时间戳

首页 > 解决方案 > Jenkins API Response 没有使用 Crumb

python - Jenkins API Response 没有使用 Crumb

问题描述

我想删除一个工作,为此我的 Jenkins 服务器需要碎屑。我正在发送面包屑,但它仍然发送给我,标题和/或正文中没有面包屑。

尝试了标题和正文的所有组合,但都没有奏效。

import requests
import json
from urllib.request import urljoin

def delete_jenkins_job(delete_url):
    """
    Function to delete Jenkins Job
    :param delete_url:
    :return:
    """
    base_url = 'http://<jenkins-server>:8080'
    _user = '<my-user>'
    _pass = '<my-pass>'
    crumb_url = urljoin(base_url, '/crumbIssuer/api/json')
    delete_url = urljoin(base_url, delete_url)
    response = json.loads(requests.request("GET", crumb_url, auth=(_user, _pass)).content)
    header = {
        'Connection': 'keep-alive',
        'Cache-Control': 'max-age=0',
        'Upgrade-Insecure-Requests': '1',
        'Content-Type': 'application/x-www-form-urlencoded',
        'Accept-Encoding': 'gzip, deflate',
    }
    data = {
        response['crumbRequestField']: response['crumb']
    }
    response = requests.request("POST", url=delete_url, headers=header, data=json.dumps(data), auth=(_user, _pass))

b'<html>\n<head>\n<meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>\n<title>Error 403 No valid crumb was included in the request</title>\n</head>\n<body><h2>HTTP ERROR 403</h2>\n<p>Problem accessing /job/PyTest-Docker-Based/567/doDelete. Reason:\n<pre>    No valid crumb was included in the request</pre></p><hr><a href="http://eclipse.org/jetty">Powered by Jetty:// 9.4.z-SNAPSHOT</a><hr/>\n\n</body>\n</html>\n'

标签: pythonapijenkins

解决方案

Jenkins 从 2.176.x 版本更新了安全性,https: //jenkins.io/doc/upgrade-guide/2.176/

为避免这种情况,您可以遵循以下三种方法之一:

  1. 安装 Strict Crumb Issuer jenkins 插件(https://wiki.jenkins.io/display/JENKINS/Strict+Crumb+Issuer+Plugin)来解决问题。

  2. 更新 set-cookie 键的标头以及 jenkins-crumb

    def cookieContent = response.headers.get("Set-Cookie")
httpRequest(
    url: "https://the-url.com/the-thing.php",
    customHeaders: [[name:"Cookie", value:cookieContent]])

  3. 禁用此改进,您可以将系统属性hudson.security.csrf.DefaultCrumbIssuer.EXCLUDE_SESSION_ID设置为 true。

推荐阅读