我正在尝试从Jenkins声明式管道调用Blackduck REST API由于黑鸭子首先使用来自login.microsoftonline.com的SAML进行了身份验证,然后提交了请求并提供了响应。如果使用浏览器访问https://blackduckxxx.com/api/projects?q=name:myproject,它将要求先登录我的SSO(用户名和密码),然后重定向以显示API结果。这里也使用API令牌。
如果尝试从Jenkins管道访问相同的API,则会得到以下响应
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
</head>
<body onload="document.forms[0].submit()">
<noscript>
<p>
<strong>Note:</strong> Since your browser does not support JavaScript,
you must press the Continue button once to proceed.
</p>
</noscript>
<form action="https://login.microsoftonline.com/222fcaf7-15d0-455f-97e1-8fda2eaad539/saml2" method="post">
<div>
<input type="hidden" name="SAMLRequest" value=".............."/>
</div>
<noscript>
<div>
<input type="submit" value="Continue"/>
</div>
</noscript>
</form>
</body>
</html>
试图在URL中传递用户名和密码,例如
https://blackduckxxx.com/api/projects?q=name:myprojects&user=me&password=mypwd
However it did not work.
```` Jenkins pipeline
stage("OC login"){
steps{
script{
def bdUrl = 'https://blackduckxxx.com'
def bdApi = '/api/projects'
def params = 'name:myproject'
def bdUrlRequestProjectID = bdUrl + bdApi + "?q=" + params
println("bdUrlRequestProjectID is ${bdUrlRequestProjectID}")
def response = httpRequest authentication: 'login-microsoft', acceptType: 'APPLICATION_JSON',httpMode: 'GET',consoleLogResponseBody: true, url: "${bdUrlRequestProjectID}", customHeaders: [[name: 'X-CSRF-TOKEN', value: 'xxxxxx']]
}
}
}
}
}
预期结果是从Blackduck API获取项目名称标准响应
这通过使用不记名令牌和curl命令解决,请参见下面的内容
def bearerToken
script.withCredentials([script.usernamePassword(credentialsId: "blackDuckAuthentication", usernameVariable: 'username', passwordVariable: 'bdToken')]) {
def json_BearerToken = script.sh(script: "curl -s -X POST -H 'Authorization: token ${script.bdToken}' -H 'cache-control: no-cache' 'https://blackduckxxx.com/api/tokens/authenticate'", returnStdout: true)
bearerToken = new JsonSlurperClassic().parseText(json_BearerToken).get("bearerToken").trim()
def json_Projects = script.sh(script: "curl -X GET -H 'Accept: application/json' -H 'Authorization: Bearer ${bearerToken}' 'https://blackduckxxx.com/api/projects'", returnStdout: true)