/sonar-auth-bitbucket

Bitbucket Authentication for SonarQube

Primary LanguageJava

Bitbucket Authentication Plugin for SonarQube

This plugin enables user authentication and Single Sign-On via Bitbucket. If you want to analyse Bitbucket Pull Requests you should use this or this plugin.

Installation

  1. Install the plugin through the Update Center or download it into the SONARQUBE_HOME/extensions/plugins directory
  2. Restart the SonarQube server

Configuration

  1. In Bitbucket, create a Developer application :
  2. Go to "Add-ons" -> "OAuth" -> "Add consumer"
  3. Name : Something like "My Company SonarQube"
  4. URL : SonarQube URL
  5. Callback URL : SonarQube_URL/oauth2/callback
  6. Permissions : Check Account -> Read (Email will automatically be selected)
  7. In SonarQube :
  8. Go to "Administration" -> "Configuration" -> "General Settings" -> "Security" -> "Bitbucket"
  9. Set the "Enabled" property to true
  10. Set the "OAuth consumer Key" from the value provided by the Bitbucket OAuth consumer
  11. Set the "OAuth consumer Secret" from the value provided by the Bitbucket OAuth consumer
  12. Go to the login form, a new button "Log in with Bitbucket" allow users to connect to SonarQube with their Bitbucket accounts.

Note: Only HTTPS is supported

  • SonarQube must be publicly accessible through HTTPS only
  • The property 'sonar.core.serverBaseURL' must be set to this public HTTPS URL

General Configuration

Property Description Default value
sonar.auth.bitbucket.allowUsersToSignUp Allow new users to authenticate. When set to 'false', only existing users will be able to authenticate to the server true
sonar.auth.bitbucket.clientId.secured Consumer Key provided by Bitbucket when registering the consumer None
sonar.auth.bitbucket.clientSecret.secured Consumer password provided by Bitbucket when registering the consumer None
sonar.auth.bitbucket.enabled Enable Bitbucket users to login. Value is ignored if consumer Key and Secret are not defined false
sonar.auth.bitbucket.loginStrategy When the login strategy is set to 'Unique', the user's login will be auto-generated the first time so that it is unique. When the login strategy is set to 'Same as Bitbucket login', the user's login will be the Bitbucket login. This last strategy allows, when changing the authentication provider, to keep existing users (if logins from new provider are the same than Bitbucket) Unique

Have question or feedback?

To provide feedback (request a feature, report a bug etc.) use the SonarQube Google Group. Please do not forget to specify plugin and SonarQube versions if it relates to a bug. If you have a question on how to use plugin direct it to StackOverflow tagged both sonarqube and bitbucket.

Development

Build Status