Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Source Jira: support oauth #6271

Closed
sherifnada opened this issue Sep 19, 2021 · 4 comments
Closed

Source Jira: support oauth #6271

sherifnada opened this issue Sep 19, 2021 · 4 comments
Labels
area/connectors Connector related issues area/oauth autoteam blocked connectors/source/jira connectors/sources-api team/connectors-python

Comments

@sherifnada
Copy link
Contributor

Tell us about the problem you're trying to solve

With the release of Airbyte Cloud, we need to start supporting Oauth for this connector, since it's the recommended way of authenticating users into a SaaS application.

If this connector doesn't support oauth already (i.e: doesn't accept a client_id and client_secret) then we need to update its spec to accept those parameters. I suggest that this be a oneof nested inside a top-level field called "authentication":

{ authentication: { type: object oneOf: [ // api key, // oauth ] } }

See the connector spec reference in the docs for reference on how a oneof can be implemented.

This should be done in a backwards compatible manner i.e: users currently supplying authentication info in the config's top-level should not be impacted by this change.

Acceptance Criteria

  1. The connector supports oauth webflow authentication with client_id/client_secret
  2. Oauth properties are annotated properly. See this PR for an example
@sherifnada sherifnada added area/oauth area/connectors Connector related issues labels Sep 19, 2021
@avida avida self-assigned this Oct 4, 2021
@avida
Copy link
Contributor

avida commented Oct 4, 2021
edited
Loading

Connector works on basic auth with email + API token as credentials, need to change code/spec file to work with Ouath.
For cloud:
Supports Oauth 2.0, to make request need to get cloudid over https://api.atlassian.com/oauth/token/accessible-resources call and use it to construct request https://api.atlassian.com/ex/jira/{cloudid}/{api} instead of https://your-domain.atlassian.net/{api}

  • No defined access token expiration, expire time is returned in "expires_in" field from /oauth/token respones
  • offline_access scope should be added to scopes to generate access tokn
  • Refresh token rotation:
    From 1st November 2021, all OAuth 2.0 integrations must use rotating refresh tokens. Each refresh token lives 30 days. Connector need to update refrsh token each time access_token generated with refresh_token grant type for oauth/token call

https://developer.atlassian.com/cloud/jira/platform/oauth-2-3lo-apps/

For server:
Need oauth_token, oauth_token_secret, consumer key and consumer secret (latest one is generated rsa private key) to work.
https://developer.atlassian.com/server/jira/platform/oauth/

@avida avida added the blocked label Oct 4, 2021
@avida
Copy link
Contributor

avida commented Oct 4, 2021

Blocked on #3990

@sherifnada
Copy link
Contributor Author

@avida removing assignment from you and removing from sprint until the blocker is resolved

@sherifnada sherifnada removed this from the Connectors, October 15th 2021 milestone Oct 14, 2021
@antixar antixar mentioned this issue Nov 5, 2021
Closed
@lazebnyi
Copy link
Collaborator

duplicate - https://app.zenhub.com/workspaces/python-connectors-6262f8b593bb82001df56c65/issues/gh/airbytehq/airbyte/7481

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/connectors Connector related issues area/oauth autoteam blocked connectors/source/jira connectors/sources-api team/connectors-python
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@bleonard @avida @sherifnada @lazebnyi @igrankova