From a71d0e0b7b8db8df8b4eff1c0d6044f7d75458c8 Mon Sep 17 00:00:00 2001 From: Nikolas Falco Date: Wed, 27 Nov 2024 15:22:20 +0100 Subject: [PATCH] Fix git clone of repository using OAuth2 authenticator (#926) This issue is caused by removing user from clone link. Using "x-token-auth" as user tells bitbucket that the specified password is an OAuth2 credential token. Reference https://developer.atlassian.com/cloud/bitbucket/oauth-2/#repository-cloning --- .../plugins/bitbucket/BitbucketSCMSource.java | 13 ++++++------- .../credentials/BitbucketOAuthAuthenticator.java | 3 +-- 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/src/main/java/com/cloudbees/jenkins/plugins/bitbucket/BitbucketSCMSource.java b/src/main/java/com/cloudbees/jenkins/plugins/bitbucket/BitbucketSCMSource.java index 4d8c19d14..c34cfda82 100644 --- a/src/main/java/com/cloudbees/jenkins/plugins/bitbucket/BitbucketSCMSource.java +++ b/src/main/java/com/cloudbees/jenkins/plugins/bitbucket/BitbucketSCMSource.java @@ -36,6 +36,7 @@ import com.cloudbees.jenkins.plugins.bitbucket.api.BitbucketRepository; import com.cloudbees.jenkins.plugins.bitbucket.api.BitbucketRequestException; import com.cloudbees.jenkins.plugins.bitbucket.api.BitbucketTeam; +import com.cloudbees.jenkins.plugins.bitbucket.api.credentials.BitbucketUsernamePasswordAuthenticator; import com.cloudbees.jenkins.plugins.bitbucket.client.BitbucketCloudApiClient; import com.cloudbees.jenkins.plugins.bitbucket.client.repository.UserRoleInRepository; import com.cloudbees.jenkins.plugins.bitbucket.endpoints.AbstractBitbucketEndpoint; @@ -48,7 +49,6 @@ import com.cloudbees.jenkins.plugins.bitbucket.server.client.repository.BitbucketServerRepository; import com.cloudbees.plugins.credentials.CredentialsNameProvider; import com.cloudbees.plugins.credentials.common.StandardCredentials; -import com.cloudbees.plugins.credentials.common.StandardUsernameCredentials; import com.damnhandy.uri.template.UriTemplate; import com.fasterxml.jackson.databind.util.StdDateFormat; import edu.umd.cs.findbugs.annotations.CheckForNull; @@ -1015,14 +1015,13 @@ public SCM build(SCMHead head, SCMRevision revision) { // trait will do the magic scmCredentialsId = null; scmExtension = new GitClientAuthenticatorExtension(null); + } else if (authenticator instanceof BitbucketUsernamePasswordAuthenticator) { + scmExtension = new GitClientAuthenticatorExtension(null); } else { - StandardUsernameCredentials scmCredentials = authenticator.getCredentialsForSCM(); // extension overrides the configured credentialsId with a custom StandardUsernameCredentials provided by the Authenticator - scmExtension = new GitClientAuthenticatorExtension(scmCredentials); - if (scmCredentials != null) { - // will be overridden by git extension - scmCredentialsId = null; - } + scmExtension = new GitClientAuthenticatorExtension(authenticator.getCredentialsForSCM()); + // will be overridden by git extension + scmCredentialsId = null; } } else { scmExtension = new GitClientAuthenticatorExtension(null); diff --git a/src/main/java/com/cloudbees/jenkins/plugins/bitbucket/api/credentials/BitbucketOAuthAuthenticator.java b/src/main/java/com/cloudbees/jenkins/plugins/bitbucket/api/credentials/BitbucketOAuthAuthenticator.java index 81a669144..5016351a1 100644 --- a/src/main/java/com/cloudbees/jenkins/plugins/bitbucket/api/credentials/BitbucketOAuthAuthenticator.java +++ b/src/main/java/com/cloudbees/jenkins/plugins/bitbucket/api/credentials/BitbucketOAuthAuthenticator.java @@ -15,7 +15,6 @@ import java.util.concurrent.ExecutionException; import jenkins.authentication.tokens.api.AuthenticationTokenException; import jenkins.util.SetContextClassLoader; -import org.apache.commons.lang.StringUtils; import org.apache.http.HttpRequest; public class BitbucketOAuthAuthenticator extends BitbucketAuthenticator { @@ -54,7 +53,7 @@ public void configureRequest(HttpRequest request) { public StandardUsernameCredentials getCredentialsForSCM() { try { return new UsernamePasswordCredentialsImpl( - CredentialsScope.GLOBAL, getId(), null, StringUtils.EMPTY, token.getAccessToken()); + CredentialsScope.GLOBAL, getId(), null, "x-token-auth", token.getAccessToken()); } catch (FormException e) { throw new RuntimeException(e); }