Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Private snippet API not working as in docs

Serhii Serhiienko
Serhii Serhiienko January 10, 2022

In docs written that we can access  snippet via 

```

curl --request GET \ --url 'https://api.bitbucket.org/2.0/snippets/{workspace}/{encoded_id}/files/{path}' \ --header 'Authorization: Bearer <access_token>'

```

However that not works with private repository.

Steps to reproduce:

* Create snippet in your workspace and make visble to you only

* try curl 'https://api.bitbucket.org/2.0/snippets/{workspace}/{encoded_id}/files/{path}' via your app/username(created via 'App password' in account)
* got 401, but  try curl 'https://api.bitbucket.org/2.0/snippets/{workspace}/{encoded_id}/ is acessible

* make your snippet public

* try curl 'https://api.bitbucket.org/2.0/snippets/{workspace}/{encoded_id}/files/{path}' without user(it works)

Also strange thing that I'm able to retrieve snippet's raw file when specifying sha(https://api.bitbucket.org/2.0/snippets/{workspace}/{encoded_id}/{node_id}/files/{path}' ), but it strange,  and will change every time. But goal is to use snippet in scripts

Answer
Watch
Like Be the first to like this
380 views

2 answers

0 votes
Serhii Serhiienko
Serhii Serhiienko January 12, 2022

Hi @seanaty , Sorry still don't get, I already provided user. Will give you real examples:

 

This code works, returns 200, and content

```

# password created via 'App password' in account, here is just example of any user/pass combination

SNIPPET_AUTH=user:password

curl -L "https://bitbucket.org/api/2.0/snippets/<worksapce-id>/<encoded-id>/6d6fa27ad8606f5df7e41530811a910171e0bbf8/files/test" --user $SNIPPET_AUTH

```

This code returns 401, only difference is commit hash is absent. Use case for this, is that I want always get latest version of file.

```

SNIPPET_AUTH=user:password

curl -L "https://bitbucket.org/api/2.0/snippets/<worksapce-id>/<encoded-id>/files/test" --user $SNIPPET_AUTH

```

 

View More Comments
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 18, 2022

Hi @Serhii Serhiienko,

I have tested this with one of my own private snippets and it seems to work ok, e.g. this call gives me the latest version of my snippet:

curl -L https://api.bitbucket.org/2.0/snippets/<workspace-id>/<encoded-id>/files/mysnippet.txt --user username:app-password

For testing purposes, could you include your Bitbucket username and app-password in the curl command like in my example, instead of using the variable SNIPPET_AUTH you created?

Do you remember if the app password was created with permissions to read snippets?

Kind regards,
Theodora

Like
Serhii Serhiienko
Serhii Serhiienko January 18, 2022

Hi @Theodora Boudale , created new account to share passwords,  here is call, user/pass are real, should return `test`

curl -L https://api.bitbucket.org/2.0/snippets/<workspace-id>/<encoded-id>/files/test --user Password:<app-password>

 returns 401 now. 
You can play with it, login to bibucket with cred <email>/<password>

2022-01-19_07-35_1.png

Like
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 19, 2022

Hi @Serhii Serhiienko,

For security reasons, we cannot use other users' credentials, even if they're of a test account, but I think I may see the reason for the 401.

In the curl call you provided in your last reply, you are using

--user Password:<app-password>

However, Password is the Full name of this test Bitbucket account, not its username. The username of a Bitbucket account can be found here (after you log in), next to the field named "Username" (not the "Name"):

Can you check if the curl call works if you use the Username listed in the link above?

Just a heads up, I removed emails and app passwords from your replies, as well as the workspace ids, for privacy reasons.

Kind regards,
Theodora

Like
Serhii Serhiienko
Serhii Serhiienko January 19, 2022

Hi @Theodora Boudale , in initial question I already used username, just missed it with temp repository2022-01-20_08-36.png

Like
Reply
0 votes
seanaty
seanaty
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 10, 2022

401 means that you are unauthenticated. The problem is with your authentication, as you guessed.

An app password is not a Bearer token, you still need to provide your Bitbucket username like this:

--user 'my-username:my-app-password'

 I was curious about the --user param and checked to see what header curl was using with it and it looks like it does this:

authorization: Basic bXktdXNlcm5hbWU6bXktYXBwLXBhc3N3b3Jk

 The value there is 'my-username:my-app-password' but base64-encoded.

Hope this helps!

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events