Loading...

Type: Suggestion
Resolution: Unresolved
Fix Version/s: None
Component/s: None
Labels:
- devhelp

UIS:
16
Feedback Policy:

We collect Bitbucket feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

Summary

In the REST API documentation regarding Authentication ( https://docs.atlassian.com/bitbucket-server/rest/5.13.0/bitbucket-rest.html) there is a statement: "Other supported methods include: HTTP Cookies"

However, the server does not respond with a cookie information. For example:

Bitbucket: curl -v --user admin:admin http://localhost:7990/bitbucket/rest/api/latest/projects | python -m json.tool

* TCP_NODELAY set
* Connected to localhost (::1) port 7990 (#0)
* Server auth using Basic with user 'admin'
> GET /bitbucket/rest/api/latest/projects HTTP/1.1
> Host: localhost:7990
> Authorization: Basic YWRtaW46YWRtaW4=
> User-Agent: curl/7.54.0
> Accept: */*
> 
< HTTP/1.1 200 
< X-AREQUESTID: @DERBTOx1201x75x0
< X-AUSERID: 1
< X-AUSERNAME: admin
< Cache-Control: no-cache, no-transform
< Vary: X-AUSERNAME,Accept-Encoding
< Transfer-Encoding: chunked
< Content-Type: application/json;charset=UTF-8
< X-Content-Type-Options: nosniff
< Date: Thu, 16 Aug 2018 12:01:38 GMT
< 
{ [418 bytes data]
100   411    0   411    0     0  11378      0 --:--:-- --:--:-- --:--:-- 11416
* Connection #0 to host localhost left intact
{
    "isLastPage": true,
    "limit": 25,
    "size": 2,
    "start": 0,
    "values": [
        {
            "id": 22,
            "key": "ANNE",
            "links": {
                "self": [
                    {
                        "href": "http://localhost:7990/bitbucket/projects/ANNE"
                    }
                ]
            },
            "name": "ANNE",
            "public": false,
            "type": "NORMAL"
        },
        {
            "description": "Default configuration project #1",
            "id": 1,
            "key": "PROJECT_1",
            "links": {
                "self": [
                    {
                        "href": "http://localhost:7990/bitbucket/projects/PROJECT_1"
                    }
                ]
            },
            "name": "Project 1",
            "public": false,
            "type": "NORMAL"
        }
    ]
}

Unlike request to confluence or jira servers return the session cookie that can be used on subsequent requests.
Jira: curl -v --user admin:admin http://localhost:2990/jira/rest/api/latest/project | python -m json.tool

* TCP_NODELAY set
* Connected to localhost (::1) port 2990 (#0)
* Server auth using Basic with user 'admin'
> GET /jira/rest/api/latest/project HTTP/1.1
> Host: localhost:2990
> Authorization: Basic YWRtaW46YWRtaW4=
> User-Agent: curl/7.54.0
> Accept: */*
> 
< HTTP/1.1 200 OK
< Server: Apache-Coyote/1.1
< X-AREQUESTID: 1199x3063x1
< X-XSS-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< X-Frame-Options: SAMEORIGIN
< Content-Security-Policy: frame-ancestors 'self'
< X-ASEN: SEN-500
< Set-Cookie: JSESSIONID=90E7DD49D4FA6024414DA46B5ACD1133; Path=/jira/; HttpOnly
< X-Seraph-LoginReason: OK
< Set-Cookie: atlassian.xsrf.token=BWP3-NZB2-6EDY-6C7K|280b1dea24ae9efbc27877b7d4d8ac9b45dc7623|lin; Path=/jira
< X-ASESSIONID: 1e0jlbc
< X-AUSERNAME: admin
< Cache-Control: no-cache, no-store, no-transform
< Content-Type: application/json;charset=UTF-8
< Transfer-Encoding: chunked
< Date: Thu, 16 Aug 2018 11:59:18 GMT
< 
{ [5 bytes data]
100  1561    0  1561    0     0  51086      0 --:--:-- --:--:-- --:--:-- 52033
* Connection #0 to host localhost left intact
[
    {
        "avatarUrls": {
            "16x16": "http://localhost:2990/jira/secure/projectavatar?size=xsmall&avatarId=10324",
            "24x24": "http://localhost:2990/jira/secure/projectavatar?size=small&avatarId=10324",
            "32x32": "http://localhost:2990/jira/secure/projectavatar?size=medium&avatarId=10324",
            "48x48": "http://localhost:2990/jira/secure/projectavatar?avatarId=10324"
        },
        "expand": "description,lead,url,projectKeys",
        "id": "10000",
        "key": "PROJ",
        "name": "PROJ",
        "projectTypeKey": "business",
        "self": "http://localhost:2990/jira/rest/api/2/project/10000"
    },
    {
        "avatarUrls": {
            "16x16": "http://localhost:2990/jira/secure/projectavatar?size=xsmall&avatarId=10324",
            "24x24": "http://localhost:2990/jira/secure/projectavatar?size=small&avatarId=10324",
            "32x32": "http://localhost:2990/jira/secure/projectavatar?size=medium&avatarId=10324",
            "48x48": "http://localhost:2990/jira/secure/projectavatar?avatarId=10324"
        },
        "expand": "description,lead,url,projectKeys",
        "id": "10001",
        "key": "SCRUM",
        "name": "SCRUM",
        "projectTypeKey": "software",
        "self": "http://localhost:2990/jira/rest/api/2/project/10001"
    },
    {
        "avatarUrls": {
            "16x16": "http://localhost:2990/jira/secure/projectavatar?size=xsmall&avatarId=10324",
            "24x24": "http://localhost:2990/jira/secure/projectavatar?size=small&avatarId=10324",
            "32x32": "http://localhost:2990/jira/secure/projectavatar?size=medium&avatarId=10324",
            "48x48": "http://localhost:2990/jira/secure/projectavatar?avatarId=10324"
        },
        "expand": "description,lead,url,projectKeys",
        "id": "10100",
        "key": "SCRUMBU",
        "name": "SCRUM-BU",
        "projectTypeKey": "software",
        "self": "http://localhost:2990/jira/rest/api/2/project/10100"
    }
]

Where Jira's has Set-Cookie

Note: Issue can be replicated across different versions of Bitbucket with the same result

relates to: DEVHELP-1548 Loading...

Details

Description

Summary

Attachments

Issue Links

Forms

Activity

People

Dates