API Token AuthenticationAPI Token Authentication
Try For Free

Expiration Reminder E-Mails with Adaptavist Script Runner

If you are using API Token Authentication for Jira and also Adaptavist ScriptRunner, you can add a script job that runs once a day and sends expiration warnings to various users.
Here is how you can do this. 


Add Adaptavist Script Runner Job

  • provide a name for the job

  • pick a user with appropriate permissions to run the script

  • schedule the script to run once every day


image2022-5-2_14-26-10.png

  • add the following script to the inline script section

you can ignore the type check and other warnings like the below, the script will still work

image2022-5-2_15-10-35.png


  1. iimport static groovyx.net.http.ContentType.JSON
  2. import groovyx.net.http.RESTClient
  3. import com.atlassian.jira.user.util.UserManager
  4. import com.atlassian.jira.user.UserPropertyManager
  5. import com.atlassian.jira.security.groups.GroupManager
  6. import com.opensymphony.module.propertyset.PropertySet;
  7. import com.atlassian.jira.component.ComponentAccessor
  8. import com.atlassian.jira.mail.Email
  9. import com.atlassian.jira.mail.settings.MailSettings
  10. import com.atlassian.mail.MailException
  11. import com.atlassian.mail.server.SMTPMailServer
  12. import com.atlassian.plugin.util.ContextClassLoaderSwitchingUtil
  13. import org.apache.log4j.Level
  14. import org.apache.log4j.Logger
  15. import java.text.SimpleDateFormat
  16. import groovy.time.TimeCategory
  19. // send email function
  20. String sendEmail(String emailAddr, String subject, String body) {
  21. def logger = Logger.getLogger(getClass())
  22. logger.setLevel(Level.DEBUG)
  24. // Stop emails being sent if the outgoing mail server gets disabled (useful if you start a script sending emails and need to stop it)
  25. def mailSettings = ComponentAccessor.getComponent(MailSettings)
  26. if (mailSettings?.send()?.disabled) {
  27. return 'Your outgoing mail server has been disabled'
  28. }
  30. def mailServer = ComponentAccessor.mailServerManager.defaultSMTPMailServer
  31. if (!mailServer) {
  32. logger.debug('Your mail server Object is Null, make sure to set the SMTP Mail Server Settings Correctly on your Server')
  33. return 'Failed to Send Mail. No SMTP Mail Server Defined'
  34. }
  36. def email = new Email(emailAddr)
  37. email.setMimeType('text/html')
  38. email.setSubject(subject)
  39. email.setBody(body)
  40. try {
  41. // This is needed to avoid the exception about IMAPProvider
  42. ContextClassLoaderSwitchingUtil.runInContext(SMTPMailServer.classLoader) {
  43. mailServer.send(email)
  44. }
  45. } catch (MailException e) {
  46. logger.debug("Send mail failed with error: ${e.message}")
  47. 'Failed to Send Mail, Check Logs for error'
  48. }
  49. }
  52. String getManagerEmail(tokenOwnerUser) {
  53. def logger = Logger.getLogger(getClass())
  54. logger.setLevel(Level.DEBUG)
  55. UserPropertyManager userPropertyManager = ComponentAccessor.getUserPropertyManager()
  56. PropertySet userProperties = userPropertyManager.getPropertySet(tokenOwnerUser)
  57. //logger.debug("All user properties: ${userProperties}")
  58. def managerEmail = userProperties.getString("jira.meta.myManager")
  59. return managerEmail
  60. }
  62. Boolean sendToManager(tokenOwner) {
  63. GroupManager groupManager = ComponentAccessor.getComponent(GroupManager)
  64. if (groupManager.getUserNamesInGroup("your-group-name-here").contains(tokenOwner.getUsername())) {
  65. return true
  66. }
  67. return false
  68. }
  71. Boolean ExpirationReminder(warnEpochFrom, warnEpochUntil, nextPageURL) {
  73. // Jira BaseURL, change accordingly
  74. def baseURL = "https://your-jira-base-url.com"
  75. // User with create token on behalf permission
  76. def userName = "admin"
  77. // API Token or password
  78. def password = "passwordOrToken"
  79. // Add additional recipient e-mail addresses to the array [] in double quotes and separated by comma
  80. def additionalRecipients = []
  82. String encodedAuthString = "Basic " + ("$userName:$password".bytes.encodeBase64().toString())
  83. def pathFrom = "/rest/de.resolution.apitokenauth/latest/user/tokensByFilter?fromExpiresDuring="
  84. def pathUntil = "&untilExpiresDuring="
  85. String queryURL = baseURL + pathFrom + warnEpochFrom + pathUntil + warnEpochUntil
  86. if (nextPageURL != "") {
  87. queryURL = nextPageURL
  88. }
  90. def restClient = new RESTClient(queryURL)
  91. restClient.setHeaders([Authorization: encodedAuthString, Accept: 'application/json'])
  92. def resp = restClient.get(contentType: JSON)
  93. def resultObject = resp.data
  94. def tokenArray = resultObject['content']
  96. // send warning email for each token about to expire that day
  97. tokenArray.each {
  98. def tokenDescription = it['description']
  99. def date = new Date(it['validUntil'])
  100. SimpleDateFormat dateFormat = new SimpleDateFormat( "yyyy-MM-dd" )
  101. def dateString = dateFormat.format(date)
  102. def userManager = ComponentAccessor.getUserManager()
  103. def recipient = userManager.getUserByKey(it['tokenForUserKey'])
  104. def tokenOwnerEmail = recipient.getEmailAddress()
  106. // mail to token owner
  107. sendEmail(tokenOwnerEmail, "API Token Expiration Warning", "Your token with description '${tokenDescription}' will expire ${dateString}")
  109. // mail to manager
  110. def managerEmail = getManagerEmail(recipient)
  111. if (managerEmail != null && sendToManager(recipient) == true) {
  112. sendEmail(managerEmail, "API Token Expiration Warning for user ${tokenOwnerEmail}", "API token of user ${tokenOwnerEmail} with description '${tokenDescription}' will expire ${dateString}")
  113. }
  116. // mail to additional recipients
  117. additionalRecipients.each {
  118. sendEmail(it, "API Token Expiration Warning for user ${tokenOwnerEmail}", "API token of user ${tokenOwnerEmail} with description '${tokenDescription}' will expire ${dateString}")
  119. }
  121. }
  123. // if there is a next page with more tokens expiring soon, process it as well
  124. if (resultObject['paginationLinks']['nextPage'] != "") {
  125. ExpirationReminder("","", resultObject['paginationLinks']['nextPage'])
  126. }
  128. }
  131. // check and warn for tokens expiring in 1 to 5 days
  132. for (int i = 1; i<6; i++) {
  133. use (groovy.time.TimeCategory) {
  134. warnDateFrom = i.day.from.now
  135. warnEpochFrom = warnDateFrom.getTime()
  136. warnEpochUntil = warnEpochFrom + (24 * 60 * 60 * 1000) - 1
  137. ExpirationReminder(warnEpochFrom, warnEpochUntil, "")
  138. }
  139. }

