Merge remote-tracking branch 'stefangr/implement_bitbucket_api_v2'

src/Composer/Config.php

@@ -79,7 +79,9 @@ class Config
     private $config;
     private $baseDir;
     private $repositories;
+    /** @var ConfigSourceInterface */
     private $configSource;
+    /** @var ConfigSourceInterface */
     private $authConfigSource;
     private $useEnvironment;
     private $warnedHosts = array();

src/Composer/Repository/Vcs/BitbucketDriver.php

@@ -1,5 +1,15 @@
 <?php
 
+/*
+ * This file is part of Composer.
+ *
+ * (c) Nils Adermann <naderman@naderman.de>
+ *     Jordi Boggiano <j.boggiano@seld.be>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
 namespace Composer\Repository\Vcs;
 
 use Composer\Cache;
@@ -18,11 +28,18 @@ abstract class BitbucketDriver extends VcsDriver
     protected $tags;
     protected $branches;
     protected $infoCache = array();
+    protected $branchesUrl = '';
+    protected $tagsUrl = '';
+    protected $homeUrl = '';
+    protected $website = '';
+    protected $cloneHttpsUrl = '';
 
     /**
      * @var VcsDriver
      */
     protected $fallbackDriver;
+    /** @var string|null if set either git or hg */
+    protected $vcsType;
 
     /**
      * {@inheritDoc}
@@ -44,6 +61,52 @@ abstract class BitbucketDriver extends VcsDriver
         );
     }
 
+    /**
+     * {@inheritDoc}
+     */
+    public function getUrl()
+    {
+        if ($this->fallbackDriver) {
+            return $this->fallbackDriver->getUrl();
+        }
+
+        return $this->cloneHttpsUrl;
+    }
+
+    /**
+     * Attempts to fetch the repository data via the BitBucket API and
+     * sets some parameters which are used in other methods
+     *
+     * @return bool
+     */
+    protected function getRepoData()
+    {
+        $resource = sprintf(
+            'https://api.bitbucket.org/2.0/repositories/%s/%s?%s',
+            $this->owner,
+            $this->repository,
+            http_build_query(
+                array('fields' => '-project,-owner'),
+                null,
+                '&'
+            )
+        );
+
+        $repoData = JsonFile::parseJson($this->getContentsWithOAuthCredentials($resource, true), $resource);
+        if ($this->fallbackDriver) {
+            return false;
+        }
+        $this->parseCloneUrls($repoData['links']['clone']);
+
+        $this->hasIssues = !empty($repoData['has_issues']);
+        $this->branchesUrl = $repoData['links']['branches']['href'];
+        $this->tagsUrl = $repoData['links']['tags']['href'];
+        $this->homeUrl = $repoData['links']['html']['href'];
+        $this->website = $repoData['website'];
+        $this->vcsType = $repoData['scm'];
+        return true;
+    }
+
     /**
      * {@inheritDoc}
      */
@@ -102,6 +165,9 @@ abstract class BitbucketDriver extends VcsDriver
                     $this->repository
                 );
             }
+            if (!isset($composer['homepage'])) {
+                $composer['homepage'] = empty($this->website) ? $this->homeUrl : $this->website;
+            }
 
             $this->infoCache[$identifier] = $composer;
 
@@ -122,14 +188,15 @@ abstract class BitbucketDriver extends VcsDriver
             return $this->fallbackDriver->getFileContent($file, $identifier);
         }
 
-        $resource = $this->getScheme() . '://api.bitbucket.org/1.0/repositories/'
-                    . $this->owner . '/' . $this->repository . '/src/' . $identifier . '/' . $file;
-        $fileData = JsonFile::parseJson($this->getContents($resource), $resource);
-        if (!is_array($fileData) || ! array_key_exists('data', $fileData)) {
-            return null;
-        }
+        $resource = sprintf(
+            'https://api.bitbucket.org/1.0/repositories/%s/%s/raw/%s/%s',
+            $this->owner,
+            $this->repository,
+            $identifier,
+            $file
+        );
 
-        return $fileData['data'];
+        return $this->getContentsWithOAuthCredentials($resource);
     }
 
     /**
@@ -141,11 +208,131 @@ abstract class BitbucketDriver extends VcsDriver
             return $this->fallbackDriver->getChangeDate($identifier);
         }
 
-        $resource = $this->getScheme() . '://api.bitbucket.org/1.0/repositories/'
-                    . $this->owner . '/' . $this->repository . '/changesets/' . $identifier;
-        $changeset = JsonFile::parseJson($this->getContents($resource), $resource);
+        $resource = sprintf(
+            'https://api.bitbucket.org/2.0/repositories/%s/%s/commit/%s?fields=date',
+            $this->owner,
+            $this->repository,
+            $identifier
+        );
+        $commit = JsonFile::parseJson($this->getContentsWithOAuthCredentials($resource), $resource);
+
+        return new \DateTime($commit['date']);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    public function getSource($identifier)
+    {
+        if ($this->fallbackDriver) {
+            return $this->fallbackDriver->getSource($identifier);
+        }
+
+        return array('type' => $this->vcsType, 'url' => $this->getUrl(), 'reference' => $identifier);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    public function getDist($identifier)
+    {
+        if ($this->fallbackDriver) {
+            return $this->fallbackDriver->getDist($identifier);
+        }
+
+        $url = sprintf(
+            'https://bitbucket.org/%s/%s/get/%s.zip',
+            $this->owner,
+            $this->repository,
+            $identifier
+        );
+
+        return array('type' => 'zip', 'url' => $url, 'reference' => $identifier, 'shasum' => '');
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    public function getTags()
+    {
+        if ($this->fallbackDriver) {
+            return $this->fallbackDriver->getTags();
+        }
+
+        if (null === $this->tags) {
+            $this->tags = array();
+            $resource = sprintf(
+                '%s?%s',
+                $this->tagsUrl,
+                http_build_query(
+                    array(
+                        'pagelen' => 100,
+                        'fields' => 'values.name,values.target.hash,next',
+                        'sort' => '-target.date'
+                    ),
+                    null,
+                    '&'
+                )
+            );
+            $hasNext = true;
+            while ($hasNext) {
+                $tagsData = JsonFile::parseJson($this->getContentsWithOAuthCredentials($resource), $resource);
+                foreach ($tagsData['values'] as $data) {
+                    $this->tags[$data['name']] = $data['target']['hash'];
+                }
+                if (empty($tagsData['next'])) {
+                    $hasNext = false;
+                } else {
+                    $resource = $tagsData['next'];
+                }
+            }
+            if ($this->vcsType === 'hg') {
+                unset($this->tags['tip']);
+            }
+        }
 
