Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Oauth clarifications using PHP composer

torbjorn_stabo
torbjorn_stabo
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
October 18, 2021

Hi.

  I'm trying to run the command 'composer show --all', that is, the PHP package manager.

  When I do that I get this output:

 

Invalid OAuth consumer provided.
This can have two reasons:
1. You are authenticating with a bitbucket username/password combination
2. You are using an OAuth consumer, but didn't configure a (dummy) callback url

Could not fetch https://api.bitbucket.org/2.0/repositories/organisation/plugins?fields=-project%2C-owner, please create a bitbucket OAuth token to access private repos
Follow the instructions on https://support.atlassian.com/bitbucket-cloud/docs/use-oauth-on-bitbucket-cloud/
to create a consumer. It will be stored in "/home/ts/.composer/auth.json" for future use by Composer.
Ensure you enter a "Callback URL" (http://example.com is fine) or it will not be possible to create an Access Token (this callback url will not be used by composer)
Consumer Key (hidden):

My next question is: Is that Consumer key repo specific? Or is it account specific? (The instructions mention that "You can create a consumer on any existing workspace.", not sure what that means in this case.)

I don't have access to Settings for that particular repo, so if the auth strings are repo specific I guess I should talk to the repo admins?

 

Answer
Watch
Like Be the first to like this
2642 views

1 answer

0 votes
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 19, 2021

Hi @torbjorn_stabo and welcome to the community.

An OAuth consumer is associated with a workspace, not a repo.

E.g. if the repo url is https://bitbucket.org/some-name/repo-name, then https://bitbucket.org/some-name is the url of the workspace that owns the repo.

You will need to contact someone that has admin access to the workspace (and not only to the repo). They should then be able to access the OAuth consumers for this workspace from the workspace's Settings. They can edit the OAuth consumer you are using and add a dummy Callback URL for this specific consumer.

Please feel free to let me know if you have any questions.

Kind regards,
Theodora

View More Comments
torbjorn_stabo
torbjorn_stabo
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
October 19, 2021

@ThHi. Thank you very much for the answer! That explains some things. I do have some more questions, though:

If I run composer search <my package name>, that is, the PHP package handler, I do get some output. But only as long as my package is situated in the main branch. If I search for packages "located" in other branches I get no output from composer. I take it that means that the connection works? I was told that composer doesn't support packages in other branches. But on the other hand I created "some" consumer key outside the workspace in question, in another workspace where I'm admin. I do not have access to Settings for "this" workspace, as described in the "Use oauth on..." support link above.

..so I take it that because of that I need to talk to the workspace admins to get the key(s) that work for that particular workspace, like you said?

Like
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 20, 2021

Hi @torbjorn_stabo,

Regarding your first question, I'm afraid that I am not very familiar with composer, so I am not sure if what you describe with packages being on branches other than the main one is expected or not.

An OAuth consumer is generated for a specific workspace, and it gives access to repos owned by that workspace. If you need to authenticate via OAuth, and you don't see the Settings of the workspace that owns this repo, then yes, you'll need to talk to the workspace admins regarding the OAuth consumer.

Kind regards,
Theodora

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security