I'm attempting to use BitBucket's OAuth for a Rails application, using https://github.com/sishen/omniauth-bitbucket.
I'm able to get an access token, but it is expired as soon as I get it.
curl https://api.bitbucket.org/2.0/repositories/graysonwright/assemble_test/hooks -H "Authorization: Bearer PW92axQeF6AFbbRagm" {"type": "error", "error": {"message": "Access token expired. Use your refresh token to obtain a new access token."}}
Normally, it seems like this shouldn't be a problem, because I should be able to exchange a refresh token for a new access token. But as far as I can tell, it doesn't look like I receive a refresh token anywhere in the OAuth process.
At what point in the OAuth process should I receive the refresh token? What is the refresh token called in the request? Anything else that I haven't checked yet?
Here's a dump of the oauth data that I receive:
--- !ruby/hash:OmniAuth::AuthHash provider: bitbucket uid: graysonwright info: !ruby/hash:OmniAuth::AuthHash::InfoHash name: Grayson Wright avatar: https://bitbucket.org/account/graysonwright/avatar/32/?ts=1499275384 email: REDACTED credentials: !ruby/hash:OmniAuth::AuthHash token: REDACTED secret: REDACTED extra: !ruby/hash:OmniAuth::AuthHash access_token: !ruby/object:OAuth::AccessToken token: REDACTED secret: REDACTED consumer: !ruby/object:OAuth::Consumer key: REDACTED secret: REDACTED options: :signature_method: HMAC-SHA1 :request_token_path: "/api/1.0/oauth/request_token" :authorize_path: "/api/1.0/oauth/authenticate" :access_token_path: "/api/1.0/oauth/access_token" :proxy: :scheme: :header :http_method: :post :debug_output: :oauth_version: '1.0' :site: https://bitbucket.org debug_output: http: !ruby/object:Net::HTTP address: bitbucket.org port: 443 local_host: local_port: curr_http_version: '1.1' keep_alive_timeout: 2 last_communicated: close_on_empty_response: false socket: started: false open_timeout: 30 read_timeout: 30 continue_timeout: debug_output: proxy_from_env: true proxy_uri: false proxy_address: proxy_port: proxy_user: proxy_pass: use_ssl: true ssl_context: !ruby/object:OpenSSL::SSL::SSLContext verify_mode: 1 verify_hostname: true ca_file: "/etc/ssl/certs/ca-certificates.crt" verify_depth: 5 ssl_session: !ruby/object:OpenSSL::SSL::Session {} sspi_enabled: false ca_file: "/etc/ssl/certs/ca-certificates.crt" ca_path: cert: cert_store: ciphers: key: ssl_timeout: ssl_version: verify_callback: verify_depth: 5 verify_mode: 1 http_method: :post uri: !ruby/object:URI::HTTPS scheme: https user: password: host: bitbucket.org port: 443 path: '' query: opaque: fragment: parser: !ruby/object:URI::RFC3986_Parser regexp: :SCHEME: !ruby/regexp /\A[A-Za-z][A-Za-z0-9+\-.]*\z/ :USERINFO: !ruby/regexp /\A(?:%\h\h|[!$&-.0-;=A-Z_a-z~])*\z/ :HOST: !ruby/regexp /\A(?:(?<IP-literal>\[(?:(?<IPv6address>(?:\h{1,4}:){6}(?<ls32>\h{1,4}:\h{1,4}|(?<IPv4address>(?<dec-octet>[1-9]\d|1\d{2}|2[0-4]\d|25[0-5]|\d)\.\g<dec-octet>\.\g<dec-octet>\.\g<dec-octet>))|::(?:\h{1,4}:){5}\g<ls32>|\h{,4}::(?:\h{1,4}:){4}\g<ls32>|(?:(?:\h{1,4}:)?\h{1,4})?::(?:\h{1,4}:){3}\g<ls32>|(?:(?:\h{1,4}:){,2}\h{1,4})?::(?:\h{1,4}:){2}\g<ls32>|(?:(?:\h{1,4}:){,3}\h{1,4})?::\h{1,4}:\g<ls32>|(?:(?:\h{1,4}:){,4}\h{1,4})?::\g<ls32>|(?:(?:\h{1,4}:){,5}\h{1,4})?::\h{1,4}|(?:(?:\h{1,4}:){,6}\h{1,4})?::)|(?<IPvFuture>v\h+\.[!$&-.0-;=A-Z_a-z~]+))\])|\g<IPv4address>|(?<reg-name>(?:%\h\h|[!$&-.0-9;=A-Z_a-z~])*))\z/ :ABS_PATH: !ruby/regexp /\A\/(?:%\h\h|[!$&-.0-;=@-Z_a-z~])*(?:\/(?:%\h\h|[!$&-.0-;=@-Z_a-z~])*)*\z/ :REL_PATH: !ruby/regexp /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~])+(?:\/(?:%\h\h|[!$&-.0-;=@-Z_a-z~])*)*\z/ :QUERY: !ruby/regexp /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/ :FRAGMENT: !ruby/regexp /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/ :OPAQUE: !ruby/regexp /\A(?:[^\/].*)?\z/ :PORT: !ruby/regexp /\A[\x09\x0a\x0c\x0d ]*\d*[\x09\x0a\x0c\x0d ]*\z/ params: :oauth_token_secret: REDACTED oauth_token_secret: REDACTED :oauth_token: REDACTED oauth_token: REDACTED response: !ruby/object:Net::HTTPOK http_version: '1.1' code: '200' message: OK header: server: - nginx vary: - Authorization content-type: - application/json; charset=utf-8 x-oauth-scopes: - repository, email strict-transport-security: - max-age=31536000; includeSubDomains; preload date: - Wed, 05 Jul 2017 21:52:51 GMT x-served-by: - app-162 x-static-version: - 296a6a41c87d etag: - '"REDACTED"' x-content-type-options: - nosniff x-render-time: - '0.0347518920898' x-credential-type: - oauth1 x-accepted-oauth-scopes: - email connection: - close x-version: - 296a6a41c87d x-request-count: - '165' x-frame-options: - SAMEORIGIN x-cache-info: - not cacheable; request contained Authorization header content-length: - '188' body: '[{"active": true, "is_atlassian_id": true, "email": "REDACTED", "primary": true}, {"active": true, "is_atlassian_id": false, "email": "REDACTED", "primary": false}]' read: true uri: decode_content: true socket: body_exist: true
Thanks for your help!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.