-        return new \DateTime($changeset['timestamp']);
+        return $this->tags;
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    public function getBranches()
+    {
+        if ($this->fallbackDriver) {
+            return $this->fallbackDriver->getBranches();
+        }
+
+        if (null === $this->branches) {
+            $this->branches = array();
+            $resource = sprintf(
+                '%s?%s',
+                $this->branchesUrl,
+                http_build_query(
+                    array(
+                        'pagelen' => 100,
+                        'fields' => 'values.name,values.target.hash,next',
+                        'sort' => '-target.date'
+                    ),
+                    null,
+                    '&'
+                )
+            );
+            $hasNext = true;
+            while ($hasNext) {
+                $branchData = JsonFile::parseJson($this->getContentsWithOAuthCredentials($resource), $resource);
+                foreach ($branchData['values'] as $data) {
+                    $this->branches[$data['name']] = $data['target']['hash'];
+                }
+                if (empty($branchData['next'])) {
+                    $hasNext = false;
+                } else {
+                    $resource = $branchData['next'];
+                }
+            }
+        }
+
+        return $this->branches;
     }
 
     /**
@@ -201,5 +388,38 @@ abstract class BitbucketDriver extends VcsDriver
         }
     }
 
+    /**
+     * @param string $url
+     * @return void
+     */
     abstract protected function setupFallbackDriver($url);
+
+    /**
+     * @param array $cloneLinks
+     * @return void
+     */
+    protected function parseCloneUrls(array $cloneLinks)
+    {
+        foreach ($cloneLinks as $cloneLink) {
+            if ($cloneLink['name'] === 'https') {
+                // Format: https://(user@)bitbucket.org/{user}/{repo}
+                // Strip username from URL (only present in clone URL's for private repositories)
+                $this->cloneHttpsUrl = preg_replace('/https:\/\/([^@]+@)?/', 'https://', $cloneLink['href']);
+            }
+        }
+    }
+
+    /**
+     * @return array|null
+     */
+    protected function getMainBranchData()
+    {
+        $resource = sprintf(
+            'https://api.bitbucket.org/1.0/repositories/%s/%s/main-branch',
+            $this->owner,
+            $this->repository
+        );
+
+        return JsonFile::parseJson($this->getContentsWithOAuthCredentials($resource), $resource);
+    }
 }

src/Composer/Repository/Vcs/GitBitbucketDriver.php

@@ -13,17 +13,13 @@
 namespace Composer\Repository\Vcs;
 
 use Composer\Config;
-use Composer\Json\JsonFile;
 use Composer\IO\IOInterface;
 
 /**
  * @author Per Bernhardt <plb@webfactory.de>
  */
-class GitBitbucketDriver extends BitbucketDriver implements VcsDriverInterface
+class GitBitbucketDriver extends BitbucketDriver
 {
-
-
-
     /**
      * {@inheritDoc}
      */
@@ -34,90 +30,22 @@ class GitBitbucketDriver extends BitbucketDriver implements VcsDriverInterface
         }
 
         if (null === $this->rootIdentifier) {
-            $resource = $this->getScheme() . '://api.bitbucket.org/1.0/repositories/'.$this->owner.'/'.$this->repository;
-            $repoData = JsonFile::parseJson($this->getContentsWithOAuthCredentials($resource, true), $resource);
-            $this->hasIssues = !empty($repoData['has_issues']);
-            $this->rootIdentifier = !empty($repoData['main_branch']) ? $repoData['main_branch'] : 'master';
-        }
-
-        return $this->rootIdentifier;
-    }
-
-    /**
-     * {@inheritDoc}
-     */
-    public function getUrl()
-    {
-        if ($this->fallbackDriver) {
-            return $this->fallbackDriver->getUrl();
-        }
-
-        return 'https://' . $this->originUrl . '/'.$this->owner.'/'.$this->repository.'.git';
-    }
-
-    /**
-     * {@inheritDoc}
-     */
-    public function getSource($identifier)
-    {
-        if ($this->fallbackDriver) {
-            return $this->fallbackDriver->getSource($identifier);
-        }
-
-        return array('type' => 'git', 'url' => $this->getUrl(), 'reference' => $identifier);
-    }
-
-    /**
-     * {@inheritDoc}
-     */
-    public function getDist($identifier)
-    {
-        $url = $this->getScheme() . '://bitbucket.org/'.$this->owner.'/'.$this->repository.'/get/'.$identifier.'.zip';
-
-        return array('type' => 'zip', 'url' => $url, 'reference' => $identifier, 'shasum' => '');
-    }
-
-
-    /**
-     * {@inheritDoc}
-     */
-    public function getTags()
-    {
-        if ($this->fallbackDriver) {
-            return $this->fallbackDriver->getTags();
-        }
-
-        if (null === $this->tags) {
-            $resource = $this->getScheme() . '://api.bitbucket.org/1.0/repositories/'.$this->owner.'/'.$this->repository.'/tags';
-            $tagsData = JsonFile::parseJson($this->getContentsWithOAuthCredentials($resource), $resource);
-            $this->tags = array();
-            foreach ($tagsData as $tag => $data) {
-                $this->tags[$tag] = $data['raw_node'];
+            if (! $this->getRepoData()) {
+                return $this->fallbackDriver->getRootIdentifier();
             }
-        }
-
-        return $this->tags;
-    }
 
