drakma: How to pass JIRA API token for requests?

Question

When I do the following, passing my JIRA API token ...

curl --verbose --request GET \
     --url 'https://myJira.atlassian.net/....' \
     --user 'my_email@domain.com:my_jira_api_token' ...

... the operation succeeds and I see one of the headers was:

Authorization: Basic encodedAuthInfoHere

How would I do the same with Drakma? :basic-authorization takes a list of username and password. But JIRA says basic auth has been deprecated.

(drakma:http-request url
                     :method :get
                     :basic-authorization '(email passwd)
                     ...

Is there a way to perform the same encoding that curl used, and add the header explicitly when calling http-request? Thanks in advance!

score 1 · Answer 1 · answered Mar 12 '21 at 09:07

You can pass :parameters to the request:

USER> (drakma:http-request "http://example.com"
                           :method :get
                           :parameters '(("user" . "token")))

The reply is:

"<!doctype html>
<html>
<head>
    <title>Example Domain</title>

    <meta charset="utf-8" />
    <meta http-equiv="Content-type" content="text/html; charset=utf-8" />
    <meta name="viewport" conten...[sly-elided string of length 1256]"
200 (8 bits, #xC8, #o310, #b11001000)
((:AGE . "507992") (:CACHE-CONTROL . "max-age=604800")
 (:CONTENT-TYPE . "text/html; charset=UTF-8")
 .....)
#<URI http://example.com/?user=token>
#<FLEXI-STREAMS:FLEXI-IO-STREAM {101D4A3723}>
T
"OK"

In particular, the 4th returned value, the URI the reply comes from, is:

http://example.com/?user=token

score 1 · Accepted Answer · answered Mar 12 '21 at 14:03

1

Like for curl, Drakma's password can be whatever you want it to be, so you can insert the jira token as in you did with curl.

Would

(setf drakma:*header-stream* *standard-output*)
(drakma:http-request "https://myJira.atlassian.net/...."
  :method :get
  :basic-authorization '("my_email@domain.com" "my_jira_api_token"))

spark joy?

I'd expect drakma to create a string my_email@domain.com:my_jira_api_token, base64-encode it, and append it to "Authorization: Basic ", so you'd get a header like this:

Authorization: Basic bXlfZW1haWxAZG9tYWluLmNvbTpteV9qaXJhX2FwaV90b2tlbg==

If your curl example is complete, Drakma should get you as far as curl does.

answered Mar 12 '21 at 14:03

chrnybo

145
5

Ah. When I used `quote` to construct the basic-authorization list out of my vars, `quote` kept them as symbols instead of evaluating them to be strings. When I used `list` instead, it worked as advertised. So that, plus the idea that the API token could be passed as the "password" was what I was missing. Thank you for the help! Related content: `quote` vs `list` https://stackoverflow.com/a/34984553 (It's for Scheme, but at the SBCL REPL, the behavior of `list` vs `quote` seems to be similar enough) – user3735178 Mar 12 '21 at 18:34
1

There's also the backquote, which allows you to ask for evaluation by inserting a comma in front of a symbol or expression. See http://www.lispworks.com/documentation/HyperSpec/Body/02_df.htm – chrnybo Mar 12 '21 at 21:11

drakma: How to pass JIRA API token for requests?

2 Answers2