search

cliffano / nestor

Jenkins CLI and node.js client
http://blog.cliffano.com/tag/nestor/
MIT License
182 stars 27 forks source link

Does not work with GitHub OAuth #15

Closed cliffano closed 8 years ago

cliffano commented 11 years ago

Nestor does not authenticate when Jenkins is setup with GitHub OAuth plugin https://wiki.jenkins-ci.org/display/JENKINS/Github+OAuth+Plugin .

cliffano commented 11 years ago

Kohsuke wrote here http://blog.cloudbees.com/2011/06/public-key-authentication-in-jenkins.html that it's plain impossible to OAuth Jenkins from a CLI client.

cliffano commented 11 years ago

@wolfeidau It looks like the only alternative is to use Jenkins API token. You can find your token on https://yourjenkinshost/user/yourusername/configure , there's a button 'Show API Token'. JENKINS_URL=https://yourusername:yourapitoken@yourjenkinshost nestor dashboard

However, I've tried it and I got an error from the GitHub Auth security realm. I raised this JIRA issue https://issues.jenkins-ci.org/browse/JENKINS-17916 to chase it up.

cliffano commented 11 years ago

Worth investigating https://help.github.com/articles/creating-an-access-token-for-command-line-use

icio commented 10 years ago

+1. For reference, I'm invoking nestor in the following way:

JENKINS_URL=http://icio:JENKINS_API_KEY@our-jenkins-server.net nestor build ... -c

and receiving the following error:

<html><head><title>Error 500</title></head><body bgcolor="#ffffff"><h1>Status Code: 500</h1>Exception: <br>Stacktrace: <pre>java.lang.NullPointerException
    at org.jenkinsci.plugins.GithubSecurityRealm.loadGroupByGroupname(GithubSecurityRealm.java:459)
    at org.jenkinsci.plugins.GithubSecurityRealm.loadUserByUsername(GithubSecurityRealm.java:428)
    at hudson.model.User.impersonate(User.java:256)
    at jenkins.security.ApiTokenFilter.doFilter(ApiTokenFilter.java:52)
    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
    at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
    at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
    at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
    at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
    at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
    at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
    at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:50)
    at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
    at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
    at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
    at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
    at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
    at winstone.RequestDispatcher.forward(RequestDispatcher.java:331)
    at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:227)
    at winstone.RequestHandlerThread.run(RequestHandlerThread.java:150)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
    at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
    at java.util.concurrent.FutureTask.run(FutureTask.java:166)
    at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
    at java.lang.Thread.run(Thread.java:679)
</pre><br><hr size="1" width="90%"><i>Generated by Winstone Servlet Engine v0.9.10 at Fri Dec 13 11:59:24 UTC 2013</i></body></html>

I have confirmed that the authentication is happening by passing in an invalid Jenkins API key and receiving "Authentication failed - incorrect username and/or password in Jenkins URL" as expected.

cliffano commented 10 years ago

@icio That's exactly the same stack trace that I reported, please vote this Jira issue https://issues.jenkins-ci.org/browse/JENKINS-17916 .

cliffano commented 8 years ago

JENKINS-17916 was closed https://issues.jenkins-ci.org/browse/JENKINS-17916 with a note that the problem can no longer be reproduced. I currently don't have any public facing Jenkins instance to test this out.

Closing this issue for now, if anyone can reproduce the problem again, please feel free to re-open.