Using the rest api via javascript, how to authenticate?

Hi,

I am using the rest api to extract data on a intranet. I use the $.post(youTrackLoginUrl, { login: "user", password: "pass" });.

But that only creates the session, not the cookie it self. How can I extract the value in Set-Cookie to use in my $.ajax? I use xhrFields and withCredentials also.

As of now I get forbidden all the time, if I check the response from the login it is OK, and the session is created.

The tracker is on tracker.domain.com and the intranet is on intranet.domain.com.

I have checked the allow origins in the rest settings in the dashboard.

Cheers.

Some additional info about the response headers and the request headers can be found here : http://stackoverflow.com/questions/12797331/get-response-header-jquery-ajax-post-set-cookie
9 comments
Comment actions Permalink
Hello, jinxen!
Could you please provide a place in your code, where you are setting "withCredentials" flag?
Also, there is an example of using YouTrack rest api from JavaScript, it may be useful for you: https://github.com/JetBrains/youtrack-slide/blob/master/js/youtrack.js
0
Comment actions Permalink
Is there any example of the usage of youtrack.js?
0
Comment actions Permalink
Yes, it's in the same project - https://github.com/JetBrains/youtrack-slide/blob/master/js/youtrack.js
It was generally created as example of using REST from javascript.
0
Comment actions Permalink
To answer your original question.

var youTrackUrl = "http://tracker.eelab.se/rest/export/" + projectName + "/issues?max=1000000";
var youTrackLoginUrl = "http://tracker.eelab.se/rest/user/login";

$.post(youTrackLoginUrl, { login: "user", password: "pass" }); // login is ok from this

// this gives me forbidden, and I can see that tha cookie is not created from the first post.
$.ajax({
            url: youTrackUrl,
            xhrFields: {
withCredentials: true
            },
            success: function (data) {
            
            // parses the xml to json...
        }
});

If I check in FireBug, I can see that I recieve two cookies from the post, but only one seems to be created (session).
0
Comment actions Permalink
Hi Anna,

I was able to get the request to work from the youtrack.js example. Though IE 7-9 does not support CORS it does only work in chrome and FF so far, in IE Access is denied.

Is there anyway to change the request datatype to JSONP to work around this?
0
Comment actions Permalink
I'm sorry, we only support xml and json as response type.
0
Comment actions Permalink
Is there any way to get around the CORS support to make it work in IE?
0
Comment actions Permalink
Jinxen, did you enable in IE Access data source across domain in Security settings -> Miscellaneous?
0
Comment actions Permalink

Is there any similar example that exists on how to use the modern OAuth 2.0 (token based) authentication model? I have tried a few times to get it to working, but can't seem to figure it out. The only way I have been able to access the REST API is to do it by using the old-school cookie-based method, which is not ideal for my application.

https://confluence.jetbrains.com/display/YTD65/Log+in+to+YouTrack

The notice at the top of the page reads: 

API method described in this section have been deprecated. Instead of relying on cookie-based authorization, scripts or other clients should be adapted to Hub OAuth 2.0 auth instead.

All YouTrack REST methods support this token-based authorization (see Hub Oauth 2.0 documentation), thus you will not need to maintain both schemes once migrated.

1

Please sign in to leave a comment.