// Authorize handles Bitbucket API Authorization
func (r *Bitbucket) Authorize(res http.ResponseWriter, req *http.Request) (*model.Login, error) {
consumer := oauth1.Consumer{
RequestTokenURL: "https://bitbucket.org/api/1.0/oauth/request_token/",
AuthorizationURL: "https://bitbucket.org/!api/1.0/oauth/authenticate",
AccessTokenURL: "https://bitbucket.org/api/1.0/oauth/access_token/",
CallbackURL: httputil.GetScheme(req) + "://" + httputil.GetHost(req) + "/api/auth/bitbucket.org",
ConsumerKey: r.Client,
ConsumerSecret: r.Secret,
}
// get the oauth verifier
verifier := req.FormValue("oauth_verifier")
if len(verifier) == 0 {
// Generate a Request Token
requestToken, err := consumer.RequestToken()
if err != nil {
return nil, err
}
// add the request token as a signed cookie
httputil.SetCookie(res, req, "bitbucket_token", requestToken.Encode())
url, _ := consumer.AuthorizeRedirect(requestToken)
http.Redirect(res, req, url, http.StatusSeeOther)
return nil, nil
}
// remove bitbucket token data once before redirecting
// back to the application.
defer httputil.DelCookie(res, req, "bitbucket_token")
// get the tokens from the request
requestTokenStr := httputil.GetCookie(req, "bitbucket_token")
requestToken, err := oauth1.ParseRequestTokenStr(requestTokenStr)
if err != nil {
return nil, err
}
// exchange for an access token
accessToken, err := consumer.AuthorizeToken(requestToken, verifier)
if err != nil {
return nil, err
}
// create the Bitbucket client
client := bitbucket.New(
r.Client,
r.Secret,
accessToken.Token(),
accessToken.Secret(),
)
// get the currently authenticated Bitbucket User
user, err := client.Users.Current()
if err != nil {
return nil, err
}
// put the user data in the common format
login := model.Login{
Login: user.User.Username,
Access: accessToken.Token(),
Secret: accessToken.Secret(),
Name: user.User.DisplayName,
}
email, _ := client.Emails.FindPrimary(user.User.Username)
if email != nil {
login.Email = email.Email
}
return &login, nil
}
// GetLogin handles authentication to third party, remote services
// and returns the required user data in a standard format.
func (r *Stash) Authorize(w http.ResponseWriter, req *http.Request) (*model.Login, error) {
var consumer = oauth1.Consumer{
RequestTokenURL: r.URL + "/plugins/servlet/oauth/request-token",
AuthorizationURL: r.URL + "/plugins/servlet/oauth/authorize",
AccessTokenURL: r.URL + "/plugins/servlet/oauth/access-token",
CallbackURL: httputil.GetScheme(req) + "://" + httputil.GetHost(req) + "/api/auth/stash.atlassian.com",
ConsumerKey: r.Secret,
ConsumerPrivateKeyPem: r.PrivateKey,
}
// get the oauth verifier
verifier := req.FormValue("oauth_verifier")
if len(verifier) == 0 {
// Generate a Request Token
requestToken, err := consumer.RequestToken()
if err != nil {
return nil, err
}
// add the request token as a signed cookie
httputil.SetCookie(w, req, "stash_token", requestToken.Encode())
url, _ := consumer.AuthorizeRedirect(requestToken)
http.Redirect(w, req, url, http.StatusSeeOther)
return nil, nil
}
// remove stash token data once before redirecting
// back to the application.
defer httputil.DelCookie(w, req, "stash_token")
// get the tokens from the request
requestTokenStr := httputil.GetCookie(req, "stash_token")
requestToken, err := oauth1.ParseRequestTokenStr(requestTokenStr)
if err != nil {
return nil, err
}
// exchange for an access token
accessToken, err := consumer.AuthorizeToken(requestToken, verifier)
if err != nil {
return nil, err
}
// create the Stash client
var client = stash.New(
r.URL,
r.Secret,
accessToken.Token(),
accessToken.Secret(),
r.PrivateKey,
)
// get the currently authenticated Stash User
user, err := client.Users.Current()
if err != nil {
return nil, err
}
// put the user data in the common format
login := model.Login{
Login: user.Username,
Access: accessToken.Token(),
Secret: accessToken.Secret(),
//Name: user.DisplayName,
}
return &login, nil
}