C# 向API发布删除请求时禁止Jenkins返回(403)
我正在尝试使用C#脚本删除Jenkins作业。 当我运行代码时,它实际上是有效的。作业已被删除。但是,Jenkins仍然返回403错误。我做错什么了吗 这是我的代码:C# 向API发布删除请求时禁止Jenkins返回(403),c#,api,post,jenkins,C#,Api,Post,Jenkins,我正在尝试使用C#脚本删除Jenkins作业。 当我运行代码时,它实际上是有效的。作业已被删除。但是,Jenkins仍然返回403错误。我做错什么了吗 这是我的代码: String credentials = ConfigurationManager.AppSettings["jenkinsUser"] + ":" + ConfigurationManager.AppSettings["jenkinsKey"]; String authorization = Convert.ToBase64St
String credentials = ConfigurationManager.AppSettings["jenkinsUser"] + ":" + ConfigurationManager.AppSettings["jenkinsKey"];
String authorization = Convert.ToBase64String(Encoding.ASCII.GetBytes(credentials));
try
{
using (WebClient wc = new WebClient())
{
wc.Headers[HttpRequestHeader.Authorization] = "Basic " + authorization;
string HtmlResult = wc.UploadString(ConfigurationManager.AppSettings["jenkinsDeleteJobUrl"], "POST", "");
Console.WriteLine("Success");
}
}
catch(WebException e)
{
Console.WriteLine("Something went wrong");
throw e;
}
我使用的url是[My Jenkins url]/job/{0}/Dodelite
我还尝试使用HttpWebRequest,结果也一样。希望有人知道答案
[编辑]请注意,当我使用Postman执行相同的请求时,它会正常运行,重定向到Jenkins主页,返回代码为200
这是邮递员的电话:
POST /job/[jobname]/doDelete HTTP/1.1
Host: [my jenkins url]
Authorization: Basic [my auth hash]
Cache-Control: no-cache
我认为问题在于,当您使用doDelete url删除Jenkins作业时,您会被重定向到您的Jenkins主页。由于您是通过编程方式执行此操作的,因此Jenkins无法识别用户会话(即使您的原始请求包含授权标头),从而导致出现禁用代码 作为解决方案,我做了以下工作:
try {
string credentials = ConfigurationManager.AppSettings["jenkinsUser"] + ":" + ConfigurationManager.AppSettings["jenkinsKey"];
string authorization = Convert.ToBase64String(Encoding.ASCII.GetBytes(credentials));
using (WebClient wc = new WebClient())
{
wc.Headers[HttpRequestHeader.Authorization] = "Basic " + authorization;
string HtmlResult = wc.UploadString(String.Format(ConfigurationManager.AppSettings["jenkinsDeleteJobUrl"], jobName), "POST", "");
}
}
catch (WebException e)
{
// ignore the 403 error for now
HttpWebResponse errorResponse = e.Response as HttpWebResponse;
if(errorResponse.StatusCode != HttpStatusCode.Forbidden)
{
throw e;
}
}
// if the job no longer exists, it is proof that the request went through
if(!JenkinsHelper.GetJenkinsJobs().Contains(jobName))
{
Console.WriteLine("Job successfully deleted.");
return true;
}
else
{
Console.WriteLine("Could not delete job.");
return false;
}
使用这个helper函数,其中JenkinsJobListUrl=[MyJenkinsUrl]/api/xml?xpath=hudson/job/name&wrapper=jobs
public static List<string> GetJenkinsJobs()
{
try
{
string credentials = ConfigurationManager.AppSettings["jenkinsUser"] + ":" + ConfigurationManager.AppSettings["jenkinsKey"];
string authorization = Convert.ToBase64String(Encoding.ASCII.GetBytes(credentials));
using (WebClient wc = new WebClient())
{
wc.Headers[HttpRequestHeader.Authorization] = "Basic " + authorization;
string HtmlResult = wc.DownloadString(String.Format(ConfigurationManager.AppSettings["jenkinsJobListUrl"]));
XDocument doc = XDocument.Parse(HtmlResult);
return doc.Root.Elements("name").Select(element => element.Value).ToList();
}
}
catch (WebException e)
{
Console.WriteLine("Could not retreive Jenkins job list");
throw e;
}
}
public静态列表GetJenkinsJobs()
{
尝试
{
字符串凭据=ConfigurationManager.AppSettings[“jenkinsUser”]+:“+ConfigurationManager.AppSettings[“jenkinsKey”];
字符串授权=Convert.ToBase64String(Encoding.ASCII.GetBytes(凭证));
使用(WebClient wc=new WebClient())
{
wc.Headers[HttpRequestHeader.Authorization]=“基本”+授权;
string HtmlResult=wc.DownloadString(string.Format(ConfigurationManager.AppSettings[“jenkinsJobListUrl]”);
XDocument doc=XDocument.Parse(HtmlResult);
返回doc.Root.Elements(“name”).Select(element=>element.Value.ToList();
}
}
捕获(WebE例外)
{
Console.WriteLine(“无法检索Jenkins作业列表”);
投掷e;
}
}
我知道这并不漂亮,但由于缺乏更好的解决方案,这项工作得以完成
希望这也能帮助那些一直在挣扎的人们。如果您找到更好的解决方案,请告诉我。您是否在Jenkins使用CSRF保护?如果是这样,您必须在请求中包含CSRF保护令牌。你可以在Jenkins中关闭“防止跨站点请求伪造漏洞攻击”,看看它是否仍然发生。不,我还没有打开它,所以这不可能是它。。。