-    /**
-     * {@inheritDoc}
-     */
-    public function getBranches()
-    {
-        if ($this->fallbackDriver) {
-            return $this->fallbackDriver->getBranches();
-        }
-
-        if (null === $this->branches) {
-            $resource =  $this->getScheme() . '://api.bitbucket.org/1.0/repositories/'.$this->owner.'/'.$this->repository.'/branches';
-            $branchData = JsonFile::parseJson($this->getContentsWithOAuthCredentials($resource), $resource);
-            $this->branches = array();
-            foreach ($branchData as $branch => $data) {
-                $this->branches[$branch] = $data['raw_node'];
+            if ($this->vcsType !== 'git') {
+                throw new \RuntimeException(
+                    $this->url.' does not appear to be a git repository, use '.
+                    $this->cloneHttpsUrl.' if this is a mercurial bitbucket repository'
+                );
             }
+
+            $mainBranchData = $this->getMainBranchData();
+            $this->rootIdentifier = !empty($mainBranchData['name']) ? $mainBranchData['name'] : 'master';
         }
 
-        return $this->branches;
+        return $this->rootIdentifier;
     }
 
     /**
@@ -139,7 +67,7 @@ class GitBitbucketDriver extends BitbucketDriver implements VcsDriverInterface
     }
 
     /**
-     * @param string $url
+     * {@inheritdoc}
      */
     protected function setupFallbackDriver($url)
     {

src/Composer/Repository/Vcs/HgBitbucketDriver.php

@@ -13,7 +13,6 @@
 namespace Composer\Repository\Vcs;
 
 use Composer\Config;
-use Composer\Json\JsonFile;
 use Composer\IO\IOInterface;
 
 /**
@@ -21,84 +20,32 @@ use Composer\IO\IOInterface;
  */
 class HgBitbucketDriver extends BitbucketDriver
 {
-
     /**
      * {@inheritDoc}
      */
     public function getRootIdentifier()
     {
-        if (null === $this->rootIdentifier) {
-            $resource = $this->getScheme() . '://bitbucket.org/api/1.0/repositories/'.$this->owner.'/'.$this->repository.'/tags';
-            $repoData = JsonFile::parseJson($this->getContents($resource), $resource);
-            if (array() === $repoData || !isset($repoData['tip'])) {
-                throw new \RuntimeException($this->url.' does not appear to be a mercurial repository, use '.$this->url.'.git if this is a git bitbucket repository');
-            }
-            $this->hasIssues = !empty($repoData['has_issues']);
-            $this->rootIdentifier = $repoData['tip']['raw_node'];
+        if ($this->fallbackDriver) {
+            return $this->fallbackDriver->getRootIdentifier();
         }
 
-        return $this->rootIdentifier;
-    }
-
-    /**
-     * {@inheritDoc}
-     */
-    public function getUrl()
-    {
-        return $this->url;
-    }
-
-    /**
-     * {@inheritDoc}
-     */
-    public function getSource($identifier)
-    {
-        return array('type' => 'hg', 'url' => $this->getUrl(), 'reference' => $identifier);
-    }
-
-    /**
-     * {@inheritDoc}
-     */
-    public function getDist($identifier)
-    {
-        $url = $this->getScheme() . '://bitbucket.org/'.$this->owner.'/'.$this->repository.'/get/'.$identifier.'.zip';
-
-        return array('type' => 'zip', 'url' => $url, 'reference' => $identifier, 'shasum' => '');
-    }
-
-    /**
-     * {@inheritDoc}
-     */
-    public function getTags()
-    {
-        if (null === $this->tags) {
-            $resource = $this->getScheme() . '://bitbucket.org/api/1.0/repositories/'.$this->owner.'/'.$this->repository.'/tags';
-            $tagsData = JsonFile::parseJson($this->getContents($resource), $resource);
-            $this->tags = array();
-            foreach ($tagsData as $tag => $data) {
-                $this->tags[$tag] = $data['raw_node'];
+        if (null === $this->rootIdentifier) {
+            if (! $this->getRepoData()) {
+                return $this->fallbackDriver->getRootIdentifier();
             }
-            unset($this->tags['tip']);
-        }
 
-        return $this->tags;
-    }
-
-    /**
-     * {@inheritDoc}
-     */
-    public function getBranches()
-    {
-        if (null === $this->branches) {
-            $resource = $this->getScheme() . '://bitbucket.org/api/1.0/repositories/'.$this->owner.'/'.$this->repository.'/branches';
-            $branchData = JsonFile::parseJson($this->getContents($resource), $resource);
-            $this->branches = array();
-            foreach ($branchData as $branch => $data) {
-                $this->branches[$branch] = $data['raw_node'];
+            if ($this->vcsType !== 'hg') {
+                throw new \RuntimeException(
+                    $this->url.' does not appear to be a mercurial repository, use '.
+                    $this->cloneHttpsUrl.' if this is a git bitbucket repository'
+                );
             }
+
+            $mainBranchData = $this->getMainBranchData();
+            $this->rootIdentifier = !empty($mainBranchData['name']) ? $mainBranchData['name'] : 'default';
         }
 
-        return $this->branches;
+        return $this->rootIdentifier;
     }
 
     /**
@@ -119,6 +66,9 @@ class HgBitbucketDriver extends BitbucketDriver
         return true;
     }
 
+    /**
+     * {@inheritdoc}
+     */
     protected function setupFallbackDriver($url)
     {
         $this->fallbackDriver = new HgDriver(
@@ -136,6 +86,6 @@ class HgBitbucketDriver extends BitbucketDriver
      */
     protected function generateSshUrl()
     {
-        return 'hg@' . $this->originUrl . '/' . $this->owner.'/'.$this->repository;
+        return 'ssh://hg@' . $this->originUrl . '/' . $this->owner.'/'.$this->repository;
     }
 }

src/Composer/Util/Bitbucket.php

@@ -27,6 +27,7 @@ class Bitbucket
     private $process;
     private $remoteFilesystem;
     private $token = array();
+    private $time;
 
     const OAUTH2_ACCESS_TOKEN_URL = 'https://bitbucket.org/site/oauth2/access_token';
 
