在Jenkins中访问Blackduck REST API的SAML身份验证
我试图从Jenkins声明性管道调用Blackduck REST API 因为blackduck首先使用login.microsoftonline.com中的SAML进行身份验证,然后提交请求并提供响应。 如果使用浏览器访问,它会要求首先登录到我的SSO(用户名和密码),然后重定向以显示API结果。这里也使用API令牌 如果我尝试从Jenkins管道访问相同的API,我会得到以下响应在Jenkins中访问Blackduck REST API的SAML身份验证,jenkins,jenkins-pipeline,httprequest,saml-2.0,Jenkins,Jenkins Pipeline,Httprequest,Saml 2.0,我试图从Jenkins声明性管道调用Blackduck REST API 因为blackduck首先使用login.microsoftonline.com中的SAML进行身份验证,然后提交请求并提供响应。 如果使用浏览器访问,它会要求首先登录到我的SSO(用户名和密码),然后重定向以显示API结果。这里也使用API令牌 如果我尝试从Jenkins管道访问相同的API,我会得到以下响应 <html xmlns="http://www.w3.org/1999/xhtml" xml:lan
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
</head>
<body onload="document.forms[0].submit()">
<noscript>
<p>
<strong>Note:</strong> Since your browser does not support JavaScript,
you must press the Continue button once to proceed.
</p>
</noscript>
<form action="https://login.microsoftonline.com/222fcaf7-15d0-455f-97e1-8fda2eaad539/saml2" method="post">
<div>
<input type="hidden" name="SAMLRequest" value=".............."/>
</div>
<noscript>
<div>
<input type="submit" value="Continue"/>
</div>
</noscript>
</form>
</body>
</html>
预期结果是从Blackduck API获取项目名称标准响应这是通过使用承载令牌和curl命令来解决的,请参阅下文
def bearerToken
script.withCredentials([script.usernamePassword(credentialsId:“blackDuckAuthentication”,usernameVariable:“username”,passwordVariable:“bdToken”)){
def json_BearerToken=script.sh(脚本:“curl-s-X POST-H”授权:令牌${script.bdToken}'-H'缓存控制:无缓存“”https://blackduckxxx.com/api/tokens/authenticate“,returnStdout:true)
bearerToken=newJSonSlurPerClassic().parseText(json_bearerToken.get(“bearerToken”).trim()
def json_Projects=script.sh(脚本:“curl-X GET-H'Accept:application/json'-H'Authorization:Bearer${bearerToken}”https://blackduckxxx.com/api/projects“,returnStdout:true)
你有没有用过这个?
https://blackduckxxx.com/api/projects?q=name:myprojects&user=me&password=mypwd
However it did not work.
```` Jenkins pipeline
stage("OC login"){
steps{
script{
def bdUrl = 'https://blackduckxxx.com'
def bdApi = '/api/projects'
def params = 'name:myproject'
def bdUrlRequestProjectID = bdUrl + bdApi + "?q=" + params
println("bdUrlRequestProjectID is ${bdUrlRequestProjectID}")
def response = httpRequest authentication: 'login-microsoft', acceptType: 'APPLICATION_JSON',httpMode: 'GET',consoleLogResponseBody: true, url: "${bdUrlRequestProjectID}", customHeaders: [[name: 'X-CSRF-TOKEN', value: 'xxxxxx']]
}
}
}
}
}