting and copy client id and secret. |
| 28 | + |
| 29 | +client_id = "" |
| 30 | +client_secret = "" |
| 31 | +redirect_uri = "" # {server_url}/callback |
| 32 | + |
| 33 | + |
| 34 | +# 2. Redirect to Jira for authorization |
| 35 | +# The server request to {server_url}/login is redirected to Jira. |
| 36 | +# The user is asked to grant access permissions. |
| 37 | +@app.route("/login") |
| 38 | +def login(): |
| 39 | + scope = ["read:me", "read:jira-user", "read:jira-work"] |
| 40 | + audience = "api.atlassian.com" |
| 41 | + |
| 42 | + jira_oauth = OAuth2Session(client_id, scope=scope, redirect_uri=redirect_uri) |
| 43 | + authorization_url, state = jira_oauth.authorization_url( |
| 44 | + authorization_base_url, |
| 45 | + audience=audience, |
| 46 | + ) |
| 47 | + session["oauth_state"] = state |
| 48 | + return redirect(authorization_url) |
| 49 | + |
| 50 | + |
| 51 | +# 3. Jira redirects user to callback url with authorization code |
| 52 | +# This should be set to {server_url}/callback. |
| 53 | +# Access token is fetched using authorization code |
| 54 | +@app.route("/callback") |
| 55 | +def callback(): |
| 56 | + jira_oauth = OAuth2Session(client_id, state=session["oauth_state"], redirect_uri=redirect_uri) |
| 57 | + token_json = jira_oauth.fetch_token(token_url, client_secret=client_secret, authorization_response=request.url) |
| 58 | + return "Token: {}<p />Projects: {}".format(token_json, ", ".join(get_projects(token_json))) |
| 59 | + |
| 60 | + |
| 61 | +# 4. Access Token used for Jira Python API |
| 62 | +# Using access token, accessible resources are fetched and |
| 63 | +# First resource id is taken as jira cloud id, |
| 64 | +# Jira Client library is called with jira cloud id and token information. |
| 65 | +def get_projects(token_json): |
| 66 | + req = requests.get( |
| 67 | + "https://api.atlassian.com/oauth/token/accessible-resources", |
| 68 | + headers={ |
| 69 | + "Authorization": "Bearer {}".format(token_json["access_token"]), |
| 70 | + "Accept": "application/json", |
| 71 | + }, |
| 72 | + ) |
| 73 | + req.raise_for_status() |
| 74 | + resources = req.json() |
| 75 | + cloud_id = resources[0]["id"] |
| 76 | + |
| 77 | + oauth2_dict = { |
| 78 | + "client_id": client_id, |
| 79 | + "token": { |
| 80 | + "access_token": token_json["access_token"], |
| 81 | + "token_type": "Bearer", |
| 82 | + }, |
| 83 | + } |
| 84 | + jira = Jira(url="https://api.atlassian.com/ex/jira/{}".format(cloud_id), oauth2=oauth2_dict) |
| 85 | + return [project["name"] for project in jira.projects()] |
0 commit comments