@@ -37,21 +38,26 @@ class Bitbucket
      * @param Config           $config           The composer configuration
      * @param ProcessExecutor  $process          Process instance, injectable for mocking
      * @param RemoteFilesystem $remoteFilesystem Remote Filesystem, injectable for mocking
+     * @param int              $time             Timestamp, injectable for mocking
      */
-    public function __construct(IOInterface $io, Config $config, ProcessExecutor $process = null, RemoteFilesystem $remoteFilesystem = null)
+    public function __construct(IOInterface $io, Config $config, ProcessExecutor $process = null, RemoteFilesystem $remoteFilesystem = null, $time = null)
     {
         $this->io = $io;
         $this->config = $config;
         $this->process = $process ?: new ProcessExecutor;
         $this->remoteFilesystem = $remoteFilesystem ?: Factory::createRemoteFilesystem($this->io, $config);
+        $this->time = $time;
     }
 
     /**
-     * @return array
+     * @return string
      */
     public function getToken()
     {
-        return $this->token;
+        if (! isset($this->token['access_token'])) {
+            return '';
+        }
+        return $this->token['access_token'];
     }
 
     /**
@@ -109,6 +115,8 @@ class Bitbucket
 
             throw $e;
         }
+
+        return true;
     }
 
     /**
@@ -151,16 +159,13 @@ class Bitbucket
 
         $this->io->setAuthentication($originUrl, $consumerKey, $consumerSecret);
 
-        $this->requestAccessToken($originUrl);
+        if (! $this->requestAccessToken($originUrl)) {
+            return false;
+        }
 
         // store value in user config
-        $this->config->getConfigSource()->removeConfigSetting('bitbucket-oauth.'.$originUrl);
+        $this->storeInAuthConfig($originUrl, $consumerKey, $consumerSecret);
 
-        $consumer = array(
-            "consumer-key" => $consumerKey,
-            "consumer-secret" => $consumerSecret,
-        );
-        $this->config->getAuthConfigSource()->addConfigSetting('bitbucket-oauth.'.$originUrl, $consumer);
         // Remove conflicting basic auth credentials (if available)
         $this->config->getAuthConfigSource()->removeConfigSetting('http-basic.' . $originUrl);
 
@@ -175,17 +180,64 @@ class Bitbucket
      * @param  string $originUrl
      * @param  string $consumerKey
      * @param  string $consumerSecret
-     * @return array
+     * @return string
      */
     public function requestToken($originUrl, $consumerKey, $consumerSecret)
     {
-        if (!empty($this->token)) {
-            return $this->token;
+        if (!empty($this->token) || $this->getTokenFromConfig($originUrl)) {
+            return $this->token['access_token'];
         }
 
         $this->io->setAuthentication($originUrl, $consumerKey, $consumerSecret);
-        $this->requestAccessToken($originUrl);
+        if (! $this->requestAccessToken($originUrl)) {
+            return '';
+        }
+
+        $this->storeInAuthConfig($originUrl, $consumerKey, $consumerSecret);
+
+        return $this->token['access_token'];
+    }
+
+    /**
+     * Store the new/updated credentials to the configuration
+     * @param string $originUrl
+     * @param string $consumerKey
+     * @param string $consumerSecret
+     */
+    private function storeInAuthConfig($originUrl, $consumerKey, $consumerSecret)
+    {
+        $this->config->getConfigSource()->removeConfigSetting('bitbucket-oauth.'.$originUrl);
 
-        return $this->token;
+        $time = null === $this->time ? time() : $this->time;
+        $consumer = array(
+            "consumer-key" => $consumerKey,
+            "consumer-secret" => $consumerSecret,
+            "access-token" => $this->token['access_token'],
+            "access-token-expiration" => $time + $this->token['expires_in']
+        );
+
+        $this->config->getAuthConfigSource()->addConfigSetting('bitbucket-oauth.'.$originUrl, $consumer);
+    }
+
+    /**
+     * @param string $originUrl
+     * @return bool
+     */
+    private function getTokenFromConfig($originUrl)
+    {
+        $authConfig = $this->config->get('bitbucket-oauth');
+
+        if (! isset($authConfig[$originUrl]['access-token']) ||
+            ! isset($authConfig[$originUrl]['access-token-expiration']) ||
+            time() > $authConfig[$originUrl]['access-token-expiration']
+        ) {
+            return false;
+        }
+
+        $this->token = array(
+            'access_token' => $authConfig[$originUrl]['access-token']
+        );
+
+        return true;
     }
 }

src/Composer/Util/Git.php

@@ -122,17 +122,17 @@ class Git
 
                     if (!$bitbucketUtil->authorizeOAuth($match[1]) && $this->io->isInteractive()) {
                         $bitbucketUtil->authorizeOAuthInteractively($match[1], $message);
-                        $token = $bitbucketUtil->getToken();
-                        $this->io->setAuthentication($match[1], 'x-token-auth', $token['access_token']);
+                        $accessToken = $bitbucketUtil->getToken();
+                        $this->io->setAuthentication($match[1], 'x-token-auth', $accessToken);
                     }
                 } else { //We're authenticating with a locally stored consumer.
                     $auth = $this->io->getAuthentication($match[1]);
 
                     //We already have an access_token from a previous request.
                     if ($auth['username'] !== 'x-token-auth') {
-                        $token = $bitbucketUtil->requestToken($match[1], $auth['username'], $auth['password']);
-                        if (!empty($token)) {
-                            $this->io->setAuthentication($match[1], 'x-token-auth', $token['access_token']);
+                        $accessToken = $bitbucketUtil->requestToken($match[1], $auth['username'], $auth['password']);
+                        if (! empty($accessToken)) {
+                            $this->io->setAuthentication($match[1], 'x-token-auth', $accessToken);
                         }
                     }
                 }

src/Composer/Util/RemoteFilesystem.php

@@ -245,14 +245,6 @@ class RemoteFilesystem
             unset($options['gitlab-token']);
         }
 
