如何在远程访问其 JSON API 的同时在 Jenkins 中进行身份验证?
[英]How to authenticate in Jenkins while remotely accessing its JSON API?
问题描述
I need to access the Jenkins JSON API from a Python script.
我需要从 Python 脚本访问 Jenkins JSON API。 The problem is that our Jenkins installation is secured so to log in users have to select a certificate.问题是我们的 Jenkins 安装是安全的,因此登录用户必须选择一个证书。 Sadly, in Jenkins Remote Access Documentation they don't mention a thing about certificates and I tried using the API Token without success.可悲的是,在 Jenkins 远程访问文档中,他们没有提到关于证书的事情,我尝试使用 API 令牌但没有成功。
How can I get to authenticate from a Python script to use their JSON API?如何从 Python 脚本进行身份验证以使用他们的 JSON API?
Thanks in advance!提前致谢!
3 个解决方案
解决方案1
1 已采纳 2016-09-21 20:39:34
You have to authenticate to the JSON API using HTTP Basic Auth.您必须使用 HTTP 基本身份验证对 JSON API 进行身份验证。
To make scripted clients (such as wget) invoke operations that require authorization (such as scheduling a build), use HTTP BASIC authentication to specify the user name and the API token.
https://wiki.jenkins-ci.org/display/JENKINS/Authenticating+scripted+clients https://wiki.jenkins-ci.org/display/JENKINS/Authenticating+scripted+clients
Here is a sample of using Basic Auth with Python.以下是在 Python 中使用 Basic Auth 的示例。
http://docs.python-requests.org/en/master/user/authentication/ http://docs.python-requests.org/en/master/user/authentication/
Keep in mind if you are using a Self Signed certificate on an internal Jenkin Server you'll need to turn off certificate validation OR get the certificate from the server and add it to the HTTP request请记住,如果您在内部 Jenkin 服务器上使用自签名证书,则需要关闭证书验证或从服务器获取证书并将其添加到 HTTP 请求中
http://docs.python-requests.org/en/master/user/advanced/ http://docs.python-requests.org/en/master/user/advanced/
解决方案2
0 2016-09-21 20:03:11
I finally found out how to authenticate to Jenkins using certs and wget.我终于找到了如何使用证书和 wget 对 Jenkins 进行身份验证。 I had to convert my pfx certificates into pem ones with cert and keys in separate files For more info about that come here .我必须将我的 pfx 证书转换为 pem 证书,并在单独的文件中使用证书和密钥有关更多信息,请访问此处。 In the end this is the command I used.最后这是我使用的命令。
wget --certificate=/home/B/cert.pem --private-key=/home/B/key.pem --no-check-certificate --output-document=jenkins.json https:<URL>
解决方案3
0 2019-11-08 07:55:15
I'm not completely sure it covers your certificate use case, but since it took me some time to find out, I still want to share this snipped that retrieves the email address for a given user name in Python without special Jenkins libraries.我不完全确定它是否涵盖了您的证书用例,但由于我花了一些时间才发现,我仍然想分享这个片段,它在没有特殊 Jenkins 库的情况下在 Python 中检索给定用户名的电子邮件地址。 It uses an API token and "supports" (actually ignores) https:它使用 API 令牌并“支持”(实际上忽略)https:
def _get_email_adress(user):
request = urllib.request.Request("https://jenkins_server/user/"+ user +"/api/json")
#according to https://stackoverflow.com/a/28052583/4609258 the following is ugly
context = ssl._create_unverified_context()
base64string = base64.b64encode(bytes('%s:%s' % ('my user name', 'my API token'),'ascii'))
request.add_header("Authorization", "Basic %s" % base64string.decode('utf-8'))
with urllib.request.urlopen(request, context=context) as url:
user_data = json.loads(url.read().decode())
for property in user_data['property']:
if property["_class"]=="hudson.tasks.Mailer$UserProperty":
return property["address"];
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.