Skip to content
This repository was archived by the owner on Sep 21, 2023. It is now read-only.

Add OAuth support for JIRA#16

Merged
MorganEPatch merged 2 commits into
coreos:masterfrom
MorganEPatch:jira-oauth
Aug 11, 2017
Merged

Add OAuth support for JIRA#16
MorganEPatch merged 2 commits into
coreos:masterfrom
MorganEPatch:jira-oauth

Conversation

@MorganEPatch

Copy link
Copy Markdown
Contributor

Depends on #15.

If a JIRA username or password are provided, Basic Authentication is still used, but otherwise, OAuth is used. If an access token is provided in the configuration file, it is used; otherwise, a token is requested via OAuth handshake, which requires that the consumer secret and private key be provided in the configuration file. The access token is saved in the config file at the end.

@squat

@MorganEPatch MorganEPatch self-assigned this Aug 7, 2017
@MorganEPatch

Copy link
Copy Markdown
Contributor Author

Step 1 of this document contains all the information on setting up your consumer secret and private key.

https://developer.atlassian.com/cloud/jira/platform/jira-rest-api-oauth-authentication/

@MorganEPatch MorganEPatch mentioned this pull request Aug 10, 2017

@squat squat left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks very good. Just a few small points.

Comment thread cli/oauth.go Outdated
// getJIRAHTTPClient obtains an access token (either from configuration
// or from an OAuth handshake) and creates an HTTP client that uses the
// token, which can be used to configure a JIRA client.
func getJIRAHTTPClient(config cfg.Config) (*http.Client, error) {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This creates a new Jira HTTP client, right? Let's call the the func newJiraHTTPClient. In general, Go does not use getters. Typically, either a struct is accessible as a field or we create a new struct.

Comment thread cli/oauth.go Outdated
// getOauthConfig parses a private key and consumer key from the
// configuration, and creates an OAuth configuration which can
// be used to begin a handshake.
func getOauthConfig(config cfg.Config) (oauth1.Config, error) {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same here, this should really just be called func oauthConfig(...) or func newOauthConfig(...)

Comment thread cli/jira.go Outdated
}
client.Authentication.SetBasicAuth(config.GetConfigString("jira-user"), config.GetConfigString("jira-pass"))

if config.GetConfigString("jira-user") != "" || config.GetConfigString("jira-pass") != "" {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a little funny because it's checking the opposite of line 59. Looks like this should really be an else clause. It will require a little reformatting and will require you to have two:

client, err := jira.NewClient(...)

but I think it is a little easier to read. At the end of the day, both of the approaches will be equally performant, but I think this one will be more maintainable.

Comment thread cfg/config.go

jPass := c.cmdConfig.GetString("jira-pass")
if jPass == "" {
fmt.Print("Enter your JIRA password: ")

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

huh funny, fmt.Print is almost never used. I had to double check that it was a real func.

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Really? That's how I've always done asking for input in a CLI program. Is it usually done differently in Go?

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nono, just that normally people use fmt.Println or fmt.Printf, but simply Print gets relatively little use.

Comment thread cfg/config.go Outdated
return errors.New("JIRA access token secret required")
}

c.log.Debug("Using OAuth; will perform handshake")

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The handshake is not performed here, so I think this debug statement might be a little confusing when you're actually digging through oauth problems.

@squat squat left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great! three small nits and we can merge.

Comment thread cfg/config.go Outdated
fmt.Print("Enter your JIRA password: ")
bytePass, err := terminal.ReadPassword(int(syscall.Stdin))
if err != nil {
return errors.New("Jira password required")

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All caps JIRA for consistency

Comment thread lib/clients/oauth.go Outdated
"github.com/dghubble/oauth1"
)

// getJIRAHTTPClient obtains an access token (either from configuration

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please update this comment func name.

Comment thread lib/clients/oauth.go Outdated
return oauthConfig.Client(ctx, tok), nil
}

// getOauthConfig parses a private key and consumer key from the

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

update the func name in the comment.

@MorganEPatch

Copy link
Copy Markdown
Contributor Author

@squat Fixed.

If a JIRA username or password are provided, both are necessary
and Basic Authentication is used. If neither are provided, OAuth
is used instead. If an access token and secret are stored in the
config file, they're used and a client is created. Otherwise,
creating the JIRA client initiates an OAuth handshake. In both
cases, the consumer secret and private key filename must be stored
in the configuration file.
@MorganEPatch MorganEPatch merged commit ea74c32 into coreos:master Aug 11, 2017
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants