OAuth errors in Stash logs

• Stash: 2.8.1
• Jira: v6.1#6144-sha1:2e50328
• Storyflow: 1.0.1

We are seeing OAuth errors (invalid signature) in our Stash logs, however, pull requests are linking up correctly. It appears that a HEAD request is done first to /rest/api/latest/issue/ISSUE-KEY, which always seems to fail with a HTTP 401, followed by a call to /rest/api/latest/issue/ISSUE-KEY/remotelink which then succeeds with HTTP 201.

I am wondering if the first call is a check to see if the issue exists before attempting to add a remote link to it...?

I've done extensive testing, and I am sure our Oauth configuration is sane as it is working in all other cases... if there is anything else I can provide, please let me know.

From Stash log:

2013-11-06 10:32:49,589 WARN [AtlassianEvent::pool-2-thread-4] rossc 1331x827x1 wp7g5m 192.168.100.51,127.0.0.1 "POST /projects/CRM/repos/plugins/pull-requests HTTP/1.1" o.a.c.httpclient.HttpMethodDirector Unable to respond to any of these c hallenges: {oauth=OAuth realm="http%3A%2F%2Fjira.az.lan", oauth_signature="Na6lYJHRH%2FdAXfdhTZaK4VAjEZVbhP93sXnGqbasQFCX5U3HB9GyM%2FAEP7ORZZi0BXg0PLdBZEPjRZIl5EnWw9pijszQByUuyV4eEoNMCflBj3iYeRga9IR%2BL14PL9j64s6jfv50Kzj8UfJYY%2BKKhFPp9NOMgSY m3%2FnxCnFP68Q%3D", oauth_signature_base_string="HEAD%26http%253A%252F%252Fjira.az.lan%252Frest%252Fapi%252Flatest%252Fissue%252FCRM-1016%26oauth_consumer_key%253DStash%25253A7465717774%2526oauth_nonce%253D574604135399502%2526oauth_signature_ method%253DRSA-SHA1%2526oauth_timestamp%253D1383748369%2526oauth_token%253Db3LucLrIkJzb0jaUkHLZg7eTDd18wawS%2526oauth_version%253D1.0", oauth_problem="signature_invalid", oauth_signature_method="RSA-SHA1"} 2013-11-06 10:32:49,591 WARN [AtlassianEvent::pool-2-thread-4] rossc 1331x827x1 wp7g5m 192.168.100.51,127.0.0.1 "POST /projects/CRM/repos/plugins/pull-requests HTTP/1.1" c.h.s.s.service.JiraLinkService Failed to create a remote link to CRM-1 016 in Azorus Jira. Reason: 401 - Unauthorized

From JIRA log:

2013-11-06 10:32:49,588 http-bio-8080-exec-19 WARN anonymous 632x4315x1 - 127.0.0.1,127.0.0.1 /rest/api/latest/issue/CRM-1016 [oauth.serviceprovider.internal.AuthenticatorImpl] Problem encountered authenticating OAuth client for url "http://j ira.az.lan/rest/api/latest/issue/CRM-1016", error was "signature_invalid", with parameters "{oauth_signature=Na6lYJHRH/dAXfdhTZaK4VAjEZVbhP93sXnGqbasQFCX5U3HB9GyM/AEP7ORZZi0BXg0PLdBZEPjRZIl5EnWw9pijszQByUuyV4eEoNMCflBj3iYeRga9IR+L14PL9j64s6jf v50Kzj8UfJYY+KKhFPp9NOMgSYm3/nxCnFP68Q=, oauth_signature_base_string=HEAD&http%3A%2F%2Fjira.az.lan%2Frest%2Fapi%2Flatest%2Fissue%2FCRM-1016&oauth_consumer_key%3DStash%253A7465717774%26oauth_nonce%3D574604135399502%26oauth_signature_method%3DR SA-SHA1%26oauth_timestamp%3D1383748369%26oauth_token%3Db3LucLrIkJzb0jaUkHLZg7eTDd18wawS%26oauth_version%3D1.0, oauth_problem=signature_invalid, oauth_signature_method=RSA-SHA1}"

From JIRA Apache log:

127.0.0.1 - - [06/Nov/2013:10:32:49 -0400] "HEAD /rest/api/latest/issue/CRM-1016 HTTP/1.1" 401 - "-" "Jakarta Commons-HttpClient/3.1"

127.0.0.1 - - [06/Nov/2013:10:32:49 -0400] "POST /rest/api/latest/issue/CRM-1016/remotelink HTTP/1.1" 201 88 "-" "Jakarta Commons-HttpClient/3.1"