Unified Language User Guides
iCR User Guide 5.0
iCR User Guide 5.0
  • Table of contents
    • Introduction
    • Overview
    • Authorizing Access to Your Source Code
      • Authenticating GitHub Cloud Access Using OAuth
      • Authenticating GitHub Cloud Access Using PAT
      • Authenticating GitHub Enterprise Access Using OAuth
      • Authenticating GitHub Enterprise Access Using PAT
      • Authenticating GitLab Cloud Access Using OAuth
      • Authenticating GitLab Cloud Access Using PAT
      • Authenticating GitLab Enterprise Access Using OAuth
      • Authenticating GitLab Enterprise Access Using PAT
      • Authenticating Bitbucket Cloud Access using OAuth
    • Using the Navigator
      • Connecting to the Navigator
      • Setting your User Password
      • Updating your User Information
      • The Navigator top banner
      • The Analysis Engine status
      • Selecting Your Source Code
        • Using a cloud-based VCS
        • Selecting your branch
        • Using a private VCS
        • Using a local project
        • Limiting the files to be analyzed
      • Integrating with your bug tracking system
        • Integrating with Jira - Define Your Project
        • Integrating with Jira - Authorizing Access for iCR
        • Integrating with Jira - Connecting with iCR
    • Using the Analysis Engine
      • Initiating an analysis
      • Monitoring the analysis
      • Interrupting the analysis
    • Reviewing your results
      • Reviewer summary and filters
        • Filter by Severity
        • Filter by Category
        • Filter by CWE
        • Filter by OWASP
        • Filter by Directory
      • Reviewing a fix
      • Accepting a fix
        • Accepting a fix when integrated with your bug system
      • Rejecting a fix
        • Rejecting a fix when integrated with your bug system
      • Undoing a fix
        • Undoing a fix when integrated with your bug system
      • Rejected fix history
      • Providing feedback
      • Applying the fixes
      • Cases needing manual attention
      • Comparing Analyses
      • Capturing results for printing or sharing
      • Ending a reviewer session
    • When you are complete
    • Integrating iCR Into Your CI/CD Workflows
      • Jenkins Workflow
        • Installing the plugin
        • Configuring the plugin
          • Creating a Personal Access Token
          • Copying Your Repository's URL
        • Viewing the Results
      • GitHub Actions Workflow
        • GitHub Actions Overview
        • Preparing the GitHub Workflow
          • Environment Variables
          • User Supplied Secrets
          • Setting the User Defined Secrets Values
        • Executing the Workflow
      • GitLab CI/CD Workflow
        • GitLab CI/CD OverView
        • Configuring the GitLab Script variables
          • Environment Variables
          • User Supplied Variables
          • Creating a Personal Access Token
          • Setting the User Defined Variable Values
        • Executing the Workflow
      • Multiple Workflows
    • Appendix – Language Specific Fixer Lists
    • Appendix - Sample Bug Listing
    • Appendix - Getting a BitBucket App Password for JENKINS
Powered by GitBook
On this page
  1. Table of contents
  2. Authorizing Access to Your Source Code

Authenticating Bitbucket Cloud Access using OAuth

PreviousAuthenticating GitLab Enterprise Access Using PATNextUsing the Navigator

Last updated 4 months ago

To gain access to your BitBucket cloud-based projects, you may choose to use OAuth to authorize iCR to access them. Here is how that is done.

To set this up, login into Bitbucket and click on your login icon to view your user workspaces.

This will display a list of all your curent workspaces. Select the one that you wish to authortize for use with iCR.

Once the workspace is selected, a menu of options is shown on the left side of the window. Use this to get to the OAuth consumers window. That menu is long, so scroll down to make sure that you see all the options. Once you find it, click on OAuth consumers to open the OAuth registration window for this workspcae.

The “OAuth consumers” page is where you tell Bitbucket to allow your Server to allow logins redirected from the iCR server.

Click on “Add Consumer” to add a new OAuth consumer for iCR. This brings up the Add OAuth consumer page.

For the consumer “Name” use whatever you like. “iCR for BitBucket” has been used in this example. You may also want to add a brief Description to remind you what this OAuth is being used for.

You also must enter the Callback URL to the iCR server. Bitbucket’s OAuth uses that to verify the authorization handshake. The Callback URL will need to use the URL of your host system and must also specify the particular port number used to access the iCR Navigator. The default port number is 3001 although that could be changed by your system administrator so check with them if something other than the default port is being used. For these examples, we will use the default value of 3001.

NOTE: If a URL has not been generated for your iCR server, you may substitute the IP address of the server.

In this example, we will use the sample URL:

https://qa2.openrefactory.com

So, the complete Callback URL would look like this:

https://qa2.openrefactory.com:3001/api/login/bitbucket/return

You also need to select both the Account: Read and the Pull requests: Write options. Then, select Save to complete the consumer authorization.

Click on the newly added consumer to display its items to be copied.

As was noted in , once you have completed this step, you will need to copy the Key and the Secret. From here, the process is the same as outlined for .

Authenticating GitHub Cloud Access using OAuth
GitHub Cloud