Unable to install Jira Cloud app for self-managed instance
I am trying to install the Jira Cloud app on our self-managed instance. It however fails with a 401 error when trying to install the app.
Steps taken
Gitlab
- Enabled FF for
jira_connect_oauth
andjira_connect_oauth_self_managed
- Created application with
api
permissions and callback URI to our instance (/-/jira_connect/oauth_callbacks
) - Added the application ID to the GitLab for Jira App section in the Admin interface
Atlassian / Jira side
- Create a Jira vendor
- Create a private application pointing towards our
/-/jira_connect/app_descriptor.json
- Creating a token for the application
- Using "Upload app" paste the link.
Problem
Jira responds with:
The app host returned HTTP response code 401 when we tried to contact it during installation. Please try again later or contact the app vendor.
It seems that the link to the public_keys
endpoint is not being prepended with the base_url of our GitLab Instance.
Logs
The logs from our webservice container:
{
"component":"gitlab",
"subcomponent":"production",
"level":"unknown",
"time":"2023-01-02T12:26:20Z",
"message":" Parameters: {\"key\"=>\"[FILTERED]\", \"clientKey\"=>\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\", \"publicKey\"=>\"XXXXXXXXXXXXXXXXXXXX\", \"sharedSecret\"=>\"[FILTERED]\", \"serverVersion\"=>\"100213\", \"pluginsVersion\"=>\"1001.0.0-SNAPSHOT\", \"baseUrl\"=>\"https://xxxxxxxx.atlassian.net\", \"productType\"=>\"jira\", \"description\"=>\"[FILTERED]\", \"eventType\"=>\"installed\", \"event\"=>{}}"
}
{
"component":"gitlab",
"subcomponent":"exceptions_json",
"level":"error",
"severity":"ERROR",
"time":"2023-01-02T12:26:20.348Z",
"correlation_id":"01GNS74VS951HR94HNSYARSCVJ",
"exception.class":"Gitlab::HTTP::BlockedUrlError",
"exception.message":"URL '/-/jira_connect/public_keys/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' is blocked: Only allowed schemes are http, https",
"exception.backtrace":[
"lib/gitlab/http_connection_adapter.rb:50:in `rescue in validate_url!'",
"lib/gitlab/http_connection_adapter.rb:43:in `validate_url!'",
"lib/gitlab/http_connection_adapter.rb:27:in `connection'",
"lib/gitlab/http.rb:54:in `perform_request'",
"lib/gitlab/http.rb:74:in `try_get'",
"lib/atlassian/jira_connect/jwt/asymmetric.rb:64:in `retrieve_public_key'",
"lib/atlassian/jira_connect/jwt/asymmetric.rb:39:in `block in claims'",
"lib/gitlab/utils/strong_memoize.rb:34:in `strong_memoize'",
"lib/atlassian/jira_connect/jwt/asymmetric.rb:37:in `claims'",
"lib/atlassian/jira_connect/jwt/asymmetric.rb:25:in `valid?'",
"app/controllers/jira_connect/events_controller.rb:55:in `verify_asymmetric_atlassian_jwt!'",
"app/controllers/application_controller.rb:534:in `set_current_admin'",
"lib/gitlab/session.rb:11:in `with_session'",
"app/controllers/application_controller.rb:524:in `set_session_storage'",
"lib/gitlab/i18n.rb:107:in `with_locale'",
"lib/gitlab/i18n.rb:113:in `with_user_locale'",
"app/controllers/application_controller.rb:512:in `set_locale'",
"app/controllers/application_controller.rb:506:in `set_current_context'",
"lib/gitlab/metrics/elasticsearch_rack_middleware.rb:16:in `call'",
"lib/gitlab/middleware/memory_report.rb:13:in `call'",
"lib/gitlab/middleware/speedscope.rb:13:in `call'",
"lib/gitlab/database/load_balancing/rack_middleware.rb:23:in `call'",
"lib/gitlab/middleware/rails_queue_duration.rb:33:in `call'",
"lib/gitlab/metrics/rack_middleware.rb:16:in `block in call'",
"lib/gitlab/metrics/web_transaction.rb:46:in `run'",
"lib/gitlab/metrics/rack_middleware.rb:16:in `call'",
"lib/gitlab/jira/middleware.rb:19:in `call'",
"lib/gitlab/middleware/go.rb:20:in `call'",
