java - JENKINS REST API 抛出 403 禁止
问题描述
问题陈述:
我有 Jenkins Sever V:2.190.2 在云上运行。在 Jenkins Config Security 上选择了“登录用户可以做任何事情”的权限。因此,这意味着具有有效用户名和密码的用户可以登录到 jenkin 服务器并执行授权的工作。基本上我需要通过传递作业名称和 jobXml 在 Jenkins 服务器上创建作业。
尝试以下选项:
到目前为止,我使用了 Github 上的“jenkinsci/java-client-api”api。这个 api 对于 Jenkins 相关操作来说是非常好的 api,我按照 READ.md 上的说明进行操作。我创建了 Jenkins Server 实例并尝试调用 getJenkinVersion() 和 getJobs() 方法,两者都运行良好并按预期返回结果。但是,当我要调用 createJob(jobName, jobXml) 时,此调用从服务器返回 403 禁止错误。
通过深入研究这个问题,我发现了以下内容:- 1. 当我将 Jenkins 安全配置更改为“任何用户都可以做任何事情”时,这个 createJob() 方法有效并且我能够创建工作。但是,由于安全限制,不建议使用此选项。2. 当我将 Jenkins 安全配置保持为“登录用户可以做任何事情”时,createJob() 方法不起作用并返回 403 禁止错误。在这里我还注意到,虽然我提供了正确的用户名和密码/令牌,用于从 UI 登录到 Jenkins 服务器以创建用户文档中定义的 Jenkins 服务器实例,但当它到达该方法时,它是以“匿名用户”身份登录到詹金。我认为这是返回 403 错误的根本原因。
下面的代码片段:
**Sample 1**:
HttpClientBuilder builder = HttpClientBuilder.create();
JenkinsHttpClient client = new JenkinsHttpClient(uri, builder, "XXX", "XXX");
JenkinsServer jenkins = new JenkinsServer(client);
String sourceXML = readFile("src/main/resources/config.xml");
System.out.println(String.format("Installed Jenkins Version >> %s", jenkins.getVersion().getLiteralVersion()));//works and gives correct result
jenkins.createJob("test-nov1", sourceXML);
**Sample 2**:
HttpClientBuilder builder = HttpClientBuilder.create();
JenkinsHttpClient client = new JenkinsHttpClient(uri, addAuthentication(builder, uri, userName, passwordOrToken));
JenkinsServer jenkins = new JenkinsServer(client);
String sourceXML = readFile("src/main/resources/config.xml");
System.out.println(String.format("Installed Jenkins Version >> %s", jenkins.getVersion().getLiteralVersion()));
jenkins.createJob(null,"test-nov1", sourceXML,true);
**Sample Exception**:
Exception in thread "main" org.apache.http.client.HttpResponseException: status code: 403, reason phrase: Forbidden
at com.offbytwo.jenkins.client.validator.HttpResponseValidator.validateResponse(HttpResponseValidator.java:11)
at com.offbytwo.jenkins.client.JenkinsHttpClient.post_xml(JenkinsHttpClient.java:375)
at com.offbytwo.jenkins.JenkinsServer.createJob(JenkinsServer.java:389)
at com.offbytwo.jenkins.JenkinsServer.createJob(JenkinsServer.java:359)
at com.xx.OffByTwoJenkins.main(OffByTwoJenkins.java:31)
选项 2:我还尝试了其他选项,直接使用 HttpUrl 连接直接调用 Jenkins REST API。
**Sample Code** :
public int createJob(final String username, final String password, final String jenkinsUrl, final String jobName) {
// http://JENKINSURL//createItem?name=JOBNAME
String jobUrl = jenkinsUrl + "/createItem?name=" + jobName;
int responseCode = 00;
try {
String basicAuth = Base64.getEncoder().encodeToString((username+":"+password).getBytes(StandardCharsets.UTF_8));
//String encoding = Base64.getEncoder().encodeToString((username+":"+password).getBytes("utf-8"));
System.out.println(String.format("User Auth >> %s", basicAuth));
String sourceXML = readFile("src/main/resources/config.xml");
URL url = new URL(jobUrl);
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
//connection.setReadTimeout(10000);
//connection.setConnectTimeout(15000);
connection.setRequestProperty("Authorization", "Basic " + basicAuth);
connection.setRequestProperty("Content-Type", "application/xml");
connection.setRequestProperty("Content-Language", "en-US");
connection.setRequestMethod("POST");
connection.setUseCaches(false);
connection.setDoInput(true);
connection.setDoOutput(true);
connection.setInstanceFollowRedirects(false);
OutputStream os = connection.getOutputStream();
os.write(sourceXML.getBytes());
os.flush();
responseCode = connection.getResponseCode();
BufferedReader br = new BufferedReader(new InputStreamReader((connection.getInputStream())));
String output;
System.out.println("Output from Server .... \n");
while ((output = br.readLine()) != null) {
System.out.println(output);
}
connection.disconnect();
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
return responseCode;
}
This also returns with same error 403 forbidden.
