使用 PHP CURL 登录 HP ALM REST API

Question

我是 REST 的新手，我正在尝试开发一个 Web 应用程序，该应用程序将从一个 sid（已经涵盖）连接到 JIRA，并从另一边连接到 HP 的 ALM。

我现在试图完成的是使用 PHP 对 ALM 进行基本身份验证，但似乎无法进行。
这是我的代码：

$handle=curl_init('http://192.168.1.7:8081');
$headers = array(
    'Accept: application/xml',
    'Content-Type: application/xml',
    'Authorization: Basic YWRtaW46MTIzNA==',
);

$username='admin';
$password='1234';

$url = 'http://192.168.1.7:8081/qcbin/authentication-point/login.jsp';


curl_setopt_array(
$handle,
array(
CURLOPT_URL=>'http://192.168.1.7:8081/qcbin/rest/domains/default/projects/Ticomsoft/defects?login-form-required=y',
//CURLOPT_COOKIEFILE=>$ckfile,
CURLOPT_POST=>true,
//CURLOPT_HTTPGET =>true,
CURLOPT_COOKIEJAR=>$ckfile,
CURLOPT_VERBOSE=>1,
//CURLOPT_POSTFIELDS=>,
//CURLOPT_GETFIELDS=>'j_username=admin&j_password=1234&redirect-url=http://192.168.1.7:8081/myUiResource.jsps',
CURLOPT_SSL_VERIFYHOST=> 0,
CURLOPT_SSL_VERIFYPEER=> 0,
CURLOPT_RETURNTRANSFER=>true,
CURLOPT_FOLLOWLOCATION=>true,
CURLOPT_HEADER=>false,
CURLOPT_HTTPHEADER=> $headers,
CURLOPT_AUTOREFERER=>true
//CURLOPT_COOKIE=>
//CURLOPT_USERPWD=>"admin:yahala"
//CURLOPT_CUSTOMREQUEST=>"POST"
)

);
$result=curl_exec($handle);
$ch_error = curl_error($handle);
$response = curl_getinfo($handle);

print_r($response);
if ($ch_error) {
    echo "cURL Error: $ch_error";
} else {
    //var_dump(json_decode($result, true));
    echo $result;   
}

curl_close($handle);

?>

正如你所看到的，随着我的反复试验，有很多垃圾。

Answer 1

开始了。 我按照 QC Rest API 文档研究了 QC 期望发出请求的顺序。 我已经针对 ALM11 对其进行了测试。 我也是 cURL 的新手，但这应该能让你进入并工作......

<?php

//create a new cURL resource
$qc = curl_init();
//create a cookie file
$ckfile = tempnam ("/tmp", "CURLCOOKIE");

//set URL and other appropriate options
curl_setopt($qc, CURLOPT_URL, "http://qualityCenter:8080/qcbin/rest/is-authenticated");
curl_setopt($qc, CURLOPT_HEADER, 0);
curl_setopt($qc, CURLOPT_HTTPGET, 1);
curl_setopt($qc, CURLOPT_RETURNTRANSFER, 1);

//grab the URL and pass it to the browser
$result = curl_exec($qc);
$response = curl_getinfo($qc);

//401 Not authenticated (as expected)
//We need to pass the Authorization: Basic headers to authenticate url with the 
//Correct credentials.
//Store the returned cookfile into $ckfile
//Then use the cookie when we need it......
if($response[http_code] == '401')
{

        $url = "http://qualityCenter:8080/qcbin/authentication-point/authenticate";
        $credentials = "qc_username:qc_password";
        $headers = array("GET /HTTP/1.1","Authorization: Basic ". base64_encode($credentials));

    curl_setopt($qc, CURLOPT_URL, $url);
    curl_setopt($qc, CURLOPT_HTTPGET,1); //Not sure we need these again as set above?
    curl_setopt($qc, CURLOPT_HTTPHEADER, $headers);
    //Set the cookie
        curl_setopt($qc, CURLOPT_COOKIEJAR, $ckfile);
        curl_setopt($qc, CURLOPT_RETURNTRANSFER, true);

        $result = curl_exec($qc);
        $response = curl_getinfo($qc);

       //The response will be 200   
       if($response[http_code] == '200')
       {
        //Use the cookie for subsequent calls...
        curl_setopt($qc, CURLOPT_COOKIEFILE, $ckfile);
        curl_setopt($qc, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($qc, CURLOPT_URL, "http://qualityCenter:8080/qcbin/rest/domains/Your_Domain/projects/Your_Project/defects");

    //In this example we are retrieving the xml so...
        $xml = simplexml_load_string(curl_exec($qc));
        print_r($xml);

    //Call Logout
        logout($qc,"http://qualityCenter:8080/qcbin/authentication-point/logout");

       }
       else
       {
        echo "Authentication failed";
       }

    }
else
{
        echo "Not sure what happened?!";
}

//Close cURL resource, and free up system resources
curl_close($qc);

function logout($qc, $url)
{
    curl_setopt($qc, CURLOPT_URL, $url);
        curl_setopt($qc, CURLOPT_HEADER, 0);
        curl_setopt($qc, CURLOPT_HTTPGET,1);
        curl_setopt($qc, CURLOPT_RETURNTRANSFER, 1);

