Below is python test code to login jira using username and password and it works fine.
from jira import JIRA
jira = JIRA('http://xxx')
jira = JIRA(basic_auth=('username','password'),options={'server': 'http://xxx'})
issue = jira.issue('XXXX-762')
print "For task", issue,", summary is-", issue.fields.summary
Now I require to log in jira without using password.
can anyone help?
Aim of this is to hide the password in general script and also make the script independent of jira password expiry.
Jira version used: JIRA v7.5.2
Thank you.
If I understand correctly, you're wanting to obfuscate the password inside of the script? If so, this is not really a JIRA/python problem. The easiest is to base64 encode the password beforehand and then just use:
jira = JIRA(basic_auth=('username',base64.b64decode("<encrypted_password")),options={'server': 'http://xxx'})
This, of course, doesn't fully protect you but at least makes it much less obvious.
You can work with your Jira administrator to set up OAuth for authentication for your script instead of basic auth, which would eliminate the need for a password. It requires considerable setup to get it working, but would ultimately serve your needs.
Here is an overview from Atlassian on how the overall process works: https://developer.atlassian.com/cloud/jira/platform/jira-rest-api-oauth-authentication/
Here is a link to the Atlassian repository for examples on setting up OAuth including an example in Python: https://bitbucket.org/atlassian_tutorial/atlassian-oauth-examples/overview
I just set the password in an environment variable and have the script read it.
from jira import JIRA
jira_user = os.environ.get("JIRA_USERNAME", None)
jira_password = os.environ.get("JIRA_PASSWORD", None)
jira_server = {'server': "https://jiraserver.url"}
jira = JIRA(options=jira_server, basic_auth=(jira_user, jira_password))
Related
I can see the Service Account usage out of gcloud CLI by doing as such:
gcloud policy-intelligence query-activity --activity-type=serviceAccountKeyLastAuthentication --project=<project_name>
I would like to replicate this in a python script..
I am attempting to this do this but I am not sure how to authenticate, and I am getting a 401 error, despite having enabled the API. I am following this documentation. https://cloud.google.com/policy-intelligence/docs/activity-analyzer-service-account-authentication#iam-get-service-account-key-id-rest
import requests
r = requests.get(f"https://policyanalyzer.googleapis.com/v1/projects/{self.project_id}/locations/global/activityTypes/serviceAccountKeyLastAuthentication/activities:query?filter=activities.full_resource_name%3D%22%2F%2Fiam.googleapis.com%2Fprojects%2F{self.project_id}%2FserviceAccounts%2F{self.sa_email}%2Fkeys%2F{self.key_id}%22"
Is there some way I need to authenticate my request call? The rest of the script I am using the python client libraries using discovery.build and authenticating as such:
credentials, project = google.auth.default()
self.crm = discovery.build("cloudresourcemanager", "v3", credentials=credentials)
There does not seem to be a "policy analyzer" python library, so I am not sure on next steps.
The end goal is to see the last key authentication time of every service account key in the organization.
Thanks!
You may check this link for the sample Python code
Do note that the feature is still in preview and does not have a Python client for the same yet. The gcloud cli and REST is the way of accessing this feature programmatically.
Take a look at the python example shown towards the bottom of the page here:
https://cloud.google.com/iam/docs/reference/rest/v1/projects.serviceAccounts.keys/list
It shows how to get application default credentials used to pass in the client. You could accomplish the same with http requests, but that example above should help.
Also, looking at the original curl request, if you decode the filter to unicode it should be:
activities.full_resource_name="//iam.googleapis.com/projects/PROJECT_ID/serviceAccounts/SERVICE_ACCOUNT_EMAIL/keys/KEY_ID"
Assuming you got it from the sample [curl][1] request.
[1]: https://cloud.google.com/policy-intelligence/docs/activity-analyzer-service-account-authentication#view-recent-specific-key
I'm trying to send the currently logged-in user in a Post-Request to a REST-Endpoint when the issue is assigned. I set up a project automation with a ScriptRunner Script.
According to several sources (see below) the following should do the magic.
import com.atlassian.jira.component.ComponentAccessor
def user = ComponentAccessor.getJiraAuthenticationContext().getLoggedInUser()
This snippet works, but it's always my user, that is sent. Doesn't matter if I'm logged in or my colleague. What am I missing?
The same problem occurs when I use the built-in field currentUser.
