feat(jira): Add Bearer Token Authentication and SSL Certificate Support

[vellanki-santhosh]

Summary

Add enterprise-grade authentication options for the JIRA Tool, enabling connections to self-hosted JIRA instances that require Bearer tokens and/or custom SSL certificates.

Motivation

Many enterprise environments use self-hosted JIRA (Data Center/Server) instances that:

• Require Bearer Token (PAT) authentication instead of Basic Auth
• Use custom SSL certificates (self-signed or internal CA)

This PR enables these use cases while maintaining full backward compatibility.

Changes

Added

• Bearer Token authentication for enterprise/self-hosted JIRA instances
• SSL certificate configuration (sslCertPath, sslKeyPath, verifySslCerts)
• Comprehensive test suite - Unit tests, integration tests, and regression tests
• JIRA Tool documentation - README.md with authentication guides and troubleshooting
• CHANGELOG.md - Release notes for v3.0.13

Changed

• JiraApi credential updated to v2.0 with authentication type selector
• BaseJiraTool refactored with buildHeaders() and buildFetchOptions() methods

Files Modified

• packages/components/credentials/JiraApi.credential.ts
• packages/components/nodes/tools/Jira/Jira.ts
• packages/components/nodes/tools/Jira/core.ts
• packages/components/nodes/tools/Jira/Jira.test.ts (new)
• packages/components/nodes/tools/Jira/README.md (new)
• CHANGELOG.md (new)

Backward Compatibility

✅ No breaking changes - Basic Auth (email + apiToken) continues to work exactly as before.
✅ Existing users require no configuration changes.

Testing

• Unit tests for authentication header generation
• Unit tests for SSL certificate configuration
• Integration tests with mock JIRA server
• Regression tests for Basic Auth backward compatibility
• Error handling tests

Screenshots

N/A - Backend changes only

Checklist

• Code follows project style guidelines
• Tests added for new functionality
• Documentation updated
• Backward compatibility maintained
• No console errors or warnings

[gemini-code-assist]

Summary of Changes

Hello @vellanki-santhosh, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the Jira Tool's capabilities by introducing enterprise-grade authentication and security features. It allows users to connect to self-hosted Jira instances using Bearer Tokens and provides robust support for custom SSL certificates, including client certificates and CA certificates, with an option to disable verification for development. These additions ensure broader compatibility and secure communication with various Jira deployments, all while maintaining full backward compatibility with existing Basic Authentication setups.

Highlights

• Bearer Token Authentication: Added support for Bearer Token authentication, enabling connections to enterprise/self-hosted Jira instances that require token-based authentication.
• SSL Certificate Support: Introduced options for specifying SSL certificate paths (sslCertPath, sslKeyPath) and controlling SSL verification (verifySslCerts) for secure connections to Jira servers with custom certificates.
• Credential Update: The JiraApi credential was updated to version 2.0, including a new authentication type selector for choosing between Basic Auth and Bearer Token.
• Code Refactoring: The BaseJiraTool class was refactored with dedicated buildHeaders() and buildFetchOptions() methods for cleaner authentication and request handling logic.
• Enhanced Testing & Documentation: A comprehensive test suite (unit, integration, regression) was added to validate the new features, along with detailed documentation in README.md and a new CHANGELOG.md entry.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces significant enhancements to the JIRA Tool by adding support for Bearer Token authentication and custom SSL certificates, which is crucial for enterprise and self-hosted JIRA instances. The changes are well-structured, including updates to credentials, core logic, and the addition of comprehensive documentation and a test suite. My feedback focuses on improving the clarity of error messages, correcting a potential misunderstanding in the test suite's error handling assertions, and refining a UI description for better user understanding. Overall, this is a solid contribution that greatly improves the JIRA tool's capabilities.

[gemini-code-assist]

The tests using rejects.toThrow() seem to be based on an incorrect assumption. The _call methods in the tool classes (e.g., GetIssueTool) are designed to catch exceptions and return a formatted error string, causing the invoke() promise to resolve with an error message rather than reject. These tests will likely fail and should be updated to check for a resolved promise containing the error message, for example: await expect(getIssueTool.invoke(...)).resolves.toContain('Error message');. This issue applies to all similar rejects.toThrow() assertions in this test suite.

[gemini-code-assist]

The description for sslCertPath is a bit restrictive. It can be used for custom CA certificates or client certificates for mTLS, not just self-signed certificates. A more general description would be more accurate and helpful for users, aligning better with the scenarios described in the new README.md.

Suggested change

	description: 'Path to SSL certificate file for self-signed certificates',
	description: 'Path to the SSL certificate file (e.g., custom CA, client certificate for mTLS).',

[gemini-code-assist]

The current error handling wraps all errors, including Jira API errors (like 401 Unauthorized), with the prefix "Failed to connect to Jira:". This can be misleading, as an API error implies the connection was successful but the request was invalid for other reasons (e.g., authentication). It would be better to only wrap network-level errors and re-throw API errors as they are for better error diagnosis.

        } catch (error) {
            if (error instanceof Error) {
                // Avoid re-wrapping Jira API errors, as they indicate a successful connection but a failed request.
                if (error.message.startsWith('Jira API Error')) {
                    throw error
                }
                // Wrap network or other connection-level errors.
                throw new Error(`Failed to connect to Jira: ${error.message}`)
            }
            throw error
        }

[vellanki-santhosh]

✅ Addressed Gemini Code Review Feedback

Thanks for the review! I've pushed fixes addressing all the flagged issues:

Changes Made

1. Fixed Test Assertions

   • Changed rejects.toThrow() → resolves.toContain() for all error handling tests
   • Tests now correctly verify that tools return error strings instead of throwing

2. Updated sslCertPath Description

   • Old: "Path to SSL certificate file for self-signed certificates"
   • New: "Path to the SSL certificate file (e.g., custom CA, client certificate for mTLS)"
   • More general and accurate for various use cases

3. Refined Error Handling in core.ts

   • API errors (e.g., 401, 403, 500) are no longer re-wrapped
   • Only network/connection errors get the Failed to connect to Jira: prefix
   • Improves clarity when diagnosing authentication vs. connectivity issues

---

Commit: 9326b560 - fix: Address Gemini code review feedback

The PR is now ready for maintainer approval. 🚀

[vellanki-santhosh]

Thanks for the review @gemini-code-assist!
I’ve updated the test assertions to check for resolved error messages, refined the sslCertPath description to cover CA/mTLS scenarios, and improved error handling in core.ts to distinguish API vs. network errors.
All tests pass locally, documentation and changelog are updated, and backward compatibility is preserved.
This PR is now ready for workflow approval and merge

[gemini-code-assist]

Thanks for the update, @vellanki-santhosh! I appreciate you addressing the feedback and making these improvements. The changes you've outlined, especially refining the test assertions to resolves.toContain() and improving the error handling in core.ts to distinguish between API and network errors, significantly enhance the robustness and clarity of the code. The updated sslCertPath description also provides better context for users.

Great work on these fixes! The pull request looks good to proceed for workflow approval and merge. 🚀