SonarQube Web API authentication in Java

Question

I'm trying to use SonarQube 7.9.1 CE Web API to retrieve some information from the server in a Java Spring Boot application, and I have started with a very simple one: the list of projects.

It turns out that I need to provide my identity information, via token or via user/password combination. But official documentation and StackOverflow answers only show a CURL request as example:

curl -u admin:admin http://localhost:9000/api/components/search_projects
curl -u 9548utj958tju5498jt934: http://localhost:9000/api/components/search_projects

I've been trying to use RestTemplate to send the request, but I always get a 401 UNAUTHORIZED error.

How should I send the user token? In a request header? As part of the request parameters? No one says.

I've tried to do it via Authorization header using Bearer 9548utj958tju5498jt934, Basic 9548utj958tju5498jt934, inserting a parameter in the request and nothing works.

Thanks.

Answer 1

The solution is to put the ":" character after the token. If you take a look at the documentation, you will see:

# note that the colon after the token is required in curl to set an empty password curl -u THIS_IS_MY_TOKEN: https://sonarqube.com/api/user_tokens/search

https://docs.sonarqube.org/latest/extend/web-api/

So, in order to make it work in the java app you will have to do this: String tokenBase = userToken + ":"; String basicAuth = "Basic " + new String(Base64.getEncoder().encode(tokenBase.getBytes())); urlConnection.setRequestProperty("Authorization", basicAuth);

This worked for me!