search

MunifTanjim / node-bitbucket

Bitbucket API client for Browser and Node.js
https://bitbucketjs.netlify.app
MIT License
105 stars 31 forks source link

Where do I get the token from? #104

Closed muuvmuuv closed 2 years ago

muuvmuuv commented 3 years ago

I would like to use the token since its easier to provide in CI evns and I can revoke it later. But where do I get that token from? Jira uses some token and its generated here: https://id.atlassian.com/manage-profile/security/api-tokens

MunifTanjim commented 3 years ago

You can create "App Password" with specific permission from here: https://bitbucket.org/account/settings/app-passwords/ and use that instead of you password.

muuvmuuv commented 2 years ago

@MunifTanjim sorry but this does not work. I created one with read permissions on pull-requests and pipelines, replaced my personal pw with the generated app-password and get a 401.

MunifTanjim commented 2 years ago

Unless you show some example codes or give details about which API you're trying to call and what is the exact permission of your app-password, I don't know how to help you.

Getting 401 generally means that your app-password doesn't have sufficient permission for the API endpoint you're trying to call.

muuvmuuv commented 2 years ago

These are the ones I use, like I said I am reading pull-request and pipeline status:

const bitbucket = new Bitbucket.Bitbucket({
            auth: {
                username: 'xxxxx',
                password: "my-app-password"
            },
        })
bitbucket.pullrequests.list({
                sort: "-created_on",
                pagelen: 33,
                state: "OPEN"
            })
bitbucket.pipelines.list({
                sort: "-created_on",
                pagelen: 111
            })
MunifTanjim commented 2 years ago

pullrequests.list needs workspace and repo_slug params. Those two params aren't there in your example code.

If you still get 401 then your app password doesn't have enough permission to access the repo.

muuvmuuv commented 2 years ago

@MunifTanjim I just excluded them to not reveal sensitive data.

muuvmuuv commented 2 years ago

So I tested it now with an app password that has ALL permissions. Still 401. I have access to that project and it does work with my account password, just not with those app passwords.

MunifTanjim commented 2 years ago

Strange, it works for me.

bitbucket.pullrequests
  .list({
    workspace: 'USERNAME',
    repo_slug: 'REPONAME',
    sort: '-created_on',
    pagelen: 33,
    state: 'OPEN',
  })
  .then(({ data, headers }) => {
    console.log(data, headers)
  })
  .catch((err) => {
    console.log(err)
  })

Can you run this and paste the full output here?

muuvmuuv commented 2 years ago

With app password

Screenshot (3)

With user password

WM-Screenshots-20210727083929

MunifTanjim commented 2 years ago

I have absolutely no idea why Bitbucket is not accepting your app-password. I just created a new one with just "Pull requests - read" permission and it worked as expected.

If you want to investigate further, you can do:

  .catch((err) => {
    console.log(JSON.stringify(err,null,2))
  })

to check exactly what request is being made to the API endpoint.

muuvmuuv commented 2 years ago

I will add it to our internal Jira. Maybe my user itself has not enough rights and Atlassian does not check for that and messes around with permissions towards BitBucket. Just a thought :D. Since it is working for you I expect it to be an issue on our side, I will close this for now and come back if the ticket is in our in-progress sprint. Thanks anyway :)