Application Link between Stash and JIRA fails due to systems clock not being synchronized

Troubleshooting JIRA Integration

On this page

Still need help?

The Atlassian Community is here for you.

Ask the community

Symptoms

Stash Application Link throws this error when trying to connect to a JIRA instance:

2014-09-17 12:49:42,672 ERROR [http-nio-7990-exec-3] ztaccardi @1M2JZ6Vx769x162x0 ap28qy 192.168.11.1 "GET /plugins/servlet/applinks/oauth/login-dance/authorize HTTP/1.1" c.a.a.c.a.oauth.OAuthApplinksServlet An error occurred when performing the oauth 'dance' for application link 'eCB JIRA (ea6bc4d5-d779-3527-ab7c-79e07567e5e8) https://ecb-collabralink.atlassian.net com.atlassian.applinks.application.jira.JiraApplicationTypeImpl@120536dd'
com.atlassian.applinks.core.auth.oauth.OAuthMessageProblemException: Failed to get token from service provider, problem was: 'timestamp_refused'
	at com.atlassian.applinks.core.auth.oauth.OAuthTokenRetriever$1.handle(OAuthTokenRetriever.java:128) ~[applinks-plugin-4.2.4_1408643294000.jar:na]
	at com.atlassian.sal.core.net.HttpClientRequest.executeAndReturn(HttpClientRequest.java:351) ~[HttpClientRequest.class:na]
	at com.atlassian.applinks.core.auth.oauth.OAuthTokenRetriever.requestToken(OAuthTokenRetriever.java:139) ~[applinks-plugin-4.2.4_1408643294000.jar:na]
	at com.atlassian.applinks.core.auth.oauth.OAuthTokenRetriever.getRequestToken(OAuthTokenRetriever.java:51) ~[applinks-plugin-4.2.4_1408643294000.jar:na]
	at com.atlassian.applinks.core.auth.oauth.OAuthApplinksServlet.obtainAndAuthorizeRequestToken(OAuthApplinksServlet.java:304) ~[applinks-plugin-4.2.4_1408643294000.jar:na]
	at com.atlassian.applinks.core.auth.oauth.OAuthApplinksServlet.doGet(OAuthApplinksServlet.java:164) ~[applinks-plugin-4.2.4_1408643294000.jar:na]
	at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:25) [applinks-plugin-4.2.4_1408643294000.jar:na]
	at com.atlassian.stash.internal.spring.security.StashAuthenticationFilter.doFilter(StashAuthenticationFilter.java:86) [StashAuthenticationFilter.class:na]
	at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doInsideSpringSecurityChain(BeforeLoginPluginAuthenticationFilter.java:111) [BeforeLoginPluginAuthenticationFilter.class:na]
	at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:77) [BeforeLoginPluginAuthenticationFilter.class:na]
	at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:100) [TrustedApplicationsFilter.class:na]
	at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:69) [atlassian-oauth-service-provider-plugin-1.9.2_1408643294000.jar:na]
	at com.atlassian.analytics.client.filter.DefaultAnalyticsFilter.doFilter(DefaultAnalyticsFilter.java:33) [analytics-client-3.40_1408643294000.jar:na]
	at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31) [AbstractHttpFilter.class:na]
	at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doBeforeBeforeLoginFilters(BeforeLoginPluginAuthenticationFilter.java:89) [BeforeLoginPluginAuthenticationFilter.class:na]
	at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:75) [BeforeLoginPluginAuthenticationFilter.class:na]
	at com.atlassian.stash.internal.request.DefaultRequestManager.doAsRequest(DefaultRequestManager.java:84) [DefaultRequestManager.class:na]
	at com.hazelcast.web.WebFilter.doFilter(WebFilter.java:450) [WebFilter.class:3.3-RC3]
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [na:1.7.0_51]
	at java.lang.Thread.run(Thread.java:744) [na:1.7.0_51]
	... 195 frames trimmed
 
 
 
2014-09-17 19:47:12,601 WARN  [http-nio-80-exec-10] @1VBDOXx1187x72x0 10.84.141.252,165.254.226.135 "POST /plugins/servlet/oauth/request-token HTTP/1.0" c.a.o.s.i.s.RequestTokenServlet Rejecting OAuth request for url "http://appian.collabralink.com/plugins/servlet/oauth/request-token" due to invalid timestamp ({oauth_problem=timestamp_refused, oauth_acceptable_timestamps=1410997332600-1410997932600}). This is most likely due to our system clock not being synchronized with the consumer's clock.

Cause

Application Links fail when the clocks are not synced.

Resolution

Synchronise both applications with NTP. For example, while trying to connect a Stash instance behind the firewall with a JIRA Cloud instance, executing the command below on Stash to get it in sync resolved the issue for an installation on Ubuntu:

$ sudo ntpdate ntp.ubuntu.com
Last modified on Feb 23, 2016

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.