如何从Rest API登录的泽西岛客户端响应中获取Cookie到期日期？

Question

If you hit Jira rest api for login from Postman tool is displaying cookies with expiry date properly but if you hit from java jersey rest client, its not showing expiry dates for the respective cookies.

JIRA crowd sso setup version : v7.12.1

Jersey api 1.x

The below are the Postman response cookies: and Jersey java client response cookies.

postman - https://i.imgur.com/teIMNFJ.png
jersey client - https://i.stack.imgur.com/KuU8q.png

Can anyone tell me how to get the cookies values same as postman is showing with expiry dates using java rest client ? why the response is different in two places ? what java api i need to use to get full details of cookies from java program ?

Answer 1

Welcome :)

You can use getExpiryDate() in Java on Cookie Objects. Return type is Date.

Answer 2

When you are using the JIRA rest api for login , as per the documentation a session cookie is returned.

More importantly, you will get the session cookie (in the header of the response) from the server, which you can use in subsequent requests. You can see an example of this below. You'll notice that the cookie name and value are the same as the cookie name and value in the session response above.

Session cookies does not have a expiry-time set. The cookies expire when the session is ended. For eg., In browsers when a window is closed - the session cookies will be removed.

Read more about session cookies here or google it.

The documentation also states this

Cookie expiration

One disadvantage of using cookies compared to basic authorization is that they expire. You have probably noticed this when accessing Jira through a web browser. Every once in a while, especially if you have not used Jira in a while, you need to log in again because your cookie has expired. The same occurs when using REST. If you write a script or code that involves REST API calls and:

It only runs for a few minutes, then you should not worry about cookies expiring. It runs for a longer period of time due to more complex integration activities, then expiring cookies may cause problems. If you use REST with a cookie that has expired, you will receive a 401 error response from Jira. The response body will contain a message telling you that your cookie is invalid. At that point, you will need to re-authenticate to the session resource on the "auth" API.

So you might need to consider handling 401 errors.

As mentioned, If postman is giving future date then it may be not a session cookie :-). Then you should be able to get it like

ClientResponse response = //code to execute request REST
List<NewCookie> cookies = response.getCookies();
Date expires = cookies.get(0).getExpiry();
//OR
int maxAge =cookies.get(0).getMaxAge()