Details
-
Improvement
-
Status: Open (View Workflow)
-
Major
-
Resolution: Unresolved
-
None
Description
Right now Bitbucket Source plugin requires putting personal password to be able to monitor branches. This is a security risk to expose such information. The proper way would be to create an OAuth consumer on Bitbucket side, set proper access permissions and use OAuth key+secret to authenticate to Bitbucket.
Attachments
Activity
Maxim Kulkin
created issue -
jake bishop
made changes -
| Field | Original Value | New Value |
|---|---|---|
| Comment |
[ Is it true that this does not work at the moment? I have been trying to use OAuth credentials an i just get: {code} Started Consulting Bitbucket Team/Project Connecting to https://bitbucket.org using xxxx/****** (xxxxx) FATAL: Failed to recompute children of my-job com.cloudbees.jenkins.plugins.bitbucket.api.BitbucketRequestException: HTTP request error. Status: 401: UNAUTHORIZED. at com.cloudbees.jenkins.plugins.bitbucket.client.BitbucketCloudApiClient.getRequest(BitbucketCloudApiClient.java:416) at com.cloudbees.jenkins.plugins.bitbucket.client.BitbucketCloudApiClient.getTeam(BitbucketCloudApiClient.java:328) at com.cloudbees.jenkins.plugins.bitbucket.BitbucketSCMNavigator.visitSources(BitbucketSCMNavigator.java:164) at jenkins.branch.OrganizationFolder.computeChildren(OrganizationFolder.java:125) at com.cloudbees.hudson.plugins.folder.computed.ComputedFolder.updateChildren(ComputedFolder.java:154) at com.cloudbees.hudson.plugins.folder.computed.FolderComputation.run(FolderComputation.java:122) at hudson.model.ResourceController.execute(ResourceController.java:98) at hudson.model.Executor.run(Executor.java:410) Finished: FAILURE {code} ] |
jake bishop
added a comment - Would it be possible to increase the prority of this issue? Our company will not allow it's use unless we can use secure authentication methods, and this plugin looks great and just what we need.
jake bishop
added a comment - Would it be possible to increase the prority of this issue? Our company will not allow it's use unless we can use secure authentication methods, and this plugin looks great and just what we need. jake bishop
added a comment - Sorry to be persistent 
, is there any news about this? We would very much like to be able to use this plugin. Is there any way we can help? Unfortunately we are do not have experience in jenkins development (only usage), but we are happy to contribute where possible.
jake bishop
added a comment - Sorry to be persistent , is there any news about this? We would very much like to be able to use this plugin. Is there any way we can help? Unfortunately we are do not have experience in jenkins development (only usage), but we are happy to contribute where possible. | Workflow | JNJira [ 170325 ] | JNJira + In-Review [ 183856 ] |
David Ham
added a comment - At the least, could you update the landing page for this plugin to reflect the fact that it doesn't support OAuth? I worked on this for a long time before finding this ticket. As far as the Jenkins credentials page is concerned, OAuth credentials are the same as other username/password. Putting this in the README would help a lot. Thanks.
David Ham
added a comment - At the least, could you update the landing page for this plugin to reflect the fact that it doesn't support OAuth? I worked on this for a long time before finding this ticket. As far as the Jenkins credentials page is concerned, OAuth credentials are the same as other username/password. Putting this in the README would help a lot. Thanks. 
Thorsten Hoeger
added a comment - This issue renders the plugin useless. Is there any ETA for this to be implemented
Thorsten Hoeger
added a comment - This issue renders the plugin useless. Is there any ETA for this to be implemented 
Steven Clark
added a comment - Hey guys, at least mentioning that OAuth doesn't work would be a great help for other developers. I've spent a good couple of hours trying different options and permissions for my Bitbucket OAuth key. Our company uses two factor authentication for normal BB users and it's only after trying an account that didn't have 2 factor auth turned on that I've finally got this plugin working.
Steven Clark
added a comment - Hey guys, at least mentioning that OAuth doesn't work would be a great help for other developers. I've spent a good couple of hours trying different options and permissions for my Bitbucket OAuth key. Our company uses two factor authentication for normal BB users and it's only after trying an account that didn't have 2 factor auth turned on that I've finally got this plugin working. Steven Clark
made changes -
| Priority | Minor [ 4 ] | Major [ 3 ] |
Weynham Zheng
added a comment - Same here, after enabled two factors auth, tried app passwords, won't work either.
Weynham Zheng
added a comment - Same here, after enabled two factors auth, tried app passwords, won't work either. Having the same issue. With SAML/SSO configured, App Passwords do not work.
Using bitbucket-branch-source-plugin version 2.2.14
Is it true that OAuth does not work at the moment? I have been trying to use them in the credentials but i keep getting:
Started Consulting Bitbucket Team/Project Connecting to https://bitbucket.org using xxxxxxx/****** (Credentials Name) FATAL: Failed to recompute children of my-project com.cloudbees.jenkins.plugins.bitbucket.api.BitbucketRequestException: HTTP request error. Status: 401: UNAUTHORIZED. at com.cloudbees.jenkins.plugins.bitbucket.client.BitbucketCloudApiClient.getRequest(BitbucketCloudApiClient.java:416) at com.cloudbees.jenkins.plugins.bitbucket.client.BitbucketCloudApiClient.getTeam(BitbucketCloudApiClient.java:328) at com.cloudbees.jenkins.plugins.bitbucket.BitbucketSCMNavigator.visitSources(BitbucketSCMNavigator.java:164) at jenkins.branch.OrganizationFolder.computeChildren(OrganizationFolder.java:125) at com.cloudbees.hudson.plugins.folder.computed.ComputedFolder.updateChildren(ComputedFolder.java:154) at com.cloudbees.hudson.plugins.folder.computed.FolderComputation.run(FolderComputation.java:122) at hudson.model.ResourceController.execute(ResourceController.java:98) at hudson.model.Executor.run(Executor.java:410) Finished: FAILURE