bitbucket: allow OAuth params to be overridden at runtime

Allow the OAuth client ID, secret, and redirect URI to be overridden at
runtime using environment variables or config.

Author: mjcheetham

src/shared/Atlassian.Bitbucket/BitbucketAuthentication.cs

@@ -123,7 +123,7 @@ public async Task<bool> ShowOAuthRequiredPromptAsync()
 
         public async Task<OAuth2TokenResult> CreateOAuthCredentialsAsync(Uri targetUri)
         {
-            var oauthClient = new BitbucketOAuth2Client(HttpClient);
+            var oauthClient = new BitbucketOAuth2Client(HttpClient, Context.Settings);
 
             var browserOptions = new OAuth2WebBrowserOptions
             {
@@ -139,7 +139,7 @@ public async Task<OAuth2TokenResult> CreateOAuthCredentialsAsync(Uri targetUri)
 
         public async Task<OAuth2TokenResult> RefreshOAuthCredentialsAsync(string refreshToken)
         {
-            var oauthClient = new BitbucketOAuth2Client(HttpClient);
+            var oauthClient = new BitbucketOAuth2Client(HttpClient, Context.Settings);
 
             return await oauthClient.GetTokenByRefreshTokenAsync(refreshToken, CancellationToken.None);
         }

src/shared/Atlassian.Bitbucket/BitbucketConstants.cs

@@ -21,5 +21,22 @@ public static class OAuthScopes
             public const string RepositoryWrite = "repository:write";
             public const string Account = "account";
         }
+
+        public static class EnvironmentVariables
+        {
+            public const string DevOAuthClientId = "GCM_DEV_BITBUCKET_CLIENTID";
+            public const string DevOAuthClientSecret = "GCM_DEV_BITBUCKET_CLIENTSECRET";
+            public const string DevOAuthRedirectUri = "GCM_DEV_BITBUCKET_REDIRECTURI";
+        }
+
+        public static class GitConfiguration
+        {
+            public static class Credential
+            {
+                public const string DevOAuthClientId = "bitbucketDevClientId";
+                public const string DevOAuthClientSecret = "bitbucketDevClientSecret";
+                public const string DevOAuthRedirectUri = "bitbucketDevRedirectUri";
+            }
+        }
     }
 }

src/shared/Atlassian.Bitbucket/BitbucketOAuth2Client.cs

@@ -1,6 +1,8 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT license.
+using System;
 using System.Net.Http;
+using Microsoft.Git.CredentialManager;
 using Microsoft.Git.CredentialManager.Authentication.OAuth;
 using Microsoft.Git.CredentialManager.Authentication.OAuth.Json;
 using Newtonsoft.Json;
@@ -13,14 +15,54 @@ public class BitbucketOAuth2Client : OAuth2Client
             BitbucketConstants.OAuth2AuthorizationEndpoint,
             BitbucketConstants.OAuth2TokenEndpoint);
 
-        public BitbucketOAuth2Client(HttpClient httpClient)
+        public BitbucketOAuth2Client(HttpClient httpClient, ISettings settings)
             : base(httpClient, Endpoints,
-                BitbucketConstants.OAuth2ClientId,
-                BitbucketConstants.OAuth2RedirectUri,
-                BitbucketConstants.OAuth2ClientSecret)
+                GetClientId(settings), GetRedirectUri(settings), GetClientSecret(settings))
         {
         }
 
+        private static string GetClientId(ISettings settings)
+        {
+            // Check for developer override value
+            if (settings.TryGetSetting(
+                BitbucketConstants.EnvironmentVariables.DevOAuthClientId,
+                Constants.GitConfiguration.Credential.SectionName, BitbucketConstants.GitConfiguration.Credential.DevOAuthClientId,
+                out string clientId))
+            {
+                return clientId;
+            }
+
+            return BitbucketConstants.OAuth2ClientId;
+        }
+
+        private static Uri GetRedirectUri(ISettings settings)
+        {
+            // Check for developer override value
+            if (settings.TryGetSetting(
+                BitbucketConstants.EnvironmentVariables.DevOAuthRedirectUri,
+                Constants.GitConfiguration.Credential.SectionName, BitbucketConstants.GitConfiguration.Credential.DevOAuthRedirectUri,
+                out string redirectUriStr) && Uri.TryCreate(redirectUriStr, UriKind.Absolute, out Uri redirectUri))
+            {
+                return redirectUri;
+            }
+
+            return BitbucketConstants.OAuth2RedirectUri;
+        }
+
+        private static string GetClientSecret(ISettings settings)
+        {
+            // Check for developer override value
+            if (settings.TryGetSetting(
+                BitbucketConstants.EnvironmentVariables.DevOAuthClientSecret,
+                Constants.GitConfiguration.Credential.SectionName, BitbucketConstants.GitConfiguration.Credential.DevOAuthClientSecret,
+                out string clientId))
+            {
+                return clientId;
+            }
+
+            return BitbucketConstants.OAuth2ClientSecret;
+        }
+
         protected override bool TryCreateTokenEndpointResult(string json, out OAuth2TokenResult result)
         {
             // We override the token endpoint response parsing because the Bitbucket authority returns