Merge pull request #49 from blesenechal/feat/auth-oauth

Add bearer auth with JIRA Personal Access Token
pawelrychlik · Apr 22, 2024 · 6350fb7 · 6350fb7
2 parents 24d8b5c + 9c087f4
commit 6350fb7
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -105,7 +105,10 @@ Use it as a last-resort only, when other means of exclusion do not suit your cas
 
 ### Authentication
 
-It is possible to either use the username/password combination or to login via the browser passing in `--cookie <JSESSIONID>`. This logins via the browser and is useful in scenarios where Kerberos authentication is required.
+It is possible to either use:
+* the username/password combination
+* to login via a token passing in `--bearer <BEARER TOKEN>`. This allows to use a Personal Access Token generated in your JIRA profile (https://confluence.atlassian.com/enterprise/using-personal-access-tokens-1026032365.html)
+* to login via the browser passing in `--cookie <JSESSIONID>`. This logins via the browser and is useful in scenarios where Kerberos authentication is required.
 
 If you are using Atlassian Cloud, use your API token instead of your account password. You can generate one with the following steps:
 

diff --git a/jira-dependency-graph.py b/jira-dependency-graph.py
@@ -35,8 +35,10 @@ def get(self, uri, params={}):
         headers = {'Content-Type' : 'application/json'}
         url = self.url + uri
 
-        if isinstance(self.auth, str):
-            return requests.get(url, params=params, cookies={'JSESSIONID': self.auth}, headers=headers, verify=self.no_verify_ssl)
+        if isinstance(self.auth, dict):
+            headers_with_auth = headers.copy()
+            headers_with_auth.update(self.auth)
+            return requests.get(url, params=params, headers=headers_with_auth, verify=(not self.no_verify_ssl))
         else:
             return requests.get(url, params=params, auth=self.auth, headers=headers, verify=(not self.no_verify_ssl))
 
@@ -238,6 +240,7 @@ def parse_args():
     parser.add_argument('-u', '--user', dest='user', default=None, help='Username to access JIRA')
     parser.add_argument('-p', '--password', dest='password', default=None, help='Password to access JIRA')
     parser.add_argument('-c', '--cookie', dest='cookie', default=None, help='JSESSIONID session cookie value')
+    parser.add_argument('-b', '--bearer', dest='bearer', default=None, help='Bearer Token (Personal Access Token)')
     parser.add_argument('-N', '--no-auth', dest='no_auth', action='store_true', default=False, help='Use no authentication')
     parser.add_argument('-j', '--jira', dest='jira_url', default='http://jira.example.com', help='JIRA Base URL (with protocol)')
     parser.add_argument('-f', '--file', dest='image_file', default='issue_graph.png', help='Filename to write image to')
@@ -271,9 +274,12 @@ def append_unique(acc, item):
 def main():
     options = parse_args()
 
-    if options.cookie is not None:
+    if options.bearer is not None:
+        # Generate JIRA Personal Access Token and use --bearer=ABCDEF012345 commandline argument
+        auth = {'Authorization': 'Bearer ' + options.bearer}
+    elif options.cookie is not None:
         # Log in with browser and use --cookie=ABCDEF012345 commandline argument
-        auth = options.cookie
+        auth = {'JSESSIONID': options.cookie}
     elif options.no_auth is True:
         # Don't use authentication when it's not needed
         auth = None