-        if (isset($options['bitbucket-token'])) {
-            // skip using the token for BitBucket downloads as these are not working with auth
-            if (!$this->isPublicBitBucketDownload($origFileUrl)) {
-                $fileUrl .= (false === strpos($fileUrl,'?') ? '?' : '&') . 'access_token=' . $options['bitbucket-token'];
-            }
-            unset($options['bitbucket-token']);
-        }
-
         if (isset($options['http'])) {
             $options['http']['ignore_errors'] = true;
         }
@@ -607,9 +599,9 @@ class RemoteFilesystem
                 $auth = $this->io->getAuthentication($this->originUrl);
                 if ($auth['username'] !== 'x-token-auth') {
                     $bitbucketUtil = new Bitbucket($this->io, $this->config);
-                    $token = $bitbucketUtil->requestToken($this->originUrl, $auth['username'], $auth['password']);
-                    if (! empty($token)) {
-                        $this->io->setAuthentication($this->originUrl, 'x-token-auth', $token['access_token']);
+                    $accessToken = $bitbucketUtil->requestToken($this->originUrl, $auth['username'], $auth['password']);
+                    if (! empty($accessToken)) {
+                        $this->io->setAuthentication($this->originUrl, 'x-token-auth', $accessToken);
                         $askForOAuthToken = false;
                     }
                 } else {
@@ -736,7 +728,9 @@ class RemoteFilesystem
             } elseif ('bitbucket.org' === $originUrl
                 && $this->fileUrl !== Bitbucket::OAUTH2_ACCESS_TOKEN_URL && 'x-token-auth' === $auth['username']
             ) {
-                $options['bitbucket-token'] = $auth['password'];
+                if (!$this->isPublicBitBucketDownload($this->fileUrl)) {
+                    $headers[] = 'Authorization: Bearer ' . $auth['password'];
+                }
             } else {
                 $authStr = base64_encode($auth['username'] . ':' . $auth['password']);
                 $headers[] = 'Authorization: Basic '.$authStr;
@@ -1009,6 +1003,13 @@ class RemoteFilesystem
      */
     private function isPublicBitBucketDownload($urlToBitBucketFile)
     {
+        $domain = parse_url($urlToBitBucketFile, PHP_URL_HOST);
+        if (strpos($domain, 'bitbucket.org') === false) {
+            // Bitbucket downloads are hosted on amazonaws.
+            // We do not need to authenticate there at all
+            return true;
+        }
+
         $path = parse_url($urlToBitBucketFile, PHP_URL_PATH);
 
         // Path for a public download follows this pattern /{user}/{repo}/downloads/{whatever}

tests/Composer/Test/Repository/Vcs/GitBitbucketDriverTest.php

@@ -76,69 +76,96 @@ class GitBitbucketDriverTest extends TestCase
         return $driver;
     }
 
-    public function testGetRootIdentifier()
+    public function testGetRootIdentifierWrongScmType()
     {
-        $driver = $this->getDriver(array('url' => 'https://bitbucket.org/user/repo.git'));
+        $this->setExpectedException(
+            '\RuntimeException',
+            'https://bitbucket.org/user/repo.git does not appear to be a git repository, use https://bitbucket.org/user/repo if this is a mercurial bitbucket repository'
+        );
 
-        $this->rfs->expects($this->any())
+        $this->rfs->expects($this->once())
             ->method('getContents')
             ->with(
                 $this->originUrl,
-                'https://api.bitbucket.org/1.0/repositories/user/repo',
+                'https://api.bitbucket.org/2.0/repositories/user/repo?fields=-project%2C-owner',
                 false
             )
             ->willReturn(
-                '{"scm": "git", "has_wiki": false, "last_updated": "2016-05-17T13:20:21.993", "no_forks": true, "forks_count": 0, "created_on": "2015-02-18T16:22:24.688", "owner": "user", "logo": "https://bitbucket.org/user/repo/avatar/32/?ts=1463484021", "email_mailinglist": "", "is_mq": false, "size": 9975494, "read_only": false, "fork_of": null, "mq_of": null, "followers_count": 0, "state": "available", "utc_created_on": "2015-02-18 15:22:24+00:00", "website": "", "description": "", "has_issues": false, "is_fork": false, "slug": "repo", "is_private": true, "name": "repo", "language": "php", "utc_last_updated": "2016-05-17 11:20:21+00:00", "no_public_forks": true, "creator": null, "resource_uri": "/1.0/repositories/user/repo"}'
+                '{"scm":"hg","website":"","has_wiki":false,"name":"repo","links":{"branches":{"href":"https:\/\/api.bitbucket.org\/2.0\/repositories\/user\/repo\/refs\/branches"},"tags":{"href":"https:\/\/api.bitbucket.org\/2.0\/repositories\/user\/repo\/refs\/tags"},"clone":[{"href":"https:\/\/user@bitbucket.org\/user\/repo","name":"https"},{"href":"ssh:\/\/hg@bitbucket.org\/user\/repo","name":"ssh"}],"html":{"href":"https:\/\/bitbucket.org\/user\/repo"}},"language":"php","created_on":"2015-02-18T16:22:24.688+00:00","updated_on":"2016-05-17T13:20:21.993+00:00","is_private":true,"has_issues":false}'
             );
 
-        $this->assertEquals(
-            'master',
-            $driver->getRootIdentifier()
-        );
-    }
-
-    public function testGetParams()
-    {
-        $url = 'https://bitbucket.org/user/repo.git';
-        $driver = $this->getDriver(array('url' => $url));
-
-        $this->assertEquals($url, $driver->getUrl());
-
-        $this->assertEquals(
-            array(
-                'type' => 'zip',
-                'url' => 'https://bitbucket.org/user/repo/get/reference.zip',
-                'reference' => 'reference',
-                'shasum' => ''
-            ),
-            $driver->getDist('reference')
-        );
+        $driver = $this->getDriver(array('url' => 'https://bitbucket.org/user/repo.git'));
 