"lib/gitlab/etag_caching/middleware.rb:21:in `call'",
"lib/gitlab/middleware/query_analyzer.rb:11:in `block in call'",
"lib/gitlab/database/query_analyzer.rb:37:in `within'",
"lib/gitlab/middleware/query_analyzer.rb:11:in `call'",
"lib/gitlab/middleware/multipart.rb:173:in `call'",
"lib/gitlab/middleware/read_only/controller.rb:50:in `call'",
"lib/gitlab/middleware/read_only.rb:18:in `call'",
"lib/gitlab/middleware/same_site_cookies.rb:27:in `call'",
"lib/gitlab/middleware/handle_malformed_strings.rb:21:in `call'",
"lib/gitlab/middleware/basic_health_check.rb:25:in `call'",
"lib/gitlab/middleware/handle_ip_spoof_attack_error.rb:25:in `call'",
"lib/gitlab/middleware/request_context.rb:21:in `call'",
"lib/gitlab/middleware/webhook_recursion_detection.rb:15:in `call'",
"config/initializers/fix_local_cache_middleware.rb:11:in `call'",
"lib/gitlab/middleware/compressed_json.rb:37:in `call'",
"lib/gitlab/middleware/rack_multipart_tempfile_factory.rb:19:in `call'",
"lib/gitlab/middleware/sidekiq_web_static.rb:20:in `call'",
"lib/gitlab/metrics/requests_rack_middleware.rb:77:in `call'",
"lib/gitlab/middleware/release_env.rb:13:in `call'"
],
"user.username":null,
"tags.program":"web",
"tags.locale":"en",
"tags.feature_category":"integrations",
"tags.correlation_id":"01GNS74VS951HR94HNSYARSCVJ"
}
{
"component":"gitlab",
"subcomponent":"production_json",
"level":"info",
"method":"POST",
"path":"/-/jira_connect/events/installed",
"format":"*/*",
"controller":"JiraConnect::EventsController",
"action":"installed",
"status":401,
"time":"2023-01-02T12:26:20.354Z",
"params":[
{
"key":"key",
"value":"[FILTERED]"
},
{
"key":"clientKey",
"value":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
},
{
"key":"publicKey",
"value":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
},
{
"key":"sharedSecret",
"value":"[FILTERED]"
},
{
"key":"serverVersion",
"value":"100213"
},
{
"key":"pluginsVersion",
"value":"1001.0.0-SNAPSHOT"
},
{
"key":"baseUrl",
"value":"https://xxxxxxxx.atlassian.net"
},
{
"key":"productType",
"value":"jira"
},
{
"key":"description",
"value":"[FILTERED]"
},
{
"key":"eventType",
"value":"installed"
},
{
"key":"event",
"value":{
}
}
],
"correlation_id":"01GNS74VS951HR94HNSYARSCVJ",
"meta.caller_id":"JiraConnect::EventsController#installed",
"meta.remote_ip":"52.215.xxx.xxx",
"meta.feature_category":"integrations",
"meta.client_id":"ip/52.215.xxx.xxx",
"remote_ip":"52.215.xxx.xxx",
"ua":"Atlassian HttpClient unknown / JIRA-1001.0.0-SNAPSHOT (100213) / Atlassian-Connect/1001.0.0-SNAPSHOT",
"queue_duration_s":0.00793,
"request_urgency":"default",
"target_duration_s":1,
"redis_calls":2,
"redis_duration_s":0.001091,
"redis_read_bytes":405,
"redis_write_bytes":116,
"redis_cache_calls":2,
"redis_cache_duration_s":0.001091,
"redis_cache_read_bytes":405,
"redis_cache_write_bytes":116,
"db_count":0,
"db_write_count":0,
"db_cached_count":0,
"db_replica_count":0,
"db_primary_count":0,
"db_main_count":0,
"db_main_replica_count":0,
"db_replica_cached_count":0,
"db_primary_cached_count":0,
"db_main_cached_count":0,
"db_main_replica_cached_count":0,
"db_replica_wal_count":0,
"db_primary_wal_count":0,
"db_main_wal_count":0,
"db_main_replica_wal_count":0,
"db_replica_wal_cached_count":0,
"db_primary_wal_cached_count":0,
"db_main_wal_cached_count":0,
"db_main_replica_wal_cached_count":0,
"db_replica_duration_s":0.0,
"db_primary_duration_s":0.0,
"db_main_duration_s":0.0,
"db_main_replica_duration_s":0.0,
"cpu_s":0.01762,
"mem_objects":6803,
"mem_bytes":498744,
"mem_mallocs":2053,
"mem_total_bytes":770864,
"pid":41,
"worker_id":"puma_1",
"rate_limiting_gates":[
],
"db_duration_s":0.0,
"view_duration_s":0.0,
"duration_s":0.01215
}
Edited by Frank Klaassen