前言
本文可視爲 Redmine之RestApi集成方式 淼叔 2017-12-05 21:47:00 的擴展或補充說明,主要測試兩種認證方式的4種操作方法。
環境
- 服務器
- Ubuntu 20.04.2LTS
- Redmine-4.1.1
- 測試端
- Windows 2019
- CURL 7.71.1
D:\backup\tools\vcs\redmine\plugin\[email protected]\tools>curl -V
curl 7.71.1 (x86_64-pc-msys) libcurl/7.71.1 OpenSSL/1.1.1g zlib/1.2.11 brotli/1.0.7 libidn2/2.3.0 libpsl/0.21.0 (+libidn2/2.2.0) libssh2/1.9.0 nghttp2/1.41.0
Release-Date: 2020-07-01
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: AsynchDNS brotli Debug GSS-API HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz Metalink NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP TrackMemory UnixSockets
準備工作
Redmine服務器配置中啓用API
用戶的API密碼(api訪問鍵)配置,可以不用暴露登錄用的用戶名、密碼,這個細節在其它文章中好多沒有說明
redmine官方說明 關於認證的說明如下
Authentication
Most of the time, the API requires authentication. To enable the API-style authentication, you have to check Enable REST API in Administration -> Settings -> API. Then, authentication can be done in 2 different ways:
- using your regular login/password via HTTP Basic authentication.
- using your API key which is a handy way to avoid putting a password in a script. The API key may be attached to each request in one of the following way:
- passed in as a "key" parameter
- passed in as a username with a random password via HTTP Basic authentication
- passed in as a "X-Redmine-API-Key" HTTP header (added in Redmine 1.1.0)
You can find your API key on your account page ( /my/account ) when logged in, on the right-hand pane of the default layout.
即有兩種方式:
測試形成最後的'curl-get-users-from-redmine.bat'(簡稱bat文件)。
-
第一種以登錄名/密碼方式來認證
-
執行: curl-get-users-from-redmine.bat 11 -
執行: curl-get-users-from-redmine.bat 12
-
- 第二種分3個方法:
- 通過參數key來指定密碼。 這是使用HTTP GET。
- 執行: curl-get-users-from-redmine.bat 21
- 其第二個方法(username with a random password via HTTP Basic authentication)還沒有搞明白怎麼個使用方法,所以本方不涉及這種。
- HTTP頭中指定"X-Redmine-API-Key"域來傳遞密碼
- 執行: curl-get-users-from-redmine.bat 23
- 通過參數key來指定密碼。 這是使用HTTP GET。
DOS command/shell 測試腳本:curl-get-users-from-redmine.bat
本測試通過API來獲取當前用戶的信息。
在新的cURL命令沒有-d選項時默認是使用GET命令(此時不需要之前的 -X GET),有-d選項時是POST。 -X GET 使用-G代替
需要根據實際情況更改的值:
admin:abcd1234是“用戶名:密碼”, 即登錄redmine時用的用戶名和密碼
htpp://192.168.175.133:3000是redmine的URL
key=後面的值。用前面提到的api訪問鍵
"X-Redmine-API-Key:後面的值。用前面提到的api訪問鍵
curl-get-users-from-redmine.bat內容:
@ECHO off
@ECHO Redmine-4.1.1 REST API: get users demo:
if %1==11 @goto L_mothed11
if %1==12 @goto L_mothed12
if %1==21 @goto L_mothed21
if %1==22 @goto L_mothed22
@goto L_mothed23
:L_mothed11
@ECHO mothed 1-1 ...
@REM GET請求, 用戶名,密碼在header中。
curl -H "Content-Type:application/json" -u admin:abcd1234 http://192.168.175.133:3000/users.json
@goto L_end
:L_mothed12
@ECHO mothed 1-2 ...
@REM GET請求, 用戶名,密碼在header中。
@REM Base64::encode64('admin:abcd1234') ===> "YWRtaW46YWJjZDEyMzQ="
@REM curl -H "Content-Type:application/json" -H "Authorization: Basic YWRtaW46YWJjZDEyMzQ=" -G http://192.168.175.133:3000/users.json -v
@REM curl -H "Content-Type:application/json" -H "Authorization: Basic YWRtaW46YWJjZDEyMzQ=" POST -v http://192.168.175.133:3000/users.json -v
curl -H "Content-Type:application/json" ^
-H "Authorization: Basic YWRtaW46YWJjZDEyMzQ=" ^
http://192.168.175.133:3000/users.json
@goto L_end
:L_mothed21
@ECHO mothed 2-1 ...
@REM GET請求。用戶名,密碼作爲GET參數。實際請求的 URL 爲:
@REM http://192.168.175.133:3000/users.json?key=98b2cf455c43eb1f6a659e5b0ddcfddc1921d451
@REM 如果省略-G,會發出一個 POST 請求。
curl -H "Content-Type:application/json" ^
-G -d key=98b2cf455c43eb1f6a659e5b0ddcfddc1921d451 ^
http://192.168.175.133:3000/users.json
@REM curl -H "Content-Type:application/json" -G -d key=98b2cf455c43eb1f6a659e5b0ddcfddc1921d451 http://192.168.175.133:3000/users.json -v
@REM curl -H "Content-Type:application/json" -d key=98b2cf455c43eb1f6a659e5b0ddcfddc1921d451 http://192.168.175.133:3000/users.json -v #Bad Request
@goto L_end
:L_mothed22
@ECHO mothed 2-2 ...
