OAuth not working about bitbucket HOT 14 CLOSED

Les Peabody, I found a well documented way to obtain the access token. I've tested locally and it worked.

http://wiki.openstreetmap.org/wiki/OAuth_ruby_examples

Section "Registering and Authorizing your application"

from bitbucket.

+1 for solving this

from bitbucket.

Ok, I've been scratching my head on this one for a while trying to make it fail myself and I think I realized what is going on here (and it's totally my fault!)

I think it's bad documentation on my part (which I will update right now):
oauth_token and oauth_secret should actually be your request tokens, not your consumer tokens. See: https://confluence.atlassian.com/display/BITBUCKET/oauth+Endpoint

from bitbucket.

The full API docs were more clear than the readme, so I've updated the readme to make it clear the difference between the two in the config block.

from bitbucket.

Sorry for the ignorance,

But BitBucket website only shows consumer key and secret, what about the other values?
Should I put consumer key and secret in client_id and client_secret? Or oauht_token, oauth_secret?

Thanks

from bitbucket.

The other values are generated per-user by BitBucket during an OAuth authorization. I personally use Devise to do that since I'm allowing OAuth login with devise.

The consumer key and secret do belong in client_id and client_secret

from bitbucket.

Okay, I thought that the gem would do all the auth flow for me. So, there is no way to do all the flow without user intervention?

Thanks for taking time to answer.

from bitbucket.

No, OAuth requires user interaction to authorize the token generation. Though, that token generation only has to occur once so long as you store the request tokens.

from bitbucket.

Hey Mike, you've been super helpful today.

So the way I'm reading this, I feel as if I should only have to specify the oauth key and secret generated by Bitbucket in the client_id and client_secret fields respectively. I'm a bit confused as to what needs to happen after that, because shouldn't obtaining the oauth request token and secret at that point be completely automated?

from bitbucket.

Obtaining the request token and secret really can't be automated because it requires the end user to approve the authorization request from the app (via the BitBucket website). An authorization URL can be generated that the user is directed to on the BitBucket website, where the user is asked for approval, once they approve the access then BitBucket redirects the user back to a URL you specify as the callback with the request token and secret attached (which you would then store somewhere, such as a database).

from bitbucket.

Thanks Mike.

Les Peabody, to use the gem, you will need to use any library or Oauth playground (http://googlecodesamples.com/oauth_playground/) where you could obtain the access token. This means that part of the OAuth flow will be done manually, but just one time, because the access token doesn't expire.

from bitbucket.

So prior to doing anything with this gem I need to get that request and access token first? Okay cool, this is a good start.

All of this info has been extremely helpful. I'm planning a massive, automated migration of our Subversion repositories over to Git on Bitbucket and was hoping to use this awesome gem to do so. I'll play around later, but assuming I can somehow automate everything in a script my goal should be doable :) Thanks guys.

from bitbucket.

If it's a local script and not a web service that you are building then you might find it easier to use HTTP Basic Auth instead, where you can just specify to connect as "user:password", rather than the more complicated OAuth method. Just be careful about the security of the script. Of course, this supposes that all of the repositories would be owned by the same user on BitBucket.

from bitbucket.

Money. Thanks dude!

from bitbucket.