Timesheet gadget error when using in Confluence

Issue #479 resolved

Henning Tietgens created an issue 2014-02-05

Hi,

we're trying to use the timesheet gadget in a Confluence system connected via Application Link to our JIRA system. When I try to insert the gadget on a Confluence page I get the following error (in a red field):

All other JIRA gadgets work fine in Confluence (after allowing access). First we only used OAuth. Trying to get the timesheet gadget to work we also added a Trusted Application Link and even basic authentication. But the error stays the same.

Both servers are running on https, port 8443, if this matters.

Thanks, Henning

Comments (8)

Andriy Zhdanov
Hi Henning,

Could you please check this page: https://confluence.atlassian.com/display/JIRAKB/Application+Link+authentication+fails+due+to+bad+URL+signature

Thank you.
- 2014-02-06T14:47:01+00:00
Henning Tietgens reporter
Hi Andriy,

it seems only to be a problem for OAuth Application Links. After we added Trusted Application and Basic Authentication links and, we suppose, a Confluence restart it's working again.

Basically the authentication between JIRA and Confluence works, it was only the Timesheet Gadget which don't work. So I don't think the link you wrote is applicable for our situation.

Currently I'm not allowed to remove the other link types on our live system to test if it was only a temporary problem and we don't have linked test systems. Did you have a linked Confluence/JIRA system (only OAuth link, ideally both only accessible through https) where the gadget works? If this is the case either it was a temporary problem or it's our configuration and you could close this issue.

Thanks, Henning
- 2014-02-06T15:00:23+00:00
Andriy Zhdanov
- changed status to resolved
Oh, great it works, but I really don't know if it is ever used with OAuth Application Link, and I've only tried with Trusted Application Link.

So I'm closing it, when needed it may be reopened.

Thank you.
- 2014-02-06T15:07:02+00:00
Former user Account Deleted
Hallo @azhdanov,

Is het possible to reopen this ticket. We are experiancing the same problem with our Jira/Confluence setup. We only allow the OAuth Application link. Trusted is not possible because of security reasons.

We are running Confluence 5.6.6 and Jira 6.3.14 (TimeSheet 2.8.2.9). Both Confluence and Jira are behind a Apache Proxy. The link you provided (Bad URL Signature) is something that is not relevant for us. Settings (proxyname,proxyport,scheme) are set correctly, other Application Links addons are working correctly. The Application link has been setup with URL's using the proxy. We are experiencing the the same issues on our test environment (setup the same way).

If you need a seperate issue please let me know.

Regards,

Hans
- 2015-02-23T10:09:32+00:00
Andriy Zhdanov
Hi Hans,

I don't know how I can help with such problems, sorry.
- 2015-02-23T10:25:38+00:00
Mark Symons
Seeing this issue with Timesheets plugin v2.9.3.3. Affects all gadgets identically.
- Confluence v5.7.4 connecting to JIRA v6.3.15
- Confluence v5.8.6 connecting to JIRA v6.4.12
Confluence v5.8.6 uses Applinks v4.2.5 and I see that Confluence v5.8.14 upgrades Applinks to v4.3.11. I was waiting for Confluence v5.8.16 to be released before upgrading.

As per previous reports, Confluence is using OAuth (which is recommended by Atlassian over Trusted Applications) with both:
- outgoing 2-Legged OAuth requests
- outgoing 2-Legged OAuth with Impersonation requests
There are no errors in Confluence or JIRA system logs. The JIRA log does show that the HTTP 401s are in response to:
```
GET /rest/timesheet-gadget/1.0/groups.json
GET /rest/timesheet-gadget/1.0/groupByField.json?additionalFields=true
GET /rest/timesheet-gadget/1.0/groups.json?includeAny=true
GET /rest/timesheet-gadget/1.0/groupByField.json
GET /rest/timesheet-gadget/1.0/project.json
GET /rest/timesheet-gadget/1.0/projectRoles.json
GET /rest/timesheet-gadget/1.0/filter.json
```
Compare this with the requests made when configuring same gadget from JIRA dashboard (none of which fail).
```
GET /rest/timesheet-gadget/1.0/groups.json?_=1447062337303
GET /rest/timesheet-gadget/1.0/project.json?_=1447062337313
GET /rest/timesheet-gadget/1.0/groups.json?includeAny=true&_=1447062337297
GET /rest/timesheet-gadget/1.0/groupByField.json?additionalFields=true&_=1447062337309
GET /rest/timesheet-gadget/1.0/groupByField.json?_=1447062337284
GET /rest/timesheet-gadget/1.0/projectRoles.json?_=1447062337274
GET /rest/timesheet-gadget/1.0/filter.json?_=1447062337317
```
So, it looks like there is some sort of token missing when the gadget is used in Confluence.
- 2015-11-09T10:55:31+00:00
Andriy Zhdanov
Hi Mark,

This is not a token but just a way to force no-cache.

In issue~~#703~~ there is similar problem, and looks like configuring Trusted Applications solves the issue. I should admit nothing has changed in plugin itself, but may be should be changed to support OAuth, I will try to figure it out, please watch mentioned issue.

Thank you.
- 2015-11-09T11:07:23+00:00
Andriy Zhdanov
Note, version 2.9.3.4 adds support for OAuth, so it should work finally.
- 2015-11-16T18:10:08+00:00
Log in to comment

Assignee: –

Type: bug

Priority: major

Status: resolved

Component: –

Version: 2.7

Votes: 0

Watchers: 1