Reimplemented support for Jira Personal Access Tokens (PAT)

Marcel Grolms · johannesjo · commit 28975fff0086 · 2025-01-08T19:27:47.000+01:00
Introduced a new option to use Personal Access Tokens (PAT) for Jira authentication. Updated relevant configurations, models, and request headers to support this feature. This enhances security and provides an alternative to basic authentication.
diff --git a/electron/jira.ts b/electron/jira.ts
@@ -91,7 +91,11 @@ export const setupRequestHeadersForImages = (jiraCfg: JiraCfg): void => {
   // thankfully only the last attached listener will be used
   // @see: https://electronjs.org/docs/api/web-request
   session.defaultSession.webRequest.onBeforeSendHeaders(filter, (details, callback) => {
-    details.requestHeaders.authorization = `Basic ${encoded}`;
+    if (jiraCfg.usePAT) {
+      details.requestHeaders.authorization = `Bearer ${jiraCfg.password}`;
+    } else {
+      details.requestHeaders.authorization = `Basic ${encoded}`;
+    }
     callback({ requestHeaders: details.requestHeaders });
   });
 };
diff --git a/package-lock.json b/package-lock.json
diff --git a/src/app/features/issue/providers/jira/jira-api.service.ts b/src/app/features/issue/providers/jira/jira-api.service.ts
@@ -540,12 +540,17 @@ export class JiraApiService {
       headers: {
         // eslint-disable-next-line @typescript-eslint/naming-convention
         'Content-Type': 'application/json',
-        ...{
-          Cookie: '',
-          authorization: `Basic ${this._b64EncodeUnicode(
-            `${cfg.userName}:${cfg.password}`,
-          )}`,
-        },
+        ...(cfg.usePAT
+          ? {
+              Cookie: '',
+              authorization: `Bearer ${cfg.password}`,
+            }
+          : {
+              Cookie: '',
+              authorization: `Basic ${this._b64EncodeUnicode(
+                `${cfg.userName}:${cfg.password}`,
+              )}`,
+            }),
       },
     };
   }
diff --git a/src/app/features/issue/providers/jira/jira.const.ts b/src/app/features/issue/providers/jira/jira.const.ts
@@ -14,6 +14,7 @@ export const DEFAULT_JIRA_CFG: JiraCfg = {
   host: null,
   userName: null,
   password: null,
+  usePAT: false,
 
   searchJqlQuery: '',
 
@@ -196,6 +197,14 @@ export const JIRA_CONFIG_FORM_SECTION: ConfigFormSection<IssueProviderJira> = {
         //     label: T.F.JIRA.FORM_CRED.ALLOW_SELF_SIGNED,
         //   },
         // },
+        {
+          key: 'usePAT',
+          type: 'checkbox',
+          templateOptions: {
+            required: false,
+            label: T.F.JIRA.FORM_CRED.USE_PAT,
+          },
+        },
 
         ...ISSUE_PROVIDER_COMMON_FORM_FIELDS,
 
diff --git a/src/app/features/issue/providers/jira/jira.model.ts b/src/app/features/issue/providers/jira/jira.model.ts
@@ -22,6 +22,7 @@ export interface JiraCfg extends BaseIssueProviderCfg {
   host: string | null;
   userName: string | null;
   password?: string | null;
+  usePAT: boolean;
 
   isAllowSelfSignedCertificate: boolean;
   searchJqlQuery: string;