-        $this->assertEquals(
-            array('type' => 'git', 'url' => $url, 'reference' => 'reference'),
-            $driver->getSource('reference')
-        );
+        $driver->getRootIdentifier();
     }
 
-    public function testGetComposerInformation()
+    public function testDriver()
     {
         $driver = $this->getDriver(array('url' => 'https://bitbucket.org/user/repo.git'));
 
         $this->rfs->expects($this->any())
             ->method('getContents')
             ->withConsecutive(
-                array('bitbucket.org', 'https://api.bitbucket.org/1.0/repositories/user/repo/src/master/composer.json', false),
-                array('bitbucket.org', 'https://api.bitbucket.org/1.0/repositories/user/repo/changesets/master', false),
-                array('bitbucket.org', 'https://api.bitbucket.org/1.0/repositories/user/repo/tags', false),
-                array('bitbucket.org', 'https://api.bitbucket.org/1.0/repositories/user/repo/branches', false)
+                array(
+                    $this->originUrl,
+                    'https://api.bitbucket.org/2.0/repositories/user/repo?fields=-project%2C-owner',
+                    false
+                ),
+                array(
+                    $this->originUrl,
+                    'https://api.bitbucket.org/1.0/repositories/user/repo/main-branch',
+                    false
+                ),
+                array(
+                    $this->originUrl,
+                    'https://api.bitbucket.org/2.0/repositories/user/repo/refs/tags?pagelen=100&fields=values.name%2Cvalues.target.hash%2Cnext&sort=-target.date',
+                    false
+                ),
+                array(
+                    $this->originUrl,
+                    'https://api.bitbucket.org/2.0/repositories/user/repo/refs/branches?pagelen=100&fields=values.name%2Cvalues.target.hash%2Cnext&sort=-target.date',
+                    false
+                ),
+                array(
+                    $this->originUrl,
+                    'https://api.bitbucket.org/1.0/repositories/user/repo/raw/master/composer.json',
+                    false
+                ),
+                array(
+                    $this->originUrl,
+                    'https://api.bitbucket.org/2.0/repositories/user/repo/commit/master?fields=date',
+                    false
+                )
             )
             ->willReturnOnConsecutiveCalls(
-                '{"node": "937992d19d72", "path": "composer.json", "data": "{\n  \"name\": \"user/repo\",\n  \"description\": \"test repo\",\n  \"license\": \"GPL\",\n  \"authors\": [\n    {\n      \"name\": \"Name\",\n      \"email\": \"local@domain.tld\"\n    }\n  ],\n  \"require\": {\n    \"creator/package\": \"^1.0\"\n  },\n  \"require-dev\": {\n    \"phpunit/phpunit\": \"~4.8\"\n  }\n}\n", "size": 269}',
-                '{"node": "937992d19d72", "files": [{"type": "modified", "file": "path/to/file"}], "raw_author": "User <local@domain.tld>", "utctimestamp": "2016-05-17 11:19:52+00:00", "author": "user", "timestamp": "2016-05-17 13:19:52", "raw_node": "937992d19d72b5116c3e8c4a04f960e5fa270b22", "parents": ["71e195a33361"], "branch": "master", "message": "Commit message\n", "revision": null, "size": -1}',
-                '{}',
-                '{"master": {"node": "937992d19d72", "files": [{"type": "modified", "file": "path/to/file"}], "raw_author": "User <local@domain.tld>", "utctimestamp": "2016-05-17 11:19:52+00:00", "author": "user", "timestamp": "2016-05-17 13:19:52", "raw_node": "937992d19d72b5116c3e8c4a04f960e5fa270b22", "parents": ["71e195a33361"], "branch": "master", "message": "Commit message\n", "revision": null, "size": -1}}'
+                '{"scm":"git","website":"","has_wiki":false,"name":"repo","links":{"branches":{"href":"https:\/\/api.bitbucket.org\/2.0\/repositories\/user\/repo\/refs\/branches"},"tags":{"href":"https:\/\/api.bitbucket.org\/2.0\/repositories\/user\/repo\/refs\/tags"},"clone":[{"href":"https:\/\/user@bitbucket.org\/user\/repo.git","name":"https"},{"href":"ssh:\/\/git@bitbucket.org\/user\/repo.git","name":"ssh"}],"html":{"href":"https:\/\/bitbucket.org\/user\/repo"}},"language":"php","created_on":"2015-02-18T16:22:24.688+00:00","updated_on":"2016-05-17T13:20:21.993+00:00","is_private":true,"has_issues":false}',
+                '{"name": "master"}',
+                '{"values":[{"name":"1.0.1","target":{"hash":"9b78a3932143497c519e49b8241083838c8ff8a1"}},{"name":"1.0.0","target":{"hash":"d3393d514318a9267d2f8ebbf463a9aaa389f8eb"}}]}',
+                '{"values":[{"name":"master","target":{"hash":"937992d19d72b5116c3e8c4a04f960e5fa270b22"}}]}',
+                '{"name": "user/repo","description": "test repo","license": "GPL","authors": [{"name": "Name","email": "local@domain.tld"}],"require": {"creator/package": "^1.0"},"require-dev": {"phpunit/phpunit": "~4.8"}}',
+                '{"date": "2016-05-17T13:19:52+00:00"}'
             );
 
