Create a Jira Ticket using REST API and Scan attachments using hybrid analysis
2 min read

Create a Jira Ticket using REST API and Scan attachments using hybrid analysis

Create a Jira Ticket using REST API and Scan attachments using hybrid analysis

We are going to create a Jira Ticket in Service desk using API

POST API:

https://<domain-name>.atlassian.net/rest/servicedeskapi/request

Request Headers:
Register your API_TOKEN in Jira under your "account settings > security > Api token" and then encode your token with base64

headers: {
        Accept: 'application/json',
        'Content-Type': 'application/json',
        Authorization: `Basic <ENCODED TOKEN>`
      }

Payload:

{
    raiseOnBehalfOf: 'email@example.com',
    serviceDeskId: '1',
    requestTypeId: '1',
    requestFieldValues: {
    summary: `Ticket Name`,
    description: `Description`
   	}
}

Once you create a ticket, you will get ticket id in response.

Attachments Validation:

Jira does not have native scanning feature for attachments. To prevent uploading malware files, it is better to have scanning the files before uploading to jira.

Mime Type Check
First, we are validating the file and its type. we are going to use https://www.npmjs.com/package/file-type

Install this package and in our example, we are going to allow only .png, .jpg, .mp4, .pdf and .zip file.

Here is the code to validate with file-type

const formData = new FormData()
formData.append('file', exampleFile)
const stream = fs.createReadStream(file.path)
const acceptedExt = ['pdf', 'mp4', 'png', 'jpg', 'jpeg']
const actualExt = await FileType.fromStream(stream)
if (!actualExt || !acceptedExt.includes(actualExt.ext)) {
return 'Please upload a valid file'
}
return 'Mime type verified'

Scan files using Hybrid Analysis

It is a free malware analysis service for the community that detects and analyzes unknown threats using a unique Hybrid Analysis technology. It provides public API to do quick scan.

Free Automated Malware Analysis Service - powered by Falcon Sandbox - Falcon Sandbox Public API v2.0
Submit malware for free analysis with Falcon Sandbox and Hybrid Analysis technology. Hybrid Analysis develops and licenses analysis tools to fight malware.

POST API:

https://www.hybrid-analysis.com/api/v2/quick-scan/file

Headers:

headers: {
        'Content-Type': 'multipart/form-data',
        Accept: 'application/json',
        'user-agent': 'Falcon Sandbox',
        'api-key': `API KEY`
      }

Payload:

formData: {
        file: {
          value: fs.createReadStream(req.files.file.path),
          options: {
            filename: req.files.file.name,
            contentType: req.files.file.type
          }
        },
        scan_type: 'all'
      }

If the file is malicious, in api response, it will be shown by antiviruses like virustotal and metadefender. based on that, you can restrict the file.

Once the scanning is successful, you can submit the attachment to the required jira ticket. Before assigning attachment to particular jira ticket, it should be uploaded using temporary upload api.

https://<domain-name>.atlassian.net/rest/servicedeskapi/servicedesk/${serviceDeskId}/attachTemporaryFile

once you submit the attachment, it will provide temporary attachment ids in the response. using that, you can attachment these attachments to the jira ticket

POST API:

https://cyware.atlassian.net/rest/servicedeskapi/request/${issueId}/attachment

Payload:

const attachmentModel = {
    temporaryAttachmentIds: [],
    public: true,
    additionalComment: {
    body: 'From API'
    }
}

That's it!!