Bitbucket Cloud Authentication Failing with Repository Access Tokens #179
Description
Description
The froggit-go library currently fails to authenticate with Bitbucket Cloud when using modern Repository Access Tokens or HTTP Access Tokens. These tokens require Bearer token authentication, but the library only supports Basic authentication.
Current Behavior
When attempting to use a Repository Access Token (format: ATCTT...) or HTTP Access Token, authentication fails because the library always uses Basic auth, even when no username is provided.
Expected Behavior
The library should automatically detect the authentication method based on the credentials provided:
- When only a token is provided (no username), use Bearer token authentication
- When both username and token are provided, use Basic authentication (for App Passwords)
Steps to Reproduce
- Create a Repository Access Token in Bitbucket Cloud
- Attempt to authenticate using:
client, err := vcsutils.NewClientBuilder(vcsutils.BitbucketCloud). Token("ATCTT3xFf..."). Build()
- Authentication fails
Proposed Solution
Modify the authentication logic in buildBitbucketCloudClient() to:
- Check if username is empty
- If empty, use Bearer token authentication
- If username exists, use Basic authentication
- Maintain backward compatibility with existing App Password authentication
Impact
This issue affects users who want to use:
- Repository Access Tokens (more secure, repository-scoped)
- HTTP Access Tokens (workspace-level access)
- Modern Bitbucket Cloud authentication methods
Additional Context
Bitbucket Cloud documentation recommends using Repository Access Tokens over App Passwords for better security and granular permissions.