HP ALM Rest API 401 身份验证错误?
HP ALM Rest API 401 Authentication error?
我使用的是 HP ALM 版本 12.55.113。
我正在尝试通过 REST-API 自动上传测试结果。
验证并尝试读取一个简单缺陷后,我收到 401 未验证错误。
我正在使用以下示例代码检索有效的 LWSSO 和 QCSession Cookie:
public class App {
private static final String almURL = "http://something.com/qcbin";
private static final String isAuthenticatedPath = "authentication-point/authenticate";
private static final String qcSiteSession = "rest/site-session";
private static final String authTest = "rest/is-authenticated";
private static final String logoutPath = "authentication-point/logout";
private static String lswoocookie;
private static String qcsessioncookie;
public static String strDomain = "domain";
public static String strProject = "project";
public static String strUserName = "user";
public static String strPassword = "pass";
public static Client client;
public static WebTarget target;
public static Invocation.Builder invocationBuilder;
public static Response res;
private static String getEncodedAuthString() {
String auth = strUserName + ":" + strPassword;
byte[] encodedAuth = Base64.getEncoder().encode(auth.getBytes());
String authHeader = "Basic " + new String(encodedAuth);
return authHeader;
}
private static void loggedIn() {
WebTarget targeta = client.target(almURL).path(authTest);
invocationBuilder = targeta.request();
invocationBuilder.cookie("LWSSO_COOKIE_KEY", lswoocookie);
Response resa = invocationBuilder.get();
System.out.println("Logged in: " + resa);
}
public static void main(String args[]) {
client = ClientBuilder.newBuilder().build();
loggedIn();
/* Get LWSSO Cookie */
target = client.target(almURL).path(isAuthenticatedPath);
invocationBuilder = target.request(new String[] { "application/xml" });
invocationBuilder.header("Authorization", getEncodedAuthString());
res = invocationBuilder.get();
System.out.println(res);
lswoocookie = res.getCookies().get("LWSSO_COOKIE_KEY").getValue();
System.out.println("LSWOO: " + lswoocookie);
/* Get QCSession Cookie */
target = client.target(almURL).path(qcSiteSession);
invocationBuilder = target.request(new String[] { "application/json" });
invocationBuilder.cookie("LWSSO_COOKIE_KEY", lswoocookie);
res = invocationBuilder.post(null);
qcsessioncookie = res.getCookies().get("QCSession").getValue();
System.out.println("QCSession: " + qcsessioncookie);
System.out.println(target);
/* Get the first defect */
String midPoint = "rest/domains/" + strDomain + "/projects/" + strProject;
target = client.target(almURL).path(midPoint).path("defects/1");
invocationBuilder = target.request(new String[] { "application/json" });
invocationBuilder.cookie("LWSSO_COOKIE_KEY", lswoocookie);
invocationBuilder.cookie("QCSession", qcsessioncookie);
res = invocationBuilder.get();
System.out.println(res);
loggedIn();
/* Logout */
target = client.target(almURL).path(logoutPath);
invocationBuilder = target.request();
invocationBuilder.cookie("LWSSO_COOKIE_KEY", lswoocookie);
invocationBuilder.cookie("QCSession", qcsessioncookie);
res = invocationBuilder.post(null);
System.out.println(res);
}
我得到以下控制台输出:
登录:InboundJaxrsResponse{context=ClientResponse{method=GET,uri=http://bla.bla:8080/qcbin/rest/is-authenticated,status=401,reason=Authentication failed。基于浏览器的集成 - 要登录,请将“?login-form-required=y”附加到您尝试访问的 url。}}
InboundJaxrsResponse{context=ClientResponse{method=GET, uri=http://bla.bla/qcbin/authentication-point/authenticate, status=200, reason=OK}}
LSWOO:IvG6JIOKRTAigQV6...等等
QCSession:MTEzNTU...等等
JerseyWebTarget { http://bla.bla:8080/qcbin/rest/site-session }
InboundJaxrsResponse{context=ClientResponse{method=GET, uri=http://bla.bla/qcbin/rest/domains/WARTUNG/projects/Testautomatisierung/defects/1, status=401, reason=身份验证失败。基于浏览器的集成 - 要登录,请将“?login-form-required=y”附加到您尝试访问的 url。}}
登录:InboundJaxrsResponse{context=ClientResponse{method=GET,uri=http://bla.bla/qcbin/rest/is-authenticated,status=200,reason=OK}}
InboundJaxrsResponse{context=ClientResponse{method=POST, uri=http://sth.com/qcbin/authentication-point/logout, status=200, reason=OK}}
有人知道我做错了什么吗?