@ECHO === SORRY. i don't know how to implenment ====
@goto L_end
:L_mothed23
@ECHO mothed 2-3 ...
@REM 'POST請求, 用戶名,密碼在header['X-Redmine-API-Key']中。'
@REM # '我的帳號>API訪問鍵(側邊菜單欄)>顯示'
curl -H "Content-Type:application/json" ^
-H "X-Redmine-API-Key:98b2cf455c43eb1f6a659e5b0ddcfddc1921d451" ^
http://192.168.175.133:3000/users.json
@goto L_end
:L_mothed4
@goto L_end
^ 是DOS BAT的續行符,相當於C語言中的 \。 注意其後面不能再有除回車換行外的其它任何字符(特別注意不要有空格)
==========================================================
Redmine-4.1.1 REST API: get users
https://www.redmine.org/projects/redmine/wiki/Rest_Users
https://www.redmine.org/projects/redmine/wiki/Rest_api
Authentication
Most of the time, the API requires authentication. To enable the API-style authentication,
you have to check Enable REST API in Administration -> Settings -> API. Then, authentication
can be done in 2 different ways:
using your regular login/password via HTTP Basic authentication.
using your API key which is a handy way to avoid putting a password in a script. The API key may
be attached to each request in one of the following way:
passed in as a "key" parameter
passed in as a username with a random password via HTTP Basic authentication
passed in as a "X-Redmine-API-Key" HTTP header (added in Redmine 1.1.0)
You can find your API key on your account page ( /my/account ) when logged in, on the right-hand pane
of the default layout.
==========================================================
e.g.
D:\backup\tools\vcs\redmine\plugin\[email protected]\tools>curl -H "Content-Type:application/json" -u admin:abcd1234 http://192.168.175.133:3000/users.json
{"users":[{"id":1,"login":"admin","admin":true,"firstname":"Sam","lastname":"XIAO","mail":"[email protected]","created_on":"2021-02-19T02:31:57Z","last_login_on":"2021-03-18T06:19:36Z"},{"id":23,"login":"BaoyuJIA","admin":false,"firstname":"JIA","lastname":"BaoyuJIA","mail":"[email protected]","created_on":"2021-03-17T14:24:27Z","last_login_on":null},{"id":24,"login":"DaiyuLIN","admin":false,"firstname":"LIN","lastname":"DaiyuLIN","mail":"[email protected]","created_on":"2021-03-17T14:24:27Z","last_login_on":null},{"id":25,"login":"ldap-20-1","admin":false,"firstname":"tes","lastname":"LDAP2","mail":"[email protected]","created_on":"2021-03-17T14:41:13Z","last_login_on":null},{"id":5,"login":"ldap1001","admin":false,"firstname":"ldap1","lastname":"-LDAP-","mail":"[email protected]","created_on":"2021-03-14T14:16:21Z","last_login_on":"2021-03-15T02:21:41Z"},{"id":15,"login":"qz-test001","admin":false,"firstname":"test1","lastname":"qz","mail":"[email protected]","created_on":"2021-03-17T10:45:06Z","last_login_on":null},{"id":20,"login":"諸葛亮","admin":false,"firstname":"葛亮","lastname":"諸","mail":"[email protected]","created_on":"2021-03-17T13:42:04Z","last_login_on":"2021-03-17T13:42:39Z"}],"total_count":8,"offset":0,"limit":25}
json expand:
{
"users": [
{
"id": 1,
"login": "admin",
"admin": true,
"firstname": "Sam",
"lastname": "XIAO",
"mail": "[email protected]",
"created_on": "2021-02-19T02:31:57Z",
"last_login_on": "2021-03-18T06:19:36Z"
},
{
"id": 23,
"login": "BaoyuJIA",
"admin": false,
"firstname": "JIA",
"lastname": "BaoyuJIA",
"mail": "[email protected]",
"created_on": "2021-03-17T14:24:27Z",
"last_login_on": null
},
{
"id": 24,
"login": "DaiyuLIN",
"admin": false,
"firstname": "LIN",
"lastname": "DaiyuLIN",
"mail": "[email protected]",
"created_on": "2021-03-17T14:24:27Z",
"last_login_on": null
},
{
"id": 25,
"login": "ldap-20-1",
"admin": false,
"firstname": "tes",
"lastname": "LDAP2",
"mail": "[email protected]",
"created_on": "2021-03-17T14:41:13Z",
"last_login_on": null
},
{
"id": 5,
"login": "ldap1001",
"admin": false,
"firstname": "ldap1",
"lastname": "-LDAP-",
"mail": "[email protected]",
"created_on": "2021-03-14T14:16:21Z",
"last_login_on": "2021-03-15T02:21:41Z"
},
{
"id": 15,
"login": "qz-test001",
"admin": false,
"firstname": "test1",
"lastname": "qz",
"mail": "[email protected]",
"created_on": "2021-03-17T10:45:06Z",
"last_login_on": null
},
{
"id": 20,
"login": "諸葛亮",
"admin": false,
"firstname": "葛亮",
"lastname": "諸",
"mail": "[email protected]",
"created_on": "2021-03-17T13:42:04Z",
"last_login_on": "2021-03-17T13:42:39Z"
}
],
"total_count": 8,
"offset": 0,
"limit": 25
}
==========================================================
:L_end
@ECHO on
主要參考
Redmine之RestApi集成方式 淼叔 2017-12-05 21:47:00
Redmine官方參考文檔
Guide » Developer Guide » Rest api »
Using the REST API with cURL