+        $this->assertEquals(
+            'master',
+            $driver->getRootIdentifier()
+        );
+
+        $this->assertEquals(
+            array(
+                '1.0.1' => '9b78a3932143497c519e49b8241083838c8ff8a1',
+                '1.0.0' => 'd3393d514318a9267d2f8ebbf463a9aaa389f8eb'
+            ),
+            $driver->getTags()
+        );
+
+        $this->assertEquals(
+            array(
+                'master' => '937992d19d72b5116c3e8c4a04f960e5fa270b22'
+            ),
+            $driver->getBranches()
+        );
+
         $this->assertEquals(
             array(
                 'name' => 'user/repo',
@@ -159,56 +186,38 @@ class GitBitbucketDriverTest extends TestCase
                 'time' => '2016-05-17 13:19:52',
                 'support' => array(
                     'source' => 'https://bitbucket.org/user/repo/src/937992d19d72b5116c3e8c4a04f960e5fa270b22/?at=master'
-                )
+                ),
+                'homepage' => 'https://bitbucket.org/user/repo'
             ),
             $driver->getComposerInformation('master')
         );
+
+        return $driver;
     }
 
-    public function testGetTags()
+    /**
+     * @depends testDriver
+     * @param \Composer\Repository\Vcs\VcsDriverInterface $driver
+     */
+    public function testGetParams($driver)
     {
-        $driver = $this->getDriver(array('url' => 'https://bitbucket.org/user/repo.git'));
+        $url = 'https://bitbucket.org/user/repo.git';
 
-        $this->rfs->expects($this->once())
-            ->method('getContents')
-            ->with(
-                'bitbucket.org',
-                'https://api.bitbucket.org/1.0/repositories/user/repo/tags',
-                false
-            )
-            ->willReturn(
-                '{"1.0.1": {"node": "9b78a3932143", "files": [{"type": "modified", "file": "path/to/file"}], "branches": [], "raw_author": "User <local@domain.tld>", "utctimestamp": "2015-04-16 14:50:40+00:00", "author": "user", "timestamp": "2015-04-16 16:50:40", "raw_node": "9b78a3932143497c519e49b8241083838c8ff8a1", "parents": ["84531c04dbfc", "50c2a4635ad0"], "branch": null, "message": "Commit message\n", "revision": null, "size": -1}, "1.0.0": {"node": "d3393d514318", "files": [{"type": "modified", "file": "path/to/file2"}], "branches": [], "raw_author": "User <local@domain.tld>", "utctimestamp": "2015-04-16 09:31:45+00:00", "author": "user", "timestamp": "2015-04-16 11:31:45", "raw_node": "d3393d514318a9267d2f8ebbf463a9aaa389f8eb", "parents": ["5a29a73cd1a0"], "branch": null, "message": "Commit message\n", "revision": null, "size": -1}}'
-            );
+        $this->assertEquals($url, $driver->getUrl());
 
         $this->assertEquals(
             array(
-                '1.0.1' => '9b78a3932143497c519e49b8241083838c8ff8a1',
-                '1.0.0' => 'd3393d514318a9267d2f8ebbf463a9aaa389f8eb'
+                'type' => 'zip',
+                'url' => 'https://bitbucket.org/user/repo/get/reference.zip',
+                'reference' => 'reference',
+                'shasum' => ''
             ),
-            $driver->getTags()
+            $driver->getDist('reference')
         );
-    }
-
-    public function testGetBranches()
-    {
-        $driver = $this->getDriver(array('url' => 'https://bitbucket.org/user/repo.git'));
-
-        $this->rfs->expects($this->once())
-            ->method('getContents')
-            ->with(
-                'bitbucket.org',
-                'https://api.bitbucket.org/1.0/repositories/user/repo/branches',
-                false
-            )
-            ->willReturn(
-                '{"master": {"node": "937992d19d72", "files": [{"type": "modified", "file": "path/to/file"}], "raw_author": "User <local@domain.tld>", "utctimestamp": "2016-05-17 11:19:52+00:00", "author": "user", "timestamp": "2016-05-17 13:19:52", "raw_node": "937992d19d72b5116c3e8c4a04f960e5fa270b22", "parents": ["71e195a33361"], "branch": "master", "message": "Commit message\n", "revision": null, "size": -1}}'
-            );
 
         $this->assertEquals(
-            array(
-                'master' => '937992d19d72b5116c3e8c4a04f960e5fa270b22'
-            ),
-            $driver->getBranches()
+            array('type' => 'git', 'url' => $url, 'reference' => 'reference'),
+            $driver->getSource('reference')
         );
     }
 

tests/Composer/Test/Util/BitbucketTest.php

@@ -35,6 +35,8 @@ class BitbucketTest extends \PHPUnit_Framework_TestCase
     private $config;
     /** @type Bitbucket */
     private $bitbucket;
+    /** @var int */
+    private $time;
 
     protected function setUp()
     {
@@ -52,7 +54,9 @@ class BitbucketTest extends \PHPUnit_Framework_TestCase
 
         $this->config = $this->getMock('Composer\Config');
 
-        $this->bitbucket = new Bitbucket($this->io, $this->config, null, $this->rfs);
+        $this->time = time();
+
+        $this->bitbucket = new Bitbucket($this->io, $this->config, null, $this->rfs, $this->time);
     }
 
     public function testRequestAccessTokenWithValidOAuthConsumer()
@@ -82,14 +86,86 @@ class BitbucketTest extends \PHPUnit_Framework_TestCase
                 )
             );
 