尝试了很多方法,但都没有用。
提前致谢:)
我认为您还需要在请求中传递 XSRF-TOKEN(可能还有 ALM_USER 和 JSESSIONID)以获得缺陷
我猜问题出在 QCSession 端点的内容类型上。
public class UpdateALM {
private static final String qcbinURI = "https://alm_url/qcbin";
private static final String isAuthenticatedPath = "rest/is-authenticated";
private static final String logoutPath = "authentication-point/logout";
private static final String domainsPath = "rest/domains";
private static Cookie cookie;
private String getEncodedAuthString() {
String auth = strUserName + ":" + strPassword;
byte[] encodedAuth = Base64.encode(auth.getBytes());
String authHeader = "Basic " + new String(encodedAuth);
return authHeader;
}
public boolean isAuthenticated() {
target = client.target(qcbinURI).path(isAuthenticatedPath);
invocationBuilder = target.request(new String[] { "application/xml" });
invocationBuilder.cookie(cookie);
Response res = invocationBuilder.get();
return res.getStatus() == 200;
}
public void updateALMStatus() throws Exception {
try {
target = client.target(
"https://alm_url/qcbin").path(
"authentication-point/authenticate");
invocationBuilder = target.request("text", "plain");
invocationBuilder.header("Authorization", getEncodedAuthString());
res = invocationBuilder.get();
cookie = ((Cookie) res.getCookies().get("LWSSO_COOKIE_KEY"));
getTestSet(test_set);
} catch (Exception e) {
System.out.println(e.getMessage());
}
}
}
我也遇到了和 Bastian 一样的问题,我能够解决它。
问题是 cookie 随请求传递的方式。
而不是这个:
invocationBuilder.cookie("LWSSO_COOKIE_KEY", lswoocookie);
invocationBuilder.cookie("QCSession", qcsessioncookie);
res = invocationBuilder.get();
将 header 中的 cookie 作为连接字符串传递,如下所示:
String concatenatedHeaderCookieString = "QCSession=" + qcsessioncookie + ";" + "ALM_USER=" + ";" + almuser + ";" + "XSRF-TOKEN=" + xsrftoken + ";"+ "LWSSO_COOKIE_KEY=" + lswoocookie;
invocationBuilder.header("Cookie", concatenatedHeaderCookieString);
res = invocationBuilder.get();
结果:InboundJaxrsResponse{context=ClientResponse{method=GET, uri=https://xxxxx.xx.xxxxx.com/qcbin/rest/domains/RELEASES/projects/2019/defects/1, status=200, reason=OK}}
这会很有效!
我使用的是 HP ALM 版本 12.55.113。 我正在尝试通过 REST-API 自动上传测试结果。 验证并尝试读取一个简单缺陷后,我收到 401 未验证错误。 我正在使用以下示例代码检索有效的 LWSSO 和 QCSession Cookie:
public class App {
private static final String almURL = "http://something.com/qcbin";
private static final String isAuthenticatedPath = "authentication-point/authenticate";
private static final String qcSiteSession = "rest/site-session";
private static final String authTest = "rest/is-authenticated";
private static final String logoutPath = "authentication-point/logout";
private static String lswoocookie;
private static String qcsessioncookie;
public static String strDomain = "domain";
public static String strProject = "project";
public static String strUserName = "user";
public static String strPassword = "pass";
public static Client client;
public static WebTarget target;
public static Invocation.Builder invocationBuilder;
public static Response res;
private static String getEncodedAuthString() {
String auth = strUserName + ":" + strPassword;
byte[] encodedAuth = Base64.getEncoder().encode(auth.getBytes());
String authHeader = "Basic " + new String(encodedAuth);
return authHeader;
}
private static void loggedIn() {
WebTarget targeta = client.target(almURL).path(authTest);
invocationBuilder = targeta.request();
invocationBuilder.cookie("LWSSO_COOKIE_KEY", lswoocookie);
Response resa = invocationBuilder.get();
System.out.println("Logged in: " + resa);
}
public static void main(String args[]) {
client = ClientBuilder.newBuilder().build();
loggedIn();
/* Get LWSSO Cookie */
target = client.target(almURL).path(isAuthenticatedPath);
invocationBuilder = target.request(new String[] { "application/xml" });
invocationBuilder.header("Authorization", getEncodedAuthString());
res = invocationBuilder.get();
System.out.println(res);
lswoocookie = res.getCookies().get("LWSSO_COOKIE_KEY").getValue();
System.out.println("LSWOO: " + lswoocookie);
/* Get QCSession Cookie */
target = client.target(almURL).path(qcSiteSession);
