1. Bitbucket
  2. Public Issue Tracker
  3. master
  4. Issues


Issue #9855 resolved

Make Raw Repository Requests on Private Repos Respect OAuth

Stephen Searles
created an issue

Requests like:

GET https://bitbucket.org/user/repo.git/info/refs?service=git-upload-pack

This works if you set your User-Agent to something that looks like git, and if you use Basic Authentication.

Can this type of request be made to work with OAuth?

Comments (3)

  1. Abhin Chhabra staff

    Hi Stephen Searles,

    As you probably know, that URL is for the git client on your machine to communicate with our git server. It is not meant to be used to develop against.

    For those purposes, we have a public API that includes endpoints for listing a repositories branches and tags.

  2. Stephen Searles reporter

    That's unfortunate. It would be prohibitively difficult to mimic raw git communication with your public API.

    Allowing OAuth for git communication would be ideal for allowing tools to work with bitbucket private repositories. For example, I'm extending go get for this, but as it stands, we have to choose between punching through bitbucket's user-level security (with a user that has global access to our team's repos), or asking people for their bitbucket password.

  3. Log in to comment