diff --git a/README.md b/README.md index 28a16856..264b9fa9 100644 --- a/README.md +++ b/README.md @@ -94,6 +94,22 @@ Follow the [installation guide](https://github.com/ankitpokhrel/jira-cli/wiki/In 2. Run `jira init`, select installation type as `Cloud`, and provide required details to generate a config file required for the tool. +#### Cloud server where PAT or OAuth is unavailable + +Some tenants have disabled or restricted the ability to create personal Jira API tokens / OAuth credentials. In these cases, you can fall back to the browser session cookie `tenant.session.token`. Note that this cookie usually expires in about 24 hours, so you will need to refresh it periodically. + +1. Log in to Jira with your browser. Open the developer tools (Application/Storage tab) and find the cookie value for `tenant.session.token`. Then set the environment variable `JIRA_API_TOKEN` to that value. + +```sh +export JIRA_API_TOKEN=ey.. +``` + +2. Bootstrap your CLI + +```sh +jira init --installation cloud --server https://.atlassian.net --auth-type cookie --project ABC +``` + #### On-premise installation 1. Export required environment variables: @@ -119,9 +135,10 @@ See [FAQs](https://github.com/ankitpokhrel/jira-cli/discussions/categories/faqs) #### Authentication types -The tool supports `basic`, `bearer` (Personal Access Token), and `mtls` (Client Certificates) authentication types. Basic auth is used by +The tool supports `basic`, `cookie` (browser session), `bearer` (Personal Access Token), and `mtls` (Client Certificates) authentication types. Basic auth is used by default. +* If you want to use a browser session cookie, set `--auth-type cookie` (or `JIRA_AUTH_TYPE=cookie`) and set `JIRA_API_TOKEN` to the value of `tenant.session.token`. * If you want to use PAT, you need to set `JIRA_AUTH_TYPE` as `bearer`. * If you want to use `mtls` run `jira init`. Select installation type `Local`, and then select authentication type as `mtls`. * In case `JIRA_API_TOKEN` variable is set it will be used together with `mtls`. diff --git a/internal/cmd/init/init.go b/internal/cmd/init/init.go index 74411226..1ee85d38 100644 --- a/internal/cmd/init/init.go +++ b/internal/cmd/init/init.go @@ -40,7 +40,7 @@ func NewCmdInit() *cobra.Command { cmd.Flags().String("installation", "", "Is this a 'cloud' or 'local' jira installation?") cmd.Flags().String("server", "", "Link to your jira server") cmd.Flags().String("login", "", "Jira login username or email based on your setup") - cmd.Flags().String("auth-type", "", "Authentication type can be basic, bearer or mtls") + cmd.Flags().String("auth-type", "", "Authentication type can be basic, cookie, bearer or mtls") cmd.Flags().String("project", "", "Your default project key") cmd.Flags().String("board", "", "Name of your default board in the project") cmd.Flags().Bool("force", false, "Forcefully override existing config if it exists") diff --git a/internal/config/generator.go b/internal/config/generator.go index 54396d05..492ca1b4 100644 --- a/internal/config/generator.go +++ b/internal/config/generator.go @@ -229,10 +229,11 @@ func (c *JiraCLIConfigGenerator) configureLocalAuthType() error { if c.usrCfg.AuthType == "" { qs := &survey.Select{ Message: "Authentication type:", - Help: `Authentication type coud be: basic (login), bearer (PAT) or mtls (client certs) + Help: `Authentication type could be: basic (login), cookie (browser session), bearer (PAT) or mtls (client certs) ? If you are using your login credentials, the auth type is probably 'basic' (most common for local installation) +? If you are using a browser session cookie, choose 'cookie' ? If you are using a personal access token, the auth type is probably 'bearer'`, - Options: []string{"basic", "bearer", "mtls"}, + Options: []string{"basic", "cookie", "bearer", "mtls"}, Default: "basic", } if err := survey.AskOne(qs, &authType); err != nil { diff --git a/pkg/jira/client.go b/pkg/jira/client.go index c6435dbc..5c16ed39 100644 --- a/pkg/jira/client.go +++ b/pkg/jira/client.go @@ -281,6 +281,8 @@ func (c *Client) request(ctx context.Context, method, endpoint string, body []by } case string(AuthTypeBearer): req.Header.Add("Authorization", "Bearer "+c.token) + case string(AuthTypeCookie): + req.Header.Add("Cookie", "tenant.session.token="+c.token) case string(AuthTypeBasic): req.SetBasicAuth(c.login, c.token) } diff --git a/pkg/jira/types.go b/pkg/jira/types.go index e1c17719..7d711e05 100644 --- a/pkg/jira/types.go +++ b/pkg/jira/types.go @@ -7,14 +7,16 @@ import ( const ( // AuthTypeBasic is a basic auth. AuthTypeBasic AuthType = "basic" - // AuthTypeBearer is a bearer auth. + // AuthTypeCookie is a cookie (browser session) auth. + AuthTypeCookie AuthType = "cookie" + // AuthTypeBearer is a bearer (PAT) auth. AuthTypeBearer AuthType = "bearer" // AuthTypeMTLS is a mTLS auth. AuthTypeMTLS AuthType = "mtls" ) // AuthType is a jira authentication type. -// Currently supports basic and bearer (PAT). +// Currently supports basic, cookie, bearer (PAT) and mtls (client certificates). // Defaults to basic for empty or invalid value. type AuthType string