[Btbucket] Authenticating with JWT for Bitbucket Apps

[juli1]

The bitbucket cloud app allows to use the API by using a JWT token. That would then be another way to authenticate for making API calls.

Bitbucket documentation: https://developer.atlassian.com/cloud/bitbucket/authentication-for-apps/

Using the JWT would just add a header in the request such as "Authorization": "<insert jwt-token here>"

[gonchik]

@juli1 As I see you can do through exist headers parameters, if you want to have more easy way.
Could you provide me, please, how often it's going to be used ?
Cheers,
Gonchik Tsymzhitov

[juli1]

How can I add headers when using the API? Is there any special parameters I can use to add the Authorization header value?

Thanks!

[gonchik]

import time
import requests
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization

# Configuration
PRIVATE_KEY_PATH = 'path/to/your/private_key.pem'  # Replace with your private key path
APP_KEY = 'your_bitbucket_app_key'               # Replace with your Bitbucket App Key
WORKSPACE = 'your-workspace'
REPO_SLUG = 'your-repo-slug'

# Load the private key
with open(PRIVATE_KEY_PATH, 'rb') as key_file:
    private_key = serialization.load_pem_private_key(
        key_file.read(),
        password=None,
        backend=default_backend()
    )

# Current time and expiration
issued_at = int(time.time())
expires_at = issued_at + 60  # Token valid for 60 seconds

# JWT payload
payload = {
    'iss': APP_KEY,
    'iat': issued_at,
    'exp': expires_at,
    'aud': 'bitbucket.org'
}

# Generate JWT
token = jwt.encode(
    payload,
    private_key,
    algorithm='RS256'
)

# API endpoint
url = f'https://api.bitbucket.org/2.0/repositories/{WORKSPACE}/{REPO_SLUG}'

# Headers with JWT
headers = {
    'Authorization': f'Bearer {token}',
    'Content-Type': 'application/json'
}

# Make the GET request
response = requests.get(url, headers=headers)

if response.status_code == 200:
    repo_info = response.json()
    print("Repository Information:")
    print(repo_info)
elif response.status_code == 401:
    print("Authentication failed. Check your JWT token and credentials.")
else:
    print(f"Failed to fetch repository info. Status Code: {response.status_code}")
    print(f"Response: {response.text}")```

[gonchik]

you can find there def _create_oauth_session
that implementation.