**Exception** :
Caused by: java.io.IOException: Server returned HTTP response code: 403 for URL: <<JenkinsURL>>
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at java.net.HttpURLConnection.getResponseCode(Unknown Source)
at com.xx.JenkinsJobExecutor.createJob(JenkinsJobExecutor.java:109)
我真的不明白我需要在哪里调整才能获得工作。谢谢
解决方案
即使在启用 CSRF 之后,以下解决方案也对我有用。
public class JenkinsJobCreate {
public static void main(String[] args) {
System.out.println("JenkinsJobsTrigger has started ###############################");
String ipAddress = "http://localhost:8080/";
String jobName = "Hello-world";
String username = "admin";
String password = "admin";
System.out.println("ipAddress: " + ipAddress);
System.out.println("jobName: " + jobName);
System.out.println("username: " + username);
System.out.println("password: " + password);
try (JenkinsServer jenkinsServer = new JenkinsServer(new URI(ipAddress), username, password)) {
// our XML file for this example
File xmlFile = new File("src/main/resources/config.xml");
// Let's get XML file as String using BufferedReader
// FileReader uses platform's default character encoding
// if you need to specify a different encoding, use InputStreamReader
Reader fileReader = new FileReader(xmlFile);
BufferedReader bufReader = new BufferedReader(fileReader);
StringBuilder sb = new StringBuilder();
String line = bufReader.readLine();
while( line != null){
sb.append(line).append("\n");
line = bufReader.readLine();
}
String jobXml = sb.toString();
System.out.println("XML to String using BufferedReader : ");
System.out.println(jobXml);
bufReader.close();
jenkinsServer.createJob(jobName, jobXml, true);
} catch (Exception e) {
System.out.println("Exception Occured!!!");
e.printStackTrace();
}
System.out.println("JenkinsJobsTrigger has Finished ###############################");
}
}
配置文件
<?xml version='1.1' encoding='UTF-8'?>
<project>
<description></description>
<keepDependencies>false</keepDependencies>
<properties/>
<scm class="hudson.scm.NullSCM"/>
<canRoam>true</canRoam>
<disabled>false</disabled>
<blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
<blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
<triggers/>
<concurrentBuild>false</concurrentBuild>
<builders>
<hudson.tasks.Shell>
<command>echo "Jenkins Testing Hello World!"</command>
</hudson.tasks.Shell>
</builders>
<publishers/>
<buildWrappers/>
</project>
推荐阅读
- flutter - 如何在调试控制台中关闭此日志(Flutter,Android Emulator)
- regex - Sed 不匹配反斜杠文字还是我做错了什么?
- spring - 对 spring 项目数据库和 keycloak 数据库使用相同的 postgres 容器
- flutter - 当父母的状态发生变化时,如何让子小部件更新?
- header - 在顶部保留一个固定的标题...?
- javascript - JS在选择“все”选项时需要返回所有值
- c# - ASP.NET Core Angular - 根据登录用户发送不同的 SignalR 消息
- iframe - 通过单击同一页面中的标签在iframe 中加载不同网页时是否保留 Lazyload ?
- macos - 首次呈现时,带有 Binding 变量的 SwiftUI 呈现表不起作用
- javascript - Asp.Net Core MVC 不加载视图