feat(bitbucket): enhance Bitbucket integration with improved validation and error handling

Author: Ayyanaruto

web-server/pages/api/integrations/bitbucket/scopes.ts

@@ -3,32 +3,81 @@ import { handleRequest } from '@/api-helpers/axios';
 import * as yup from 'yup';
 
 const payloadSchema = yup.object({
-  username: yup.string().required('Username is required'),
-  appPassword: yup.string().required('App password is required'),
-  customDomain: yup.string().url('Custom domain must be a valid URL'),
+  username: yup
+    .string()
+    .required('Username is required')
+    .trim()
+    .min(1, 'Username cannot be empty')
+    .max(100, 'Username too long'),
+  appPassword: yup
+    .string()
+    .required('App password is required')
+    .min(1, 'App password cannot be empty')
+    .max(500, 'App password too long')
 });
 
 const endpoint = new Endpoint(nullSchema);
 
 endpoint.handle.POST(payloadSchema, async (req, res) => {
   try {
-    const { username, appPassword, customDomain } = req.payload;
-    const baseUrl = customDomain || 'https://api.bitbucket.org/2.0';
-    const url = `${baseUrl}/user`;
+    const { username, appPassword } = req.payload;
+    const sanitizedUsername = username.replace(/[^\w.-]/g, '');
+    
+    if (sanitizedUsername !== username) {
+      return res.status(400).json({
+        message: 'Invalid username format. Only alphanumeric characters, dots, and hyphens are allowed.'
+      });
+    }
+    
+    const url = 'https://api.bitbucket.org/2.0/user';
+    
     const response = await handleRequest(url, {
       method: 'GET',
-      auth: {
-        username,
-        password: appPassword,
+      headers: {
+        Authorization: `Basic ${Buffer.from(`${sanitizedUsername}:${appPassword}`).toString('base64')}`,
+        'User-Agent': 'MiddlewareApp/1.0'
       },
-    },true);
+      timeout: 10000
+    }, true);
 
-    res.status(200).json(response);
+    if (!response.headers) {
+      return res.status(400).json({
+        message: 'Unable to retrieve permission information from BitBucket'
+      });
+    }
+
+    res.status(200).json({
+      ...response,
+      headers: response.headers
+    });
   } catch (error: any) {
-    console.error('Error fetching Bitbucket user:', error.message);
-    res.status(error.response?.status || 500).json({
-      message: error.response?.data?.error?.message || 'Internal Server Error',
+    console.error('Error fetching Bitbucket user:', {
+      message: error.message,
+      status: error.response?.status,
+      hasCredentials: !!(req.payload?.username && req.payload?.appPassword)
     });
+    
+    const status = error.response?.status || 500;
+    let message = 'Internal Server Error';
+    
+    switch (status) {
+      case 401:
+        message = 'Invalid BitBucket credentials';
+        break;
+      case 403:
+        message = 'Access forbidden. Check your App Password permissions';
+        break;
+      case 404:
+        message = 'BitBucket user not found';
+        break;
+      case 429:
+        message = 'Rate limit exceeded. Please try again later';
+        break;
+      default:
+        message = error.response?.data?.error?.message || message;
+    }
+    
+    res.status(status).json({ message });
   }
 });
 

web-server/src/api-helpers/axios.ts

@@ -91,7 +91,10 @@ export const handleRequest = <T = any, B extends boolean = false>(
   internal({
     url,
     ...params,
-    headers: { 'Content-Type': 'application/json' }
+    headers: { 
+      'Content-Type': 'application/json',
+      ...params.headers 
+    }
   })
     .then((r: any) => handleThen(r, includeHeaders))
     .catch(handleCatch);

web-server/src/content/Dashboards/BitbucketIntegrationCard.tsx

@@ -147,7 +147,7 @@ import {
   };
 
   const IntegrationActionsButton: FC<{
-    onClick: AnyFunction;
+    onClick: () => void | Promise<void>;
     label: ReactNode;
     bgOpacity?: number;
     startIcon?: ReactNode;
@@ -245,4 +245,3 @@ import {
       </svg>
     );
   };
-