0 votes

Hello everyone,

For one of my customer (Ingenico) I have to communicate with another api using rest call (Method; POST) to synchronise Efficy's tickets/actions.

During my first tests, I encountered some errors due to the invalid certificate (It's expired since 2015).

First version:

//@Author: PPT: Create HTTP request
function createRequest() {

  return new ActiveXObject("Microsoft.XMLHTTP");
}

function SendCaseToJira(k_case){

                var url = Database.GetSysStorageValue('Jira_ApiUrl') + "update/case/" + k_case;
                var req = createRequest();
                try{         
                                var ret;
                                var OnSuccessFunction = function (args2, _html) {ret=_html;}                                    
                                req.onreadystatechange = function() {
                                  if (req.readyState == 4 && req.status == 200) {
                                                OnSuccessFunction("",req.responseText);
                                  }else
                                                  ret = "not working";
                                };
                                req.open("POST", url, false);
                                req.send();

                                Logger.Write(ret);
                }catch(e){
                                Logger.Write("Error when notifying Jira: " + e.message);
                }

}

Here is the error message that I was getting:

Error when notifying Jira: Security certificate required to access
this resource is invalid.

Then I found that I could disable certificate check by modifying my code:

Second version:

//@Author: PPT: Create HTTP request
function createRequest() {

  // return new ActiveXObject("Microsoft.XMLHTTP");
  return new ActiveXObject("Msxml2.ServerXMLHTTP.3.0");
}

function SendCaseToJira(k_case){

                var url = Database.GetSysStorageValue('Jira_ApiUrl') + "update/case/" + k_case;
                //var url = Database.GetSysStorageValue('Jira_ApiUrl') + "update/";
                var req = createRequest();
                //Disable the certificat check
                req.setOption(2, 13056);
                try{         
                                var ret;
                                var OnSuccessFunction = function (args2, _html) {ret=_html;}                                    
                                req.onreadystatechange = function() {
                                  if (req.readyState == 4 && req.status == 200) {
                                                OnSuccessFunction("",req.responseText);
                                  }else
                                                  ret = "not working";
                                };
                                req.open("POST", url, false);
                                req.send();

                                Logger.Write(ret);
                                //Logger.Write("Success notifying Jira: " + response);
                }catch(e){
                                Logger.Write("Error when notifying Jira: " + e.message);
                }

}

And now I'm getting the following error:

Error when notifying Jira: An error occurred in the secure channel
support

Have someone ever had that kind of problem? Can someone help me on how to generate rest call over https using javascript serverside?

Thanks in advance.

KR,

Prince.

asked in WorkFlow / Serverscript by (167 points)
Some questions, because you seem to be very confused imo…

Are you communication with mutual client certificate authentication, meaning does the client authenticate itself with a certificate?
Or is the JIRA web-server authentication anonymous, with on top applicative authentication? Compare this with Efficy native authentication vs SSO.

What certificate is exactly expired since 2015?
Does it work from the browser?
Hi Kristof,

See my answer in next message...

KR

3 Answers

+1 vote

Reading your feedback, my next step would be to demand Ingenico to setup the JIRA server with a valid, non-expired SSL certificate. If it doesn't work in a browser, why do they expect it should work from API.

Don't try to build ways around it.

Secondly, avoid using the ActiveX object.

Use the Database.OpenURL2, you can use headers. A nice example is on EDN here
I extracted the relevant parts below.

var RequestContent = TStringList.Create;
var RequestHeader = TStringList.Create;
try {
  RequestContent.Add('Test to JIRA');
  RequestHeader.Add('POST /Service.asmx HTTP/1.1');
  RequestHeader.Add('Content-Type: text/xml; charset=utf-8');
  var response = Database.OpenURL2(URL, RequestContent.Text, RequestHeader.Text);
} finally {
  RequestContent.Free;
  RequestHeader.Free;
}
answered by (7.4k points)
edited by
Ok, that's what I used at the begining. But how can I set the method as "POST" using Database.openURL ?

Thanks for your answer.
I edited my answer
Hi Kristof ,

The question may be "stupid" but how do I set my parameters using the OpenUrl2?

The API url to send a case is "https://jira1test.services.ingenico.com/rest/ovefficylink/1.0/update/case/XXX"
where "case/xxx" is the param/value to be sent using the POST method.

KR,

Prince
0 votes

Hello Kristof,

I do not use authentication and I'haven't been given any credential to do so.
The Jira web-server authentication for REST endpoints is anonymous.

Here is how it works at this moment:

When a user create or modify a case or and action flagged as "to be synchronized", Efficy has to send a "webhook" call to Jira by passing the KCASE and/or KACTION.
The method to be used for the call is "POST".

When I try to access the url trough the browser, here is what I get:
enter image description here

And then when I click "continue", I get the following page:
enter image description here

But this seems normal to me since I can only user the POST method (which is done in the workflow)

answered by (167 points)
0 votes

I've checked the issue with Stephan Roncin and here is the schedulled script we made for tests purpose (can be ran by anyone):

function main() {
 SendCaseToJira(706977);
}

function SendCaseToJira(k_case){
 Database.Log("Sending case : " + k_case + " to Jira");
 var jiraProtocal = 'https://';
 var jiraHost = 'jira1test.services.ingenico.com';
 var jiraRessource = '/rest/ovefficylink/1.0/';
 var jiraBaseUrl = jiraProtocal + jiraHost + jiraRessource; //Database.GetSysStorageValue('Jira_ApiUrl');
 var jiraMethode = 'update';
 var jiraEntity = 'case';
 var jiraUpdateUrl = jiraBaseUrl + jiraMethode + '/' + jiraEntity;
 var url = jiraUpdateUrl + '/' + k_case;

 Database.Log('jiraProtocal : ' + jiraProtocal);
 Database.Log('jiraHost     : ' + jiraHost);
 Database.Log('jiraRessource: ' + jiraRessource);
 Database.Log('jiraBaseUrl  : ' + jiraBaseUrl);
 Database.Log('jiraMethode  : ' + jiraMethode);
 Database.Log('jiraEntity   : ' + jiraEntity);
 Database.Log('jira jiraUpdateUrl     : ' + jiraUpdateUrl);
 Database.Log('jira URL     : ' + url);

 var response = "";
 var RequestHeader = TStringList.Create;
 try {
  RequestHeader.Add('Accept-Encoding: gzip,deflate');
  RequestHeader.Add('Content-Type: application/json');
  RequestHeader.Add('Content-length: 0');
  RequestHeader.Add('Host: ' + jiraHost);
  RequestHeader.Add('Connection: Keep-Alive');

  var headersText = RequestHeader.Text;
  Database.Log('Header : ' + headersText);
  response = Database.OpenURL2('POST ' + url, '', headersText);
 } catch(e){
  Database.Log("Error when notifying Jira: " + e.message);
 }
 finally {
  RequestHeader.Free;
  Database.Log("Response from Jira: " + response);
 }
}

When I launch it, I always got the following error:
enter image description here

But when I run it from SoapUi it's working fine:
enter image description here

Also need to mentionned that I get a certificate error message when trying to access the url through the web browser:
enter image description here

Could it be linked to the issue?

answered by (167 points)
1,249 questions
1,521 answers
1,859 comments
328 users