Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,360,958
Community Members
 
Community Events
168
Community Groups

Oauth consumer App action using rest api are showing user instead of app

Hi,

I've developed an Oauth consumer app  and when I installed the app on my workspace and do oauth2.0 to get the access_token and  perform any action like approve pull request or comments on pull request using rest api the actions are performed  but it shows the name of the account user who installed the app I want to perform action based on the App itself such as when a comment is added it should not show user name as the commentator rather it should show the app name.

 

Is it possible ? if yes can you please refer me to the documentation which i need to follow to achieve the above scenario.

Thanks 

1 answer

Hi @Hidayat Ullah ,

It is possible to do that, i.e. do things as an app.  However you'd need to build the app differently.  Documentation is here: https://developer.atlassian.com/cloud/bitbucket/integrating-with-bitbucket-cloud/  .  For example, you can build an app using the "Connect" framework.

@marc -Collabello--Phase Locked-  

Thanks for you response I'm already using the app descriptor and have the addon created in bitbucekt and using the header jwt but still when the rest api post comment it show the name of the user who install the app it does not show the app name.

I've manually created app at https://bitbucket.org/account/apps  and then I'm calling 

https://bitbucket.org/site/oauth2/access_token

to get the access token using jwt created with app secret and than using that access_token return from above url to post comment or approve pr etc... but it does not perform actions based on app.

Can you please help in this regard if anything is missing?

A connect app is different from an OAuth app.

As soon as you get and use the OAuth access token, your app acts as an OAuth app, impersonating a user.

I'd recommend to start with a pure connect app, and then copy over your application code, but not the authentication code.

 

For a connect app, you can use ACE: https://bitbucket.org/atlassian/atlassian-connect-express/src/master/

@marc -Collabello--Phase Locked- 

How can i call the rest api without access token using connect app?

Have a look in the README of the above bitbucket repository.  The code has a httpClient with authentication to call the REST API.

I'm using Php the documentation is specifically for node.js.

Yes, it's possible in principle.  I'd look to find an open source library which already does it, or look into https://developer.atlassian.com/cloud/confluence/understanding-jwt/

I'm already using the jwt but the jwt by self return unauthenticated error when used for REST api and when i get an access_token using  jwt from below endpoint then the actions are performed on user behalf.

https://bitbucket.org/site/oauth2/access_token

can you confirm is there any scope needed for the jwt? I already have 

pullrequest:write

scope in the app descriptor. 

Like Andrey Kim likes this

The OAuth JWT and the Connect JWT differ.  You can't use an OAuth JWT "as" a Connect JWT.

Like Andrey Kim likes this

I'm not using the OAuth JWT I'm using the connect JWT which I got from below endpoint after user install the connect app

https://bitbucket.org/site/addons/authorize

Also the JWT is working for some end points like user details but not working for Pull request comments.

You need to check the docs for the API endpoints: https://developer.atlassian.com/cloud/bitbucket/rest/api-group-pullrequests/#api-repositories-workspace-repo-slug-pullrequests-pull-request-id-comments-post says this is available for OAuth, but it is not available for Connect (i.e. Connect is not mentioned for the scopes).

You mean that this api is not available for connect app right ?

indeed, not available

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PERMISSIONS LEVEL
Site Admin
TAGS
Community showcase
Published in Bitbucket

Git push size limits are coming to Bitbucket Cloud starting April 4th, 2022

Beginning on April 4th, we will be implementing push limits. This means that your push cannot be completed if it is over 3.5 GB. If you do attempt to complete a push that is over 3.5 GB, it will fail...

3,486 views 3 10
Read article

Atlassian Community Events