invocationBuilder = target.request(new String[] { "application/json" });
invocationBuilder.cookie("LWSSO_COOKIE_KEY", lswoocookie);
res = invocationBuilder.post(null);
qcsessioncookie = res.getCookies().get("QCSession").getValue();
System.out.println("QCSession: " + qcsessioncookie);
System.out.println(target);
/* Get the first defect */
String midPoint = "rest/domains/" + strDomain + "/projects/" + strProject;
target = client.target(almURL).path(midPoint).path("defects/1");
invocationBuilder = target.request(new String[] { "application/json" });
invocationBuilder.cookie("LWSSO_COOKIE_KEY", lswoocookie);
invocationBuilder.cookie("QCSession", qcsessioncookie);
res = invocationBuilder.get();
System.out.println(res);
loggedIn();
/* Logout */
target = client.target(almURL).path(logoutPath);
invocationBuilder = target.request();
invocationBuilder.cookie("LWSSO_COOKIE_KEY", lswoocookie);
invocationBuilder.cookie("QCSession", qcsessioncookie);
res = invocationBuilder.post(null);
System.out.println(res);
}
我得到以下控制台输出:
登录:InboundJaxrsResponse{context=ClientResponse{method=GET,uri=http://bla.bla:8080/qcbin/rest/is-authenticated,status=401,reason=Authentication failed。基于浏览器的集成 - 要登录,请将“?login-form-required=y”附加到您尝试访问的 url。}}
InboundJaxrsResponse{context=ClientResponse{method=GET, uri=http://bla.bla/qcbin/authentication-point/authenticate, status=200, reason=OK}}
LSWOO:IvG6JIOKRTAigQV6...等等
QCSession:MTEzNTU...等等
JerseyWebTarget { http://bla.bla:8080/qcbin/rest/site-session }
InboundJaxrsResponse{context=ClientResponse{method=GET, uri=http://bla.bla/qcbin/rest/domains/WARTUNG/projects/Testautomatisierung/defects/1, status=401, reason=身份验证失败。基于浏览器的集成 - 要登录,请将“?login-form-required=y”附加到您尝试访问的 url。}}
登录:InboundJaxrsResponse{context=ClientResponse{method=GET,uri=http://bla.bla/qcbin/rest/is-authenticated,status=200,reason=OK}}
InboundJaxrsResponse{context=ClientResponse{method=POST, uri=http://sth.com/qcbin/authentication-point/logout, status=200, reason=OK}}
有人知道我做错了什么吗? 尝试了很多方法,但都没有用。 提前致谢:)
我认为您还需要在请求中传递 XSRF-TOKEN(可能还有 ALM_USER 和 JSESSIONID)以获得缺陷
我猜问题出在 QCSession 端点的内容类型上。
public class UpdateALM {
private static final String qcbinURI = "https://alm_url/qcbin";
private static final String isAuthenticatedPath = "rest/is-authenticated";
private static final String logoutPath = "authentication-point/logout";
private static final String domainsPath = "rest/domains";
private static Cookie cookie;
private String getEncodedAuthString() {
String auth = strUserName + ":" + strPassword;
byte[] encodedAuth = Base64.encode(auth.getBytes());
String authHeader = "Basic " + new String(encodedAuth);
return authHeader;
}
public boolean isAuthenticated() {
target = client.target(qcbinURI).path(isAuthenticatedPath);
invocationBuilder = target.request(new String[] { "application/xml" });
invocationBuilder.cookie(cookie);
Response res = invocationBuilder.get();
return res.getStatus() == 200;
}
public void updateALMStatus() throws Exception {
try {
target = client.target(
"https://alm_url/qcbin").path(
"authentication-point/authenticate");
invocationBuilder = target.request("text", "plain");
invocationBuilder.header("Authorization", getEncodedAuthString());
res = invocationBuilder.get();
cookie = ((Cookie) res.getCookies().get("LWSSO_COOKIE_KEY"));
getTestSet(test_set);
} catch (Exception e) {
System.out.println(e.getMessage());
}
}
}
我也遇到了和 Bastian 一样的问题,我能够解决它。
问题是 cookie 随请求传递的方式。
而不是这个:
invocationBuilder.cookie("LWSSO_COOKIE_KEY", lswoocookie);
invocationBuilder.cookie("QCSession", qcsessioncookie);
res = invocationBuilder.get();
将 header 中的 cookie 作为连接字符串传递,如下所示:
String concatenatedHeaderCookieString = "QCSession=" + qcsessioncookie + ";" + "ALM_USER=" + ";" + almuser + ";" + "XSRF-TOKEN=" + xsrftoken + ";"+ "LWSSO_COOKIE_KEY=" + lswoocookie;
invocationBuilder.header("Cookie", concatenatedHeaderCookieString);
res = invocationBuilder.get();
结果:InboundJaxrsResponse{context=ClientResponse{method=GET, uri=https://xxxxx.xx.xxxxx.com/qcbin/rest/domains/RELEASES/projects/2019/defects/1, status=200, reason=OK}}
这会很有效!