我如何将用户输入的密码与凭据密码进行比较
How do i compare user inputed password to credentials passphrase
我有一个脚本管道,它使用 input 函数请求用户密码,并将其与用户保存的凭据密码进行比较。如果用户输入的类型是 string 那么它就可以工作。但是,当我将输入类型更改为 password(因此当用户键入它时它在屏幕上不可见)时,它失败并出现断言错误。
我确保输入的密码与凭据文件中的密码相匹配。
我正在使用 Jenkins 2.83 和最新的凭证插件和凭证绑定插件。
脚本:
node
{
stage ("Collect User Input")
{
userInput = input( id: 'Input-username',
message: 'Select username',
ok: 'Continue',
parameters: [choice(choices: 'user1\nuser2\nuser3', description: '', name: 'username'),
password(defaultValue: '', description: 'Enter your private key passphrase ', name: 'password')
],
submitterParameter: 'approver')
println("User Input is: " + userInput)
withCredentials(bindings: [sshUserPrivateKey(credentialsId: 'my-test-key',
keyFileVariable: 'cred_keyfile',
passphraseVariable: 'cred_passphrase',
usernameVariable: 'cred_username' )])
{
assert userInput.password==cred_passphrase
}
}
}
我收到错误:
hudson.remoting.ProxyException: Assertion failed:
assert userInput.password==cred_passphrase
at org.codehaus.groovy.runtime.InvokerHelper.assertFailed(InvokerHelper.java:404)
at org.codehaus.groovy.runtime.ScriptBytecodeAdapter.assertFailed(ScriptBytecodeAdapter.java:650)
at com.cloudbees.groovy.cps.impl.AssertBlock$ContinuationImpl.fail(AssertBlock.java:47)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
at com.cloudbees.groovy.cps.Next.step(Next.java:83)
at com.cloudbees.groovy.cps.Continuable.call(Continuable.java:174)
at com.cloudbees.groovy.cps.Continuable.call(Continuable.java:163)
at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:122)
at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:261)
at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.access1(SandboxContinuable.java:34)
at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.lambda$run0[=11=](SandboxContinuable.java:59)
at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.GroovySandbox.runInSandbox(GroovySandbox.java:108)
at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.run0(SandboxContinuable.java:58)
at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:174)
at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:332)
at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access0(CpsThreadGroup.java:83)
at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.call(CpsThreadGroup.java:244)
at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.call(CpsThreadGroup.java:232)
at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService.call(CpsVmExecutorService.java:64)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at hudson.remoting.SingleLaneExecutorService.run(SingleLaneExecutorService.java:112)
at jenkins.util.ContextResettingExecutorService.run(ContextResettingExecutorService.java:28)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:748)
Finished: FAILURE
但是,如果我将 password 输入参数更改为 string,它会起作用:
string(defaultValue: '', description: 'Enter your private key passphrase here', name: 'password')
所以我的问题是,我应该如何 access/handle 输入参数 password variable/name?
您的断言失败,因为输入类型 password returns 不是字符串,而是 hudson.util.Secret 对象。如果你想将输入密码与 cred_passphrase 进行比较,你应该这样做:
hudson.util.Secret.fromString(cred_passphrase) == userInput.password
将 cred_passphrase 和 Secret.fromString(data) 转换为 hudson.util.Secret 对象很重要,因为变量 cred_passphrase 将您的密码短语作为纯文本保存在 String .