Adjust Script

You need to adjust the values in the lines below. Some of them are mandatory, some aren't.

Mandatory Variables

  • line 74, def baseURL - enter your Jira base URL in double-quotes, without the trailing forward-slash

  • line 76, def userName - provide a username that has the Create & Delete Token On Behalf Permission 

  • line 78, def password - provide a password or better Read-Only API Token for that user

Optional Variables

  • line 58, replace myManager with the Jira user properties field name that contains the e-mail address of the manager of the token owner

    • be careful and don't remove the jira.meta. prefix

  • line 64, replace your-group-name-here with a group name that the token owner needs to be a member of if their manager should receive a notification as well 

  • line 80, def additionalRecipients = []  - add one or more e-mail addresses in double quotes and separated by a comma who should always receive the same expiration warning the token owner receives or leave the array empty

    • Example: def additionalRecipients = ["user1@company.com","user2@company.com"]

  • lines 107, 112 and 118 contain the function calls for the sendEmail function and you could adjust the second and third parameters (subject and text body of the email)

    • variables available in the function scope are enclosed in in ${}, i.e. ${tokenOwnerEmail} so that you can build custom subjects and text bodies 

Result

The script will run at the scheduled time and search for tokens that are about to expire in the next 5 days. You could adjust line 132 and increase or decrease the counter if you want to cover more or fewer days.
There will be an e-mail for each expiring token.


This site uses cookies to deliver its service & to analyse traffic. By browsing this site, you accept the privacy policy.

Our Wiki uses cookies

We want to give you the best possible experience on our website. For this we use technically required cookies and, if you agree, cookies for analysis and marketing purposes. You can find more information about the cookies in our Privacy Policy. By tapping ‘Accept All,’ you consent to the use of these methods by us and third parties.

Necessary
Always Active
Analytics
Advertisement
Other