How to request for the crumb issuer for Jenkins
I haven't found this in the documentation either. This code is tested against an older Jenkins (1.466), but should still work.
To issue the crumb use the crumbIssuer
// left out: you need to authenticate with user & password -> sample belowHttpGet httpGet = new HttpGet(jenkinsUrl + "crumbIssuer/api/json");String crumbResponse = toString(httpclient, httpGet);CrumbJson crumbJson = new Gson().fromJson(crumbResponse, CrumbJson.class);
This will get you a response like this
{"crumb":"fb171d526b9cc9e25afe80b356e12cb7","crumbRequestField":".crumb"}
This contains two pieces of information you need
- the field name with which you need to pass the crumb
- the crumb itself
If you now want to fetch something from Jenkins, add the crumb as header. In the sample below I fetch the latest build results.
HttpPost httpost = new HttpPost(jenkinsUrl + "rssLatest");httpost.addHeader(crumbJson.crumbRequestField, crumbJson.crumb);
Here is the sample code as a whole. I am using gson 2.2.4 to parse the response and Apache's httpclient 4.2.3 for the rest.
import org.apache.http.auth.*;import org.apache.http.client.*;import org.apache.http.client.methods.*;import org.apache.http.impl.client.*;import com.google.gson.Gson;public class JenkinsMonitor { public static void main(String[] args) throws Exception { String protocol = "http"; String host = "your-jenkins-host.com"; int port = 8080; String usernName = "username"; String password = "passwort"; DefaultHttpClient httpclient = new DefaultHttpClient(); httpclient.getCredentialsProvider().setCredentials( new AuthScope(host, port), new UsernamePasswordCredentials(usernName, password)); String jenkinsUrl = protocol + "://" + host + ":" + port + "/jenkins/"; try { // get the crumb from Jenkins // do this only once per HTTP session // keep the crumb for every coming request System.out.println("... issue crumb"); HttpGet httpGet = new HttpGet(jenkinsUrl + "crumbIssuer/api/json"); String crumbResponse= toString(httpclient, httpGet); CrumbJson crumbJson = new Gson() .fromJson(crumbResponse, CrumbJson.class); // add the issued crumb to each request header // the header field name is also contained in the json response System.out.println("... issue rss of latest builds"); HttpPost httpost = new HttpPost(jenkinsUrl + "rssLatest"); httpost.addHeader(crumbJson.crumbRequestField, crumbJson.crumb); toString(httpclient, httpost); } finally { httpclient.getConnectionManager().shutdown(); } } // helper construct to deserialize crumb json into public static class CrumbJson { public String crumb; public String crumbRequestField; } private static String toString(DefaultHttpClient client, HttpRequestBase request) throws Exception { ResponseHandler<String> responseHandler = new BasicResponseHandler(); String responseBody = client.execute(request, responseHandler); System.out.println(responseBody + "\n"); return responseBody; }}
Meanwhile you can generate an API token in order to prevent having to include your password in the source code provided by the solutions above:
https://wiki.jenkins.io/display/JENKINS/Authenticating+scripted+clients