Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-55815

Allow API access with Google Login Plugin

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      Currently, it seems that it is not possible to use the Jenkins Remote Access API when authentication with the Google Login Plugin. I believe that allowing such access would be beneficial.

      Indeed, to me (no experience in Jenkins plugin development), it seems like implementation for this functionality has already been started but is still commented out and below a TODO marking here.

      The way that the GitHub OAuth Plugin handles this case (by allowing username/password to be GitHub username and GitHub token) works very well for us.

       

        Attachments

          Activity

          Hide
          recampbell Ryan Campbell added a comment -

          This is already possible by setting an API key for your user.

          https://support.cloudbees.com/hc/en-us/articles/115003090592-How-to-re-generate-my-Jenkins-user-token

          There isn't a way to authenticate with your Google password via API that I'm aware of anyway. But the above should work fine.

          Show
          recampbell Ryan Campbell added a comment - This is already possible by setting an API key for your user. https://support.cloudbees.com/hc/en-us/articles/115003090592-How-to-re-generate-my-Jenkins-user-token There isn't a way to authenticate with your Google password via API that I'm aware of anyway. But the above should work fine.
          Hide
          recampbell Ryan Campbell added a comment -

          Please reopen with details on why the Jenkins API key is insufficient

          Show
          recampbell Ryan Campbell added a comment - Please reopen with details on why the Jenkins API key is insufficient
          Hide
          samskiter Sam Duke added a comment -

          I'm slightly confused why this was closed, the linked code (https://github.com/jenkinsci/google-login-plugin/blob/master/src/main/java/org/jenkinsci/plugins/googlelogin/GoogleOAuth2SecurityRealm.java#L313) shows that API key authentication isn't implemented for the google-login plugin

          Ryan Campbell would you mind looking into this again - I'm struggling to use CURL with our jenkins instance and I believe it is down to this issue.

          Show
          samskiter Sam Duke added a comment - I'm slightly confused why this was closed, the linked code ( https://github.com/jenkinsci/google-login-plugin/blob/master/src/main/java/org/jenkinsci/plugins/googlelogin/GoogleOAuth2SecurityRealm.java#L313 ) shows that API key authentication isn't implemented for the google-login plugin Ryan Campbell would you mind looking into this again - I'm struggling to use CURL with our jenkins instance and I believe it is down to this issue.
          Hide
          cecchisandrone Alessandro Dionisi added a comment -

          I have the same issue. After enabling Google login how can we access Jenkins CI API?

          Show
          cecchisandrone Alessandro Dionisi added a comment - I have the same issue. After enabling Google login how can we access Jenkins CI API?
          Hide
          kohsuke Kohsuke Kawaguchi added a comment -

          As Ryan indicated, in Jenkins it's not the responsibility of individual authentication plugin to provide a separate mechanism for API access. Jenkins core itself takes care of that through the API key mechanism, described further in the link he provided.

          Also note that as a practical matter, it is simply not possible for this plugin to allow you to send in your Google user name & password, even if we wanted to. OAuth is a browser based protocol, and for a good reason.

          Show
          kohsuke Kohsuke Kawaguchi added a comment - As Ryan indicated, in Jenkins it's not the responsibility of individual authentication plugin to provide a separate mechanism for API access. Jenkins core itself takes care of that through the API key mechanism, described further in the link he provided. Also note that as a practical matter, it is simply not possible for this plugin to allow you to send in your Google user name & password, even if we wanted to. OAuth is a browser based protocol, and for a good reason.

            People

            Assignee:
            recampbell Ryan Campbell
            Reporter:
            mobi_robert Robert Rabe
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: