OAuth 1.0 with Jira Server and Jira DataCenter

[yoram-s]

Hi, Recently you have added the support for token based authentication using bearer tokens. However, this support is currently limited to JIRA Cloud deployment.

On Jira Server(Obsolete) and Jira Data Center, a different OAuth is needed. After the AccessToken is created, it can be used together with the consumer-key and the private-key

I've made local adjustments to your code supporting the OAuth 1.0 scheme. Below are the changes to jira.cfg (for reference) supporting the new variables and the changes to the connection class.

I've verified locally on our server

diff --git a/jira.cfg b/jira.cfg
index 98f0b01..88e4fbb 100644
--- a/jira.cfg
+++ b/jira.cfg
@@ -2,3 +2,22 @@
 url = https://issues.jboss.org
 username =
 password =
+consumer_key=OauthKey
+token=PD1i7RMIvlg9IgojD1RVpUUEIe3J6woy
+private_key=
+    -----BEGIN RSA PRIVATE KEY-----
+    MIICXQIBAAKBgQDzsS3jO4729A9oRX/5oMRILJOPBY4FHTzhx8LuDNp7BXxuGZ3y
+    PJA/pSWPfgdh5qr8Yh0wtohUzSLvLyOgk/vldgZoKhZO6bTh1TTFmbEBKWYP8Dxy
+    Z84DFOUy67bEK8dI3ToiBVwf8+Oyo6j8WzYqDZWLzU8oC6BZ3/PnMO1n7wIDAQAB
+    AoGAI0ezbQJiYD5VPLNTI8CyqgBKHJqhRPxGpClXfz89IjJZIVd0Fm3ONGikV3HX
+    f8T1XDSYJUVH138bX6Vjcwv5m6Z3LUFdvdfs5RD6imQUz9Uk4oXe6ENTJONFhoZ1
+    1E/E2o4Yk7B9ZfJaeu4T+cKUGh/F2qTjmoSTHjb85B2AyIECQQD8sjCpuPEVk9TV
+    8SiU1pkdRrQHFVU0u3xqDvIKacm9rtjdZheQzhcHE5gKrhsb1Yn2VEyOZrAhWMcr
+    FnbKJqsjAkEA9uDaBeVf1ZDxbO1lzFJQd31DcfbQS82p5NX9NgNMTXhtwt+mDjY5
+    ttanGha6pi40fgA1492xHGvCyNr7ISPSxQJBAO3qt3aU8ifmsBVeoV7BThgKYaXp
+    p/emLlWNDMZRI+i7nuOVI8rqvzOidxxXIJ7sRqDubcYFWP+MnrkqxV0/WxECQQDa
+    /6tn/4l70g/YKN9c2Mg4tw3VUrSECfTj4k+0UkilkGcNr4eGo+Oepdul8POx5tr5
+    ywYDFO2/4Hfx5Q9Q3o5hAkAglpXZHYp8rAqxjmystt+ZPp4VjkkILAseE0PqQr0Q
+    HBqZnP/am4jKQRhUbzJcGbJjti+PoZ6yTjo09JiG4mud
+    -----END RSA PRIVATE KEY-----
+
diff --git a/pytest_jira.py b/pytest_jira.py
index 37929e4..5448c78 100644
--- a/pytest_jira.py
+++ b/pytest_jira.py
@@ -21,6 +21,9 @@ from retry import retry
 
 from issue_model import JiraIssue, JiraIssueSchema
 
+from requests_oauthlib import OAuth1
+from oauthlib.oauth1 import SIGNATURE_RSA
+
 DEFAULT_RESOLVE_STATUSES = 'closed', 'resolved'
 DEFAULT_RUN_TEST_CASE = True
 CONNECTION_SKIP_MESSAGE = 'Jira connection issue, skipping test: %s'
@@ -179,16 +182,26 @@ class JiraSiteConnection(object):
             password=None,
             verify=True,
             token=None,
+            client_key=None,
+            private_key=None,
     ):
         self.url = url
         self.username = username
         self.password = password
         self.verify = verify
         self.token = token
-
+        self.client_key = client_key
+        self.private_key = private_key
         self.is_connected = False
-
-        if self.token:
+        self.token_auth = None
+
+        if self.private_key:
+            self.token_auth = OAuth1(client_key=self.client_key,
+                    resource_owner_key=self.token,
+                    signature_method=SIGNATURE_RSA,
+                    rsa_key=self.private_key,
+                    signature_type='auth_header')
+        elif self.token:
             token_bearer = f"Bearer {self.token}"
             self.headers = {'Authorization': token_bearer}
 
@@ -203,7 +216,10 @@ class JiraSiteConnection(object):
         if 'verify' not in kwargs:
             kwargs['verify'] = self.verify
 
-        if self.token:
+        if self.token_auth:
+            rsp = requests.get(url, auth=self.token_auth, **kwargs)
+
+        elif self.token:
             rsp = requests.request(method, url, headers=self.headers, **kwargs)
 
         elif self.basic_auth:
@@ -394,6 +410,18 @@ def pytest_addoption(parser):
                     default=_get_value(config, 'DEFAULT', 'token'),
                     metavar='token',
                     help='JIRA token.')
+    group.addoption('--jira-consumer-key',
+                    action='store',
+                    dest='jira_consumer_key',
+                    default=_get_value(config, 'DEFAULT', 'consumer_key'),
+                    metavar='consumer_key',
+                    help='JIRA OAuth consumer key.')
+    group.addoption('--jira-private-key',
+                    action='store',
+                    dest='jira_private_key',
+                    default=_get_value(config, 'DEFAULT', 'private_key'),
+                    metavar='private_key',
+                    help='JIRA private key.')
     group.addoption('--jira-no-ssl-verify',
                     action='store_false',
                     dest='jira_verify',
@@ -517,6 +545,8 @@ def pytest_configure(config):
             os.getenv(PASSWORD_ENV_VAR) or config.getvalue('jira_password'),
             config.getvalue('jira_verify'),
             config.getvalue('jira_token'),
+            config.getvalue('jira_consumer_key'),
+            config.getvalue('jira_private_key')
         )
         jira_marker = JiraMarkerReporter(
             config.getvalue('jira_marker_strategy'),