您可以在下面找到完整的示例。
node {
stage ("Collect User Input") {
userInput = input( id: 'Input-username',
message: 'Select username',
ok: 'Continue',
parameters: [choice(choices: 'user1\nuser2\nuser3', description: '', name: 'username'),
password(defaultValue: '', description: 'Enter your private key passphrase ', name: 'password')
],
submitterParameter: 'approver')
println("User Input is: " + userInput)
withCredentials(bindings: [sshUserPrivateKey(credentialsId: 'my-test-key',
keyFileVariable: 'cred_keyfile',
passphraseVariable: 'cred_passphrase',
usernameVariable: 'cred_username' )])
{
assert hudson.util.Secret.fromString(cred_passphrase) == userInput.password
}
}
}
我有一个脚本管道,它使用 input 函数请求用户密码,并将其与用户保存的凭据密码进行比较。如果用户输入的类型是 string 那么它就可以工作。但是,当我将输入类型更改为 password(因此当用户键入它时它在屏幕上不可见)时,它失败并出现断言错误。
我确保输入的密码与凭据文件中的密码相匹配。
我正在使用 Jenkins 2.83 和最新的凭证插件和凭证绑定插件。
脚本:
node
{
stage ("Collect User Input")
{
userInput = input( id: 'Input-username',
message: 'Select username',
ok: 'Continue',
parameters: [choice(choices: 'user1\nuser2\nuser3', description: '', name: 'username'),
password(defaultValue: '', description: 'Enter your private key passphrase ', name: 'password')
],
submitterParameter: 'approver')
println("User Input is: " + userInput)
withCredentials(bindings: [sshUserPrivateKey(credentialsId: 'my-test-key',
keyFileVariable: 'cred_keyfile',
passphraseVariable: 'cred_passphrase',
usernameVariable: 'cred_username' )])
{
assert userInput.password==cred_passphrase
}
}
}
我收到错误:
hudson.remoting.ProxyException: Assertion failed:
assert userInput.password==cred_passphrase
at org.codehaus.groovy.runtime.InvokerHelper.assertFailed(InvokerHelper.java:404)
at org.codehaus.groovy.runtime.ScriptBytecodeAdapter.assertFailed(ScriptBytecodeAdapter.java:650)
at com.cloudbees.groovy.cps.impl.AssertBlock$ContinuationImpl.fail(AssertBlock.java:47)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
at com.cloudbees.groovy.cps.Next.step(Next.java:83)
at com.cloudbees.groovy.cps.Continuable.call(Continuable.java:174)
at com.cloudbees.groovy.cps.Continuable.call(Continuable.java:163)
at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:122)
at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:261)
at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.access1(SandboxContinuable.java:34)
at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.lambda$run0[=11=](SandboxContinuable.java:59)
at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.GroovySandbox.runInSandbox(GroovySandbox.java:108)
at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.run0(SandboxContinuable.java:58)
at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:174)
at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:332)
at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access0(CpsThreadGroup.java:83)
at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.call(CpsThreadGroup.java:244)
at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.call(CpsThreadGroup.java:232)
at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService.call(CpsVmExecutorService.java:64)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at hudson.remoting.SingleLaneExecutorService.run(SingleLaneExecutorService.java:112)
at jenkins.util.ContextResettingExecutorService.run(ContextResettingExecutorService.java:28)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:748)
Finished: FAILURE
但是,如果我将 password 输入参数更改为 string,它会起作用:
string(defaultValue: '', description: 'Enter your private key passphrase here', name: 'password')
所以我的问题是,我应该如何 access/handle 输入参数 password variable/name?
您的断言失败,因为输入类型 password returns 不是字符串,而是 hudson.util.Secret 对象。如果你想将输入密码与 cred_passphrase 进行比较,你应该这样做:
hudson.util.Secret.fromString(cred_passphrase) == userInput.password
将 cred_passphrase 和 Secret.fromString(data) 转换为 hudson.util.Secret 对象很重要,因为变量 cred_passphrase 将您的密码短语作为纯文本保存在 String .
您可以在下面找到完整的示例。
node {
stage ("Collect User Input") {
userInput = input( id: 'Input-username',
message: 'Select username',
ok: 'Continue',
parameters: [choice(choices: 'user1\nuser2\nuser3', description: '', name: 'username'),
password(defaultValue: '', description: 'Enter your private key passphrase ', name: 'password')
],
submitterParameter: 'approver')
println("User Input is: " + userInput)
withCredentials(bindings: [sshUserPrivateKey(credentialsId: 'my-test-key',
keyFileVariable: 'cred_keyfile',
passphraseVariable: 'cred_passphrase',
usernameVariable: 'cred_username' )])
{
assert hudson.util.Secret.fromString(cred_passphrase) == userInput.password
}
}
}