CODEWITHSUNDEEP
pythonapijenkins
user1065000
user1065000

Reputation: 85

Jenkins API Response is not taking Crumb

I want to delete a job and for that my Jenkins server needs crumb. I am sending crumb, but still, it sends me back there is no crumb in the header and/or body.

Tried all combinations of header and body and none of them has worked.

import requests
import json
from urllib.request import urljoin

def delete_jenkins_job(delete_url):
    """
    Function to delete Jenkins Job
    :param delete_url:
    :return:
    """
    base_url = 'http://<jenkins-server>:8080'
    _user = '<my-user>'
    _pass = '<my-pass>'
    crumb_url = urljoin(base_url, '/crumbIssuer/api/json')
    delete_url = urljoin(base_url, delete_url)
    response = json.loads(requests.request("GET", crumb_url, auth=(_user, _pass)).content)
    header = {
        'Connection': 'keep-alive',
        'Cache-Control': 'max-age=0',
        'Upgrade-Insecure-Requests': '1',
        'Content-Type': 'application/x-www-form-urlencoded',
        'Accept-Encoding': 'gzip, deflate',
    }
    data = {
        response['crumbRequestField']: response['crumb']
    }
    response = requests.request("POST", url=delete_url, headers=header, data=json.dumps(data), auth=(_user, _pass))

b'<html>\n<head>\n<meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>\n<title>Error 403 No valid crumb was included in the request</title>\n</head>\n<body><h2>HTTP ERROR 403</h2>\n<p>Problem accessing /job/PyTest-Docker-Based/567/doDelete. Reason:\n<pre>    No valid crumb was included in the request</pre></p><hr><a href="http://eclipse.org/jetty">Powered by Jetty:// 9.4.z-SNAPSHOT</a><hr/>\n\n</body>\n</html>\n'

Upvotes: 2

Views: 1606

Answers (1)

rohan goli
rohan goli

Reputation: 146

Jenkins has updated security from 2.176.x release, https://jenkins.io/doc/upgrade-guide/2.176/

To avoid this, you can follow, either of the three approaches:

  1. Install Strict Crumb Issuer jenkins plugin(https://wiki.jenkins.io/display/JENKINS/Strict+Crumb+Issuer+Plugin) to resolve the issue.

  2. Update your header for set-cookie key along with jenkins-crumb

    def cookieContent = response.headers.get("Set-Cookie")
httpRequest(
    url: "https://the-url.com/the-thing.php",
    customHeaders: [[name:"Cookie", value:cookieContent]])

  3. Disable this improvement you can set the system property hudson.security.csrf.DefaultCrumbIssuer.EXCLUDE_SESSION_ID to true.

Upvotes: 3

Related Questions