Sources:
https://community.atlassian.com/t5/Jira-questions/How-to-get-current-user-in-jira-application/qaq-p/818002
https://scriptrunner.adaptavist.com/5.2.1/jira/recipes/behaviours/scripted-conditions.html
https://innovalog.atlassian.net/wiki/spaces/JMWE/pages/138353228/Getting+the+current+user+-+Groovy
I am trying to do basic authentication with the help of Python-jira and written the following code
from jira import JIRA
SERVER="https://jira.company.com"
user = user#company.com
apikey='api_token'
class create_issue:
def check_authentication(self):
print("inside the check authentication method#######")
jira = JIRA(options, basic_auth=(user, apikey)) # username is email-ID and apikey is the JIRA api-token
ci= create_issue()
ci.check_authentication()
I am getting following error
WARNING:root:Got recoverable error from GET https://jira.company.com/rest/api/2/serverInfo, will retry [1/3] in 13.772170596345521s. Err: 401
Earlier tried with deprecated username and password, later changed to api_key instead of password. But still getting the issue. Can anybody help on this. When I use the same authentication using the website it is working.
Thanks,
Punith
Their documentation indicates that you should be using a username and password when using basic auth, not an apikey.
https://developer.atlassian.com/server/jira/platform/basic-authentication/
Stick to something simple to make sure it works, before introducing classes.
from jira import JIRA
SERVER="https://jira.company.com"
user = "username"
password = "password"
jira = JIRA(SERVER, basic_auth=(user, password))
I'm trying to download some files from behind a SSO (Single Sign-On) site. It seems to be SAML authenticated, that's where I'm stuck. Once authenticated I'll be able to perform API requests that return JSON, so no need to interpret/scrape.
Not really sure how to deal with that in mechanicalsoup (and relatively unfamiliar with web-programming in general), help would be much appreciated.
Here's what I've got so far:
import mechanicalsoup
from getpass import getpass
import json
login_url = ...
br = mechanicalsoup.StatefulBrowser()
response = br.open(login_url)
if verbose: print(response)
# provide the username + password
br.select_form('form[id="loginForm"]')
print(br.get_current_form().print_summary()) # Just to see what's there.
br['UserName'] = input('Email: ')
br['Password'] = getpass()
response = br.submit_selected().text
if verbose: print(response)
At this point I get a page telling me javascript is disabled and that I must click submit to continue. So I do:
br.select_form()
response = br.submit_selected().text
if verbose: print(response)
That's where I get a complaint about state information being lost.
Output:
<h2>State information lost</h2>
State information lost, and no way to restart the request<h3>Suggestions for resolving this problem:</h3><ul><li>Go back to the previous page and try again.</li><li>Close the web browser, and try again.</li></ul><h3>This error may be caused by:</h3><ul><li>Using the back and forward buttons in the web browser.</li><li>Opened the web browser with tabs saved from the previous session.</li><li>Cookies may be disabled in the web browser.</li></ul>
The only hits I've found on scraping behind SAML logins are all going with a selenium approach (and sometimes dropping down to requests).
Is this possible with mechanicalsoup?
My situation turned out to require Javascript for login. My original question about getting into SAML auth was not the true environment. So this question has not truly been answered.
Thanks to #Daniel Hemberger for helping me figure that out in the comments.
In this situation MechanicalSoup is not the correct tool (due to Javascript) and I ended up using selenium to get through authenication then using requests.
I started learning Cucumber (Behavior Driven Testing Framework) and based on certain videos and some reading, I understood that Cucumber will auto generate a skeleton code for the step definitions, defined in feature file. However, I do not see any test being executed or any code being generated. My project setup is as below
Project
----src/main/java/testrunner/MyTestRunner.java
----src/main/resources/feature/dailyroutine.feature
Feature file is looking like below
Feature: Test Facebook smoke Scenario
Scenario: Test with valid credentails
Given: Open firefox and start application
When: when I enter with valid username and password
Then: I should be able to login into Facebook Homepage
TestRunner is as below
package testrunner;
import org.junit.runner.RunWith;
import cucumber.api.CucumberOptions;
import cucumber.api.junit.Cucumber;
#RunWith(Cucumber.class)
#CucumberOptions(features ={"src/main/resources/feature/dailyroutine.feature"},
dryRun=true,
strict=true,
monochrome=true)
public class MyTestRunner {
}
When I run the TestRunner as JUnit I'm getting
0 Scenarios
0 Steps
0m0.000s
What is the mistake I'm doing
I would like to propose an alternative feature file scenario steps
Feature Test Facebook smoke Scenario
Scenario Success login with valid credentails
Given Using the browser "firefox"
And Username is "myUsername" with Password "myPassword"
When Submit login request
Then Successfully logged in to Facebook
The problem could be how the feature file is worded, namely the extra colons for the Given, When and Then.
I've also made changes to how the feature file has been written, in order to better inform the reader about what the test is trying to achieve - as the #1 thing that Behaviour Driven Development (and the frameworks for it) focus on is communication between the development team and the business.
Feature: Logging into Facebook...
Scenario: with valid credentials
Given I navigate to "Facebook"
When I log in with my valid login details
Then I should be able to see my newsfeed
There may be other issues, but for the time being, the colons are the issue that sticks out to me
Edit
I should have read the comments section, because this was solved 2 days before this answer
Remove the colon (:) after the keywords (Given, When, etc) in your feature file.