API is giving unauthorised since this morning

Issue #12326 closed
Mark Freese
created an issue

The api was working correctly for the last few weeks and now it is giving an unauthorised each time I try to do requests. I have added curl requests to show you what is going wrong. I get the access token but the request fail after that.

curl -X POST -v -u Wt27EuYtJbqQ5hqtxC:{secret} --data "code=JEPYWnBdXKXafCeq3Z&grant_type=authorization_code" https://bitbucket.org/site/oauth2/access_token
*   Trying 104.192.143.2...
* Connected to bitbucket.org (104.192.143.2) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate: bitbucket.org
* Server certificate: DigiCert SHA2 Extended Validation Server CA
* Server certificate: DigiCert High Assurance EV Root CA
* Server auth using Basic with user 'Wt27EuYtJbqQ5hqtxC'
> POST /site/oauth2/access_token HTTP/1.1
> Host: bitbucket.org
> Authorization: Basic V3QyN0V1WXRK=YnFRNWhxdHhDOjZiNjNiQTRa--R1JWeFo===3bTZoNGFVbTVrMldzNG55YmtT
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Length: 53
> Content-Type: application/x-www-form-urlencoded
> 
* upload completely sent off: 53 out of 53 bytes
< HTTP/1.1 200 OK
< Server: nginx/1.6.2
< Vary: Accept-Language, Cookie
< Cache-Control: max-age=0
< Content-Type: application/json
< Strict-Transport-Security: max-age=31536000
< Date: Fri, 05 Feb 2016 09:00:37 GMT
< X-Served-By: app-104
< Expires: Fri, 05 Feb 2016 09:00:37 GMT
< Content-Language: en
< X-Static-Version: 93ed08e24088
< ETag: "e99e9d70083736aaf07998fad6589442"
< X-Content-Type-Options: nosniff
< X-Render-Time: 0.195780992508
< Connection: keep-alive
< Last-Modified: Fri, 05 Feb 2016 09:00:37 GMT
< X-Version: 93ed08e24088
< X-Request-Count: 183
< X-Frame-Options: SAMEORIGIN
< Content-Length: 265
< 
* Connection #0 to host bitbucket.org left intact
{"access_token": "{access_token}", "scopes": "snippet:write issue:write pullrequest:write project team account", "expires_in": 3600, "refresh_token": "EBgPgVFbjVLCy3Epne", "token_type": "bearer"}

curl -X GET -v -u x-token-auth:{access_token} https://api.bitbucket.org/2.0/user
*   Trying 104.192.143.6...
* Connected to api.bitbucket.org (104.192.143.6) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate: *.bitbucket.org
* Server certificate: DigiCert SHA2 High Assurance Server CA
* Server certificate: DigiCert High Assurance EV Root CA
* Server auth using Basic with user 'x-token-auth'
> GET /2.0/user HTTP/1.1
> Host: api.bitbucket.org
> Authorization: Basic eC10b2tlbi1hdXRoOmI3NGFVeUxYRG1YRlJBNW5Xbk9ULXFWY1RqTWZoVDFDalVhMGdYSmYwZUNnZlk5SXBCMVltREh1Nll4cHM4NnJ4eXFQdXkxd3hyWHZHYV9n===9PQ==
> User-Agent: curl/7.43.0
> Accept: */*
> 
< HTTP/1.1 401 UNAUTHORIZED
< Server: nginx/1.6.2
< Vary: Cookie
* Authentication problem. Ignoring this.
< WWW-Authenticate: Basic realm="Bitbucket.org HTTP"
< Content-Type: text/html; charset=utf-8
< Strict-Transport-Security: max-age=31536000
< Date: Fri, 05 Feb 2016 09:01:58 GMT
< X-Served-By: app22
< X-Static-Version: 93ed08e24088
< ETag: "d41d8cd98f00b204e9800998ecf8427e"
< X-Render-Time: 0.0161380767822
< Connection: keep-alive
< X-Version: 93ed08e24088
< X-Request-Count: 431
< X-Frame-Options: SAMEORIGIN
< Content-Length: 0
< 
* Connection #0 to host api.bitbucket.org left intact

Comments (2)

  1. Mark Freese reporter

    I am closing this ticket myself. Apparently -u x-token-auth:<access_token> does not work. It worked till this morning but stopped. The proper way of doing the authentication for the call the as below.

    curl -X GET -v --header "Authorization: Bearer <access_token>" https://api.bitbucket.org/2.0/user
    
  2. Log in to comment