Open MeGaPk opened 4 years ago
Same issue here. Tried to solve this by updating init of TeamCity object to get the X-TC-CSRF-Token via https://xxxxx/authenticationTest.html?csrf and then passing it as a header({'X-TC-CSRF-Token' : 'xxxxx'}, but for some reason it says the token I got is different from the session token. Any suggestions on how to continue from here?
Same issue here. Tried to solve this by updating init of TeamCity object to get the X-TC-CSRF-Token via https://xxxxx/authenticationTest.html?csrf and then passing it as a header({'X-TC-CSRF-Token' : 'xxxxx'}, but for some reason it says the token I got is different from the session token. Any suggestions on how to continue from here?
Hi!
Try it:
tc = dohq_teamcity.TeamCity(TC_URL, auth=(options.tc_login, options.tc_password))
tc.call_api(resource_path="/httpAuth/app/rest/server", method="GET")
csrfToken = tc.request("GET", url=TC_URL + "/authenticationTest.html?csrf").data
tc.set_default_header(header_name='X-TC-CSRF-Token', header_value=csrfToken)
Same issue here. Tried to solve this by updating init of TeamCity object to get the X-TC-CSRF-Token via https://xxxxx/authenticationTest.html?csrf and then passing it as a header({'X-TC-CSRF-Token' : 'xxxxx'}, but for some reason it says the token I got is different from the session token. Any suggestions on how to continue from here?
Hi!
Try it:
tc = dohq_teamcity.TeamCity(TC_URL, auth=(options.tc_login, options.tc_password)) tc.call_api(resource_path="/httpAuth/app/rest/server", method="GET") csrfToken = tc.request("GET", url=TC_URL + "/authenticationTest.html?csrf").data tc.set_default_header(header_name='X-TC-CSRF-Token', header_value=csrfToken)
I had the same 403 status code with TC 2022.04 when I was just trying to set a parameter on a project. Read-only operations worked fine, but I ran into this problem every time I tried to change something in the configuration. This is inline with the TeamCity documentation:
1. If an HTTP request is a non-modifying one (such as GET), it is considered safe. 2. If an HTTP request has a secure CSRF token either in the parameter or in the HTTP header and this token matches the one stored in user session, it is considered safe.
This suggestion worked fine, but (probably obviously) only when I was logged in with my password and not with an access token.
As suggested in https://github.com/devopshq/teamcity/issues/37 (which seems to be a duplicate of this issue) I think the library should handle this with some options at least.
The official TeamCity documentation suggests token based authentication for non-browser HTTP clients: https://www.jetbrains.com/help/teamcity/csrf-protection.html#Implications+for+non-browser+HTTP+clients
I have the same problem even if I authenticate using a token.
When I tried to use this code:
I got error: