lib/r10k/git/rugged/credentials.rb in r10k-3.8.0 vs lib/r10k/git/rugged/credentials.rb in r10k-3.9.0

@@ -65,36 +65,43 @@
     if per_repo_settings = R10K::Git.get_repo_settings(url)
       per_repo_oauth_token = per_repo_settings[:oauth_token]
     end
 
     if token_path = per_repo_oauth_token || R10K::Git.settings[:oauth_token]
-      if token_path == '-'
-        token = $stdin.read.strip
-        logger.debug2 _("Using OAuth token from stdin for URL %{url}") % { url: url }
-      elsif File.readable?(token_path)
-        token = File.read(token_path).strip
-        logger.debug2 _("Using OAuth token from %{token_path} for URL %{url}") % { token_path: token_path, url: url }
-      else
-        raise R10K::Git::GitError, _("%{path} is missing or unreadable, cannot load OAuth token") % { path: token_path }
-      end
+      @oauth_token ||= extract_token(token_path, url)
 
-      unless valid_token?(token)
-        raise R10K::Git::GitError, _("Supplied OAuth token contains invalid characters.")
-      end
-
       user = 'x-oauth-token'
-      password = token
+      password = @oauth_token
     else
       user = get_git_username(url, username_from_url)
       password = URI.parse(url).password || ''
     end
     Rugged::Credentials::UserPassword.new(username: user, password: password)
   end
 
+  def extract_token(token_path, url)
+    if token_path == '-'
+      token = $stdin.read.strip
+      logger.debug2 _("Using OAuth token from stdin for URL %{url}") % { url: url }
+    elsif File.readable?(token_path)
+      token = File.read(token_path).strip
+      logger.debug2 _("Using OAuth token from %{token_path} for URL %{url}") % { token_path: token_path, url: url }
+    else
+      raise R10K::Git::GitError, _("%{path} is missing or unreadable, cannot load OAuth token") % { path: token_path }
+    end
+
+    unless valid_token?(token)
+      raise R10K::Git::GitError, _("Supplied OAuth token contains invalid characters.")
+    end
+
+    token
+  end
+
   # This regex is the only real requirement for OAuth token format,
   # per https://www.oauth.com/oauth2-servers/access-tokens/access-token-response/
+  # Bitbucket's tokens also can include an underscore, so that is added here.
   def valid_token?(token)
-    return token =~ /^[\w\-\.~\+\/]+$/
+    return token =~ /^[\w\-\.~_\+\/]+$/
   end
 
   def get_default_credentials(url, username_from_url)
     Rugged::Credentials::Default.new
   end