如何请求詹金斯的面包屑发行人 [英] How to request for the crumb issuer for Jenkins
问题描述
我想使用Jenkins Remote API,并且正在寻找安全的解决方案.我遇到了Prevent Cross Site Request Forgery exploits
,我想使用它,但是我读到某个地方,您必须提出一个面包屑请求.
I want to use the Jenkins Remote API, and I am looking for safe solution. I came across Prevent Cross Site Request Forgery exploits
and I want to use it, but I read somewhere that you have to make a crumb request.
如何获取面包屑请求以使API正常工作?
How do I get a crumb request in order to get the API working?
我找到了这个https://github.com/entagen/jenkins-build-per-branch/pull/20
,但是我仍然不知道如何解决它.
I found this https://github.com/entagen/jenkins-build-per-branch/pull/20
, but still I don't know how to fix it.
我的Jenkins版本是1.50.x.
My Jenkins version is 1.50.x.
使用POST请求时,经过身份验证的远程API请求以403响应
推荐答案
我也没有在文档中找到它.该代码已针对较早的Jenkins(1.466)进行了测试,但仍然可以使用.
I haven't found this in the documentation either. This code is tested against an older Jenkins (1.466), but should still work.
要发出面包屑,请使用crumbIssuer
To issue the crumb use the crumbIssuer
// left out: you need to authenticate with user & password -> sample below
HttpGet httpGet = new HttpGet(jenkinsUrl + "crumbIssuer/api/json");
String crumbResponse = toString(httpclient, httpGet);
CrumbJson crumbJson = new Gson().fromJson(crumbResponse, CrumbJson.class);
这会给您这样的答复
{"crumb":"fb171d526b9cc9e25afe80b356e12cb7","crumbRequestField":".crumb"}
其中包含您需要的两条信息
This contains two pieces of information you need
- 您需要用来传递面包屑的字段名称
- 面包屑本身
如果您现在想从詹金斯(Jenkins)中获取某些东西,则将碎屑添加为标头.在下面的示例中,我获取了最新的构建结果.
If you now want to fetch something from Jenkins, add the crumb as header. In the sample below I fetch the latest build results.
HttpPost httpost = new HttpPost(jenkinsUrl + "rssLatest");
httpost.addHeader(crumbJson.crumbRequestField, crumbJson.crumb);
这是示例代码的整体.我正在使用 gson 2.2.4 来解析响应并Apache的httpclient 4.2.3 .
Here is the sample code as a whole. I am using gson 2.2.4 to parse the response and Apache's httpclient 4.2.3 for the rest.
import org.apache.http.auth.*;
import org.apache.http.client.*;
import org.apache.http.client.methods.*;
import org.apache.http.impl.client.*;
import com.google.gson.Gson;
public class JenkinsMonitor {
public static void main(String[] args) throws Exception {
String protocol = "http";
String host = "your-jenkins-host.com";
int port = 8080;
String usernName = "username";
String password = "passwort";
DefaultHttpClient httpclient = new DefaultHttpClient();
httpclient.getCredentialsProvider().setCredentials(
new AuthScope(host, port),
new UsernamePasswordCredentials(usernName, password));
String jenkinsUrl = protocol + "://" + host + ":" + port + "/jenkins/";
try {
// get the crumb from Jenkins
// do this only once per HTTP session
// keep the crumb for every coming request
System.out.println("... issue crumb");
HttpGet httpGet = new HttpGet(jenkinsUrl + "crumbIssuer/api/json");
String crumbResponse= toString(httpclient, httpGet);
CrumbJson crumbJson = new Gson()
.fromJson(crumbResponse, CrumbJson.class);
// add the issued crumb to each request header
// the header field name is also contained in the json response
System.out.println("... issue rss of latest builds");
HttpPost httpost = new HttpPost(jenkinsUrl + "rssLatest");
httpost.addHeader(crumbJson.crumbRequestField, crumbJson.crumb);
toString(httpclient, httpost);
} finally {
httpclient.getConnectionManager().shutdown();
}
}
// helper construct to deserialize crumb json into
public static class CrumbJson {
public String crumb;
public String crumbRequestField;
}
private static String toString(DefaultHttpClient client,
HttpRequestBase request) throws Exception {
ResponseHandler<String> responseHandler = new BasicResponseHandler();
String responseBody = client.execute(request, responseHandler);
System.out.println(responseBody + "\n");
return responseBody;
}
}
这篇关于如何请求詹金斯的面包屑发行人的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!