+        $this->config->expects($this->once())
+            ->method('get')
+            ->with('bitbucket-oauth')
+            ->willReturn(null);
+
+        $this->setExpectationsForStoringAccessToken();
+
+        $this->assertEquals(
+            $this->token,
+            $this->bitbucket->requestToken($this->origin, $this->consumer_key, $this->consumer_secret)
+        );
+    }
+
+    public function testRequestAccessTokenWithValidOAuthConsumerAndValidStoredAccessToken()
+    {
+        $this->config->expects($this->once())
+            ->method('get')
+            ->with('bitbucket-oauth')
+            ->willReturn(
+                array(
+                    $this->origin => array(
+                        'access-token' => $this->token,
+                        'access-token-expiration' => $this->time + 1800,
+                        'consumer-key' => $this->consumer_key,
+                        'consumer-secret' => $this->consumer_secret
+                    )
+                )
+            );
+
+        $this->assertEquals(
+            $this->token,
+            $this->bitbucket->requestToken($this->origin, $this->consumer_key, $this->consumer_secret)
+        );
+    }
+
+    public function testRequestAccessTokenWithValidOAuthConsumerAndExpiredAccessToken()
+    {
+        $this->config->expects($this->once())
+            ->method('get')
+            ->with('bitbucket-oauth')
+            ->willReturn(
+                array(
+                    $this->origin => array(
+                        'access-token' => 'randomExpiredToken',
+                        'access-token-expiration' => $this->time - 400,
+                        'consumer-key' => $this->consumer_key,
+                        'consumer-secret' => $this->consumer_secret
+                    )
+                )
+            );
+
+        $this->io->expects($this->once())
+            ->method('setAuthentication')
+            ->with($this->origin, $this->consumer_key, $this->consumer_secret);
+
+        $this->rfs->expects($this->once())
+            ->method('getContents')
+            ->with(
+                $this->origin,
+                Bitbucket::OAUTH2_ACCESS_TOKEN_URL,
+                false,
+                array(
+                    'retry-auth-failure' => false,
+                    'http' => array(
+                        'method' => 'POST',
+                        'content' => 'grant_type=client_credentials',
+                    )
+                )
+            )
+            ->willReturn(
+                sprintf(
+                    '{"access_token": "%s", "scopes": "repository", "expires_in": 3600, "refresh_token": "refreshtoken", "token_type": "bearer"}',
+                    $this->token
+                )
+            );
+
+        $this->setExpectationsForStoringAccessToken();
+
         $this->assertEquals(
-            array(
-                'access_token' => $this->token,
-                'scopes' => 'repository',
-                'expires_in' => 3600,
-                'refresh_token' => 'refreshtoken',
-                'token_type' => 'bearer'
-            ),
+            $this->token,
             $this->bitbucket->requestToken($this->origin, $this->consumer_key, $this->consumer_secret)
         );
     }
@@ -133,7 +209,12 @@ class BitbucketTest extends \PHPUnit_Framework_TestCase
                 )
             );
 
-        $this->assertEquals(array(), $this->bitbucket->requestToken($this->origin, $this->username, $this->password));
+        $this->config->expects($this->once())
+            ->method('get')
+            ->with('bitbucket-oauth')
+            ->willReturn(null);
+
+        $this->assertEquals('', $this->bitbucket->requestToken($this->origin, $this->username, $this->password));
     }
 
     public function testUsernamePasswordAuthenticationFlow()
@@ -161,67 +242,51 @@ class BitbucketTest extends \PHPUnit_Framework_TestCase
                 $this->isFalse(),
                 $this->anything()
             )
-            ->willReturn(sprintf('{}', $this->token))
-        ;
-
-        $authJson = $this->getAuthJsonMock();
-        $this->config
-            ->expects($this->exactly(3))
-            ->method('getAuthConfigSource')
-            ->willReturn($authJson)
-        ;
-        $this->config
-            ->expects($this->once())
-            ->method('getConfigSource')
-            ->willReturn($this->getConfJsonMock())
-        ;
-
-        $authJson->expects($this->once())
-            ->method('addConfigSetting')
-            ->with(
-                'bitbucket-oauth.'.$this->origin,
-                array(
-                    'consumer-key' => $this->consumer_key,
-                    'consumer-secret' => $this->consumer_secret
+            ->willReturn(
+                sprintf(
+                    '{"access_token": "%s", "scopes": "repository", "expires_in": 3600, "refresh_token": "refresh_token", "token_type": "bearer"}',
+                    $this->token
                 )
-            );
+            )
+        ;
 
-        $authJson->expects($this->once())
-            ->method('removeConfigSetting')
-            ->with('http-basic.'.$this->origin);
+        $this->setExpectationsForStoringAccessToken(true);
 
         $this->assertTrue($this->bitbucket->authorizeOAuthInteractively($this->origin, $this->message));
     }
 
-    private function getAuthJsonMock()
+    private function setExpectationsForStoringAccessToken($removeBasicAuth = false)
     {
-        $authjson = $this
-            ->getMockBuilder('Composer\Config\JsonConfigSource')
-            ->disableOriginalConstructor()
-            ->getMock()
-        ;
-        $authjson
-            ->expects($this->atLeastOnce())
-            ->method('getName')
-            ->willReturn('auth.json')
-        ;
-
-        return $authjson;
-    }
+        $configSourceMock = $this->getMock('Composer\Config\ConfigSourceInterface');
+        $this->config->expects($this->once())
+            ->method('getConfigSource')
+            ->willReturn($configSourceMock);
 
-    private function getConfJsonMock()
-    {
-        $confjson = $this
-            ->getMockBuilder('Composer\Config\JsonConfigSource')
-            ->disableOriginalConstructor()
-            ->getMock()
-        ;
-        $confjson
-            ->expects($this->atLeastOnce())
+        $configSourceMock->expects($this->once())
             ->method('removeConfigSetting')
-            ->with('bitbucket-oauth.'.$this->origin)
-        ;
+            ->with('bitbucket-oauth.' . $this->origin);
+
+        $authConfigSourceMock = $this->getMock('Composer\Config\ConfigSourceInterface');
+        $this->config->expects($this->atLeastOnce())
+            ->method('getAuthConfigSource')
+            ->willReturn($authConfigSourceMock);
+
+        $authConfigSourceMock->expects($this->once())
+            ->method('addConfigSetting')
+            ->with(
+                'bitbucket-oauth.' . $this->origin,
+                array(
+                    "consumer-key" => $this->consumer_key,
+                    "consumer-secret" => $this->consumer_secret,
+                    "access-token" => $this->token,
+                    "access-token-expiration" => $this->time + 3600
+                )
+            );
 
-        return $confjson;
+        if ($removeBasicAuth) {
+            $authConfigSourceMock->expects($this->once())
+                ->method('removeConfigSetting')
+                ->with('http-basic.' . $this->origin);
+        }
     }
 }