Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-56520

Support for Bearer Token (needed for REST-Api calls from scripts)

    XMLWordPrintable

Details

    • New Feature
    • Status: Open (View Workflow)
    • Blocker
    • Resolution: Unresolved
    • keycloak-plugin
    • None
    • Jenkins version: 2.150.2
      Keycloak plugin version: 2.3.0

    Description

      We want to start Jenkins-Jobs remotely via shell-scripts and REST-API.
      For other similar use cases where we call REST-Apis using Keycloak authentication the scripts

      • fetch an access token (type bearer) from Keycloak. Either using username/password or an offline token
      • then this bearer token is used to call the Rest-APIs. The bearer token is added as header in the HTTP-Request (e.g. -H "Authorization: Bearer $ACCESS_TOKEN" using curl)

      We would like to do this also with Jenkins and the Keycloak plugin.

      I do not know enough about Jenkins plugins and Keycloak to provide a decent implementation, but I created a working quick and dirty one:
      https://github.com/vsgfe/keycloak-plugin/commit/e5606c2198b8ff8a44c394139cc9bb2866c331f4

      It adds a filter that checks for an authorization header with a bearer token. If one is found, the token is checked and the login is set.

      Attachments

        Activity

          There are no comments yet on this issue.

          People

            devlauer D. Lauer
            vsgfe Robert Schmidl
            Votes:
            6 Vote for this issue
            Watchers:
            9 Start watching this issue

            Dates

              Created:
              Updated: