- edited description
Allow authentication method PAT (Personal Access Token) not just for Jira but also for Bitbucket
Issue #820
new
Hi Atlassian team!
We are trying this plugin and it seems a good one. There is one problem, the developers in our company don’t have the password of their users because we use MFA authentication and for API based access we use Personal API tokens in Jira and Bitbucket:
https://confluence.atlassian.com/enterprise/using-personal-access-tokens-1026032365.html
Right now, the plugin allows to connect to a Bitbucket Server instance but only using username/password (Basic Authentication).
Basic authentication is not secure and is disabled for us. We already use Personal Access Tokens in production throughout all Citrix XenServer development teams using Bearer authentication. This is an example with curl as client:
curl -v --oauth2-bearer $PAT https://<internal bitbucket server>/rest/api/1.0/users/userslug?avatarSize=48
Bearer Authorization is already available in atlascode, but not yet enabled for Bitbucket, it just was requested for Jira and not for Bitbucket:
https://bitbucket.org/atlassianlabs/atlascode/issues/237/allow-saml-sso-as-authentication-method
It seems that all that remains for atlascode is to allow Bearer Authorization for Bitbucket as well.
Is PAT authentication method something you have in your backlog? If not, are you planning to add it?
PS: I’ve created a Pull Request as an example how it could be done. Login succeeds and the avatar is shown, didn’t test pull request management with it yet:
https://bitbucket.org/atlassianlabs/atlascode/pull-requests/1050/bitbucket-add-support-for-login-by-api
In case non-developers are interested to help testing it, I attached a pre-release build of this PR to this issue. To install is press Ctrl-Shift-P, search for “Extensions: Install from VSIX…” and navigate to the downloaded attachment.
Thanks!
Comments (8)
-
reporter
-
reporter
- edited description
-
Hi. Any progress on merging this PR? It provides valuable functionality to the VSCode extension.
-
- attached atlascode-4.0.1.vsix
<div class="preview-container wiki-content"><!-- loaded via ajax --></div> <div class="mask"></div> </div></div> </form>
-
this used to work - i was in here in this plugin 6+ months ago and creating PRs from VSCode using my token as we’re behind MFA as well…
-
Any progress on this issue?
-
There have been no new commits in more than 4 weeks, to the main repo:
https://bitbucket.org/atlassianlabs/atlascode/commits/branch/mainAlso, we could not test this anymore, because of Bitbucket API changes that were made in this plugin or the self-hosted version of BitBucket.
This whole vscode extension looks like to be in a limbo, not well-cared and not well-supported by Atlassian.
I created a new ticket to get answers from Atlassian:
https://bitbucket.org/atlassianlabs/atlascode/issues/5400/status-of-this-plugin-please-review -
Thankfully there’s fresh commits, so not in limbo (also 4 weeks isn’t all that long for a big org, sadly; ask me how I know 🙃).
- Log in to comment