    //grab the URL and pass it to the browser
    $result = curl_exec($qc);
}

?>

让我知道它是否有效！

谢谢，

富有的

Answer 2

要记住的重要事情之一是在身份验证后，您必须使用cookie LWSSO 执行以下POST /qcbin/rest/site-session

这将返回执行任何操作所需的QCSession和XSRF-TOKEN

Answer 3

这是我在 Perl 中针对此问题的解决方案：首先执行身份验证步骤，为下一个 libcurl 请求设置 cookie，然后可以毫无问题地执行。 这是后台作业的版本。 对于对话应用程序，凭据可以从用户的输入中传递过来。 另外，我必须使用 https 而不是 http 来执行此操作。 Perl 程序还展示了如何为 https 指示 curl（ http://unitstep.net/blog/2009/05/05/using-curl-in-php-to-access-https上有一个非常好的操作方法-ssltls-protected-sites/ ）。

#!/usr/bin/perl 

# This script accesses, as a proxy, the REST API of the HP quality center
# Running it without query parameter, the complete list of defects is returned
# A query parameter, e.g. 'query={id[2283]}' will be passed as is to the HP QC API

# We are using the libcurl wrapper WWW::Curl::Easy
# The access is https, so a certificate has to be passed to libcurl
# The main point for using curl, however, is the authentication procedure:
# HP requires a preparative call to a special authentication service
# The authentication ticket will then be passed back as a cookie
# Only with this ticket, the real GET request on the defects can be performed

use WWW::Curl::Easy;

use strict;
use warnings;

use constant {
  URL_QC_DEFECTS   => "https://[QC DOMAIN]/qcbin/rest/domains/[DOMAIN]/projects/[PROJECT]/defects/",
  URL_QC_AUTH      => "https://[QC DOMAIN]/qcbin/authentication-point/authenticate",
  PATH_CERT        => "[PATH TO CREDENTIALS]"  # contains certificate and credentials, see below
  };

doRequest( URL_QC_DEFECTS . "?" . $ENV{QUERY_STRING} );
return 0;

sub doRequest {
  my ($url,$cookies,$response) = (shift,"","");
  eval {
    my $curl = get_curl_instance(\$cookies,\$response);
    authenticate( $curl );
    get( $curl, $url );
    if ($response =~ /.*?(<\?xml\b.*)/s) {
      print "Content-Type:text/xml\n\n";
      print $1;
      }
    else {
      die "The response from HP QC is not in XML format";
      }
    };
  if ($@) {
    print "Content-Type:text/plain\n\n$@";
    }
  }

sub get_curl_instance {

  my ($cookie,$response) = @_;

  my $curl = WWW::Curl::Easy->new( );  

  open( my $cookiefile, ">", $cookie) or die "$!";
  $curl->setopt( CURLOPT_COOKIEFILE, $cookiefile );  
  open( my $responsefile, ">", $response) or die "$!";  
  $curl->setopt( CURLOPT_WRITEDATA, $responsefile );  
  $curl->setopt( CURLOPT_SSL_VERIFYPEER, 1);
  $curl->setopt( CURLOPT_SSL_VERIFYHOST, 2);
  $curl->setopt( CURLOPT_CAINFO, cert() );  
  $curl->setopt( CURLOPT_FOLLOWLOCATION, 1 );
  return $curl;
  }

sub authenticate {
  my $curl = shift;
  my ($rc,$status);
  $curl->setopt( CURLOPT_URL, URL_QC_AUTH );
  $curl->setopt( CURLOPT_USERPWD, cred( ) );  
  if (($rc = $curl->perform( )) != 0) {
    die "Error Code $rc in curl->perform( ) on URL " . URL_QC_AUTH;
    }
  if (($status=$curl->getinfo(CURLINFO_HTTP_CODE))!="200") {
    die "HTTP-Statuscode $status from authentication call";
    }   
  }


sub  get {
  my ($curl,$url) = @_;
  my ($rc,$status);
  $curl->setopt( CURLOPT_URL, $url );
  $curl->setopt( CURLOPT_HEADER, { Accept => "text/xml" } );
  if (($rc = $curl->perform( )) != 0) {
    die "Error Code $rc from defects request";
    }
  if (($status=$curl->getinfo(CURLINFO_HTTP_CODE))!="200") {
    die "HTTP Statuscode $status from defects request";
    }   
  }

sub cred {
  open CRED, PATH_CERT . '/.cred_qc' or die "Can't open credentials file: $!";
  chomp( my $cred = <CRED>); 
  close CRED;
  return $cred;
  }

sub cert {
  return PATH_CERT . '/qc.migros.net.crt';
  }  

Answer 4

作为 Sohaib 关于认证后需要 POST 到 /qcbin/rest/site-session 的答案的替代方案，您可以通过 POST 到 /qcbin/api/authentication/sign-in 一步完成这两项操作，如下所示：

“有四个 cookie 返回，并且在 ALM 12.53 中，身份验证点已更改（但文档没有更改，因此会将您发送到错误的位置！）

因此，使用 BASIC 身份验证、base64 编码的用户名/密码向 /qcbin/api/authentication/sign-in 发送 POST 请求，您将返回

• LWSSO_COOKIE_KEY
• QCESSION
• ALM_USER
• XSRF_TOKEN

将这些包含在您所有后续的GETS 和PUTS 中，您应该没问题。”

（此答案取自https://community.microfocus.com/t5/ALM-QC-User-Discussions/Authentication-fails-when-trying-to-pull-data-from-ALM-server/td-p/ 940921 ，并在类似的情况下为我工作）。