I'm missing the OAuth2 refresh token

Grayson Wright July 5, 2017

I'm attempting to use BitBucket's OAuth for a Rails application, using https://github.com/sishen/omniauth-bitbucket.

I'm able to get an access token, but it is expired as soon as I get it.

curl https://api.bitbucket.org/2.0/repositories/graysonwright/assemble_test/hooks -H "Authorization: Bearer PW92axQeF6AFbbRagm"
{"type": "error", "error": {"message": "Access token expired. Use your refresh token to obtain a new access token."}}

Normally, it seems like this shouldn't be a problem, because I should be able to exchange a refresh token for a new access token. But as far as I can tell, it doesn't look like I receive a refresh token anywhere in the OAuth process.

 

At what point in the OAuth process should I receive the refresh token? What is the refresh token called in the request? Anything else that I haven't checked yet?

 

Here's a dump of the oauth data that I receive:

--- !ruby/hash:OmniAuth::AuthHash
provider: bitbucket
uid: graysonwright
info: !ruby/hash:OmniAuth::AuthHash::InfoHash
  name: Grayson Wright
  avatar: https://bitbucket.org/account/graysonwright/avatar/32/?ts=1499275384
  email: REDACTED
credentials: !ruby/hash:OmniAuth::AuthHash
  token: REDACTED
  secret: REDACTED
extra: !ruby/hash:OmniAuth::AuthHash
  access_token: !ruby/object:OAuth::AccessToken
    token: REDACTED
    secret: REDACTED
    consumer: !ruby/object:OAuth::Consumer
      key: REDACTED
      secret: REDACTED
      options:
        :signature_method: HMAC-SHA1
        :request_token_path: "/api/1.0/oauth/request_token"
        :authorize_path: "/api/1.0/oauth/authenticate"
        :access_token_path: "/api/1.0/oauth/access_token"
        :proxy:
        :scheme: :header
        :http_method: :post
        :debug_output:
        :oauth_version: '1.0'
        :site: https://bitbucket.org
      debug_output:
      http: !ruby/object:Net::HTTP
        address: bitbucket.org
        port: 443
        local_host:
        local_port:
        curr_http_version: '1.1'
        keep_alive_timeout: 2
        last_communicated:
        close_on_empty_response: false
        socket:
        started: false
        open_timeout: 30
        read_timeout: 30
        continue_timeout:
        debug_output:
        proxy_from_env: true
        proxy_uri: false
        proxy_address:
        proxy_port:
        proxy_user:
        proxy_pass:
        use_ssl: true
        ssl_context: !ruby/object:OpenSSL::SSL::SSLContext
          verify_mode: 1
          verify_hostname: true
          ca_file: "/etc/ssl/certs/ca-certificates.crt"
          verify_depth: 5
        ssl_session: !ruby/object:OpenSSL::SSL::Session {}
        sspi_enabled: false
        ca_file: "/etc/ssl/certs/ca-certificates.crt"
        ca_path:
        cert:
        cert_store:
        ciphers:
        key:
        ssl_timeout:
        ssl_version:
        verify_callback:
        verify_depth: 5
        verify_mode: 1
      http_method: :post
      uri: !ruby/object:URI::HTTPS
        scheme: https
        user:
        password:
        host: bitbucket.org
        port: 443
        path: ''
        query:
        opaque:
        fragment:
        parser: !ruby/object:URI::RFC3986_Parser
          regexp:
            :SCHEME: !ruby/regexp /\A[A-Za-z][A-Za-z0-9+\-.]*\z/
            :USERINFO: !ruby/regexp /\A(?:%\h\h|[!$&-.0-;=A-Z_a-z~])*\z/
            :HOST: !ruby/regexp /\A(?:(?<IP-literal>\[(?:(?<IPv6address>(?:\h{1,4}:){6}(?<ls32>\h{1,4}:\h{1,4}|(?<IPv4address>(?<dec-octet>[1-9]\d|1\d{2}|2[0-4]\d|25[0-5]|\d)\.\g<dec-octet>\.\g<dec-octet>\.\g<dec-octet>))|::(?:\h{1,4}:){5}\g<ls32>|\h{,4}::(?:\h{1,4}:){4}\g<ls32>|(?:(?:\h{1,4}:)?\h{1,4})?::(?:\h{1,4}:){3}\g<ls32>|(?:(?:\h{1,4}:){,2}\h{1,4})?::(?:\h{1,4}:){2}\g<ls32>|(?:(?:\h{1,4}:){,3}\h{1,4})?::\h{1,4}:\g<ls32>|(?:(?:\h{1,4}:){,4}\h{1,4})?::\g<ls32>|(?:(?:\h{1,4}:){,5}\h{1,4})?::\h{1,4}|(?:(?:\h{1,4}:){,6}\h{1,4})?::)|(?<IPvFuture>v\h+\.[!$&-.0-;=A-Z_a-z~]+))\])|\g<IPv4address>|(?<reg-name>(?:%\h\h|[!$&-.0-9;=A-Z_a-z~])*))\z/
            :ABS_PATH: !ruby/regexp /\A\/(?:%\h\h|[!$&-.0-;=@-Z_a-z~])*(?:\/(?:%\h\h|[!$&-.0-;=@-Z_a-z~])*)*\z/
            :REL_PATH: !ruby/regexp /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~])+(?:\/(?:%\h\h|[!$&-.0-;=@-Z_a-z~])*)*\z/
            :QUERY: !ruby/regexp /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/
            :FRAGMENT: !ruby/regexp /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/
            :OPAQUE: !ruby/regexp /\A(?:[^\/].*)?\z/
            :PORT: !ruby/regexp /\A[\x09\x0a\x0c\x0d ]*\d*[\x09\x0a\x0c\x0d ]*\z/
    params:
      :oauth_token_secret: REDACTED
      oauth_token_secret: REDACTED
      :oauth_token: REDACTED
      oauth_token: REDACTED
    response: !ruby/object:Net::HTTPOK
      http_version: '1.1'
      code: '200'
      message: OK
      header:
        server:
        - nginx
        vary:
        - Authorization
        content-type:
        - application/json; charset=utf-8
        x-oauth-scopes:
        - repository, email
        strict-transport-security:
        - max-age=31536000; includeSubDomains; preload
        date:
        - Wed, 05 Jul 2017 21:52:51 GMT
        x-served-by:
        - app-162
        x-static-version:
        - 296a6a41c87d
        etag:
        - '"REDACTED"'
        x-content-type-options:
        - nosniff
        x-render-time:
        - '0.0347518920898'
        x-credential-type:
        - oauth1
        x-accepted-oauth-scopes:
        - email
        connection:
        - close
        x-version:
        - 296a6a41c87d
        x-request-count:
        - '165'
        x-frame-options:
        - SAMEORIGIN
        x-cache-info:
        - not cacheable; request contained Authorization header
        content-length:
        - '188'
      body: '[{"active": true, "is_atlassian_id": true, "email": "REDACTED",
        "primary": true}, {"active": true, "is_atlassian_id": false, "email": "REDACTED",
        "primary": false}]'
      read: true
      uri:
      decode_content: true
      socket:
      body_exist: true

 

Thanks for your help!

1 answer

0 votes
Ansudeen August 27, 2018

I'm also facing the same issue.please help

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events