Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

REST Session from username/password?

Denise Skidmore
Denise Skidmore June 21, 2024

I have a working python script that automatically adds/resolves comments/tasks to our PRs.  I authenticate thusly:

 

import os
from oauthlib.oauth2 import BackendApplicationClient
from requests_oauthlib import OAuth2Session
from requests.auth import HTTPBasicAuth
...
    client_secret = os.environ['lint_client_secret']
    client_id = os.environ['lint_client_id']
    client = BackendApplicationClient(client_id=client_id)
    oauth_session = OAuth2Session(client=client)
    _ = oauth_session.fetch_token(
        token_url=OAUTH2_TOKEN_URL,
        auth=HTTPBasicAuth(client_id, client_secret), timeout=300)
I don't want to store my client secret locally, but I would like to be able to test my script locally, so I'd like to have an interactive mode that takes the username and password from prompts when the bitbucket environment variables are missing.

https://developer.atlassian.com/cloud/bitbucket/authentication-for-apps/  Doesn't list a grant type that takes username and password.  How should I get a request.Session object that logs in with username and password and uses the user's permissions?  (I am an admin of my workspace, I expect all REST calls to be valid as my user unless specifically prohibited by merge restriction.)

Answer
Watch
Like Be the first to like this
205 views

2 answers

1 vote
Hariharan Iyer
Hariharan Iyer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 21, 2024

Hi @Denise Skidmore ,

 

If you're accessing bitbucket via a python script, you might consider using access tokens or app passwords as described here - https://developer.atlassian.com/cloud/bitbucket/rest/intro/#authentication

 

HTH!

 

~ Hariharan

View More Comments
Denise Skidmore
Denise Skidmore July 11, 2024

App passwords are still secrets the local user may not have.  I'm looking for a way for someone to log in with their normal password or maybe the SSL connection that already exists for push/pull activity, not an app specific password.

Like
Reply
0 votes
Jim Knepley - ReleaseTEAM
Jim Knepley - ReleaseTEAM
Atlassian Partner
June 21, 2024

To your first question: I like using the getpass library to get things like credentials:

client_secret = os.environ.get('lint_client_secret', getpass.getpass())

...but you could also use use input() or the readline library if you want to get fancy.

 

Regarding your second question: I suspect you'd need to use a custom authentication handler to add the JWT bearer token to a request.

View More Comments
Denise Skidmore
Denise Skidmore July 11, 2024

This extra step has not seemed necessary.  The values stored in "secured" environment variables are read by the script just fine.  The automated script that runs on the server runs just fine.  I'm looking at ways to modify the auth when running it on a dev machine that doesn't have those OS variables.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events