前言
本文可视为 Redmine之RestApi集成方式 淼叔 2017-12-05 21:47:00 的扩展或补充说明,主要测试两种认证方式的4种操作方法。
环境
- 服务器
- Ubuntu 20.04.2LTS
- Redmine-4.1.1
- 测试端
- Windows 2019
- CURL 7.71.1
D:\backup\tools\vcs\redmine\plugin\[email protected]\tools>curl -V
curl 7.71.1 (x86_64-pc-msys) libcurl/7.71.1 OpenSSL/1.1.1g zlib/1.2.11 brotli/1.0.7 libidn2/2.3.0 libpsl/0.21.0 (+libidn2/2.2.0) libssh2/1.9.0 nghttp2/1.41.0
Release-Date: 2020-07-01
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: AsynchDNS brotli Debug GSS-API HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz Metalink NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP TrackMemory UnixSockets
准备工作
Redmine服务器配置中启用API
用户的API密码(api访问键)配置,可以不用暴露登录用的用户名、密码,这个细节在其它文章中好多没有说明
redmine官方说明 关于认证的说明如下
Authentication
Most of the time, the API requires authentication. To enable the API-style authentication, you have to check Enable REST API in Administration -> Settings -> API. Then, authentication can be done in 2 different ways:
- using your regular login/password via HTTP Basic authentication.
- using your API key which is a handy way to avoid putting a password in a script. The API key may be attached to each request in one of the following way:
- passed in as a "key" parameter
- passed in as a username with a random password via HTTP Basic authentication
- passed in as a "X-Redmine-API-Key" HTTP header (added in Redmine 1.1.0)
You can find your API key on your account page ( /my/account ) when logged in, on the right-hand pane of the default layout.
即有两种方式:
测试形成最后的'curl-get-users-from-redmine.bat'(简称bat文件)。
-
第一种以登录名/密码方式来认证
-
执行: curl-get-users-from-redmine.bat 11 -
执行: curl-get-users-from-redmine.bat 12
-
- 第二种分3个方法:
- 通过参数key来指定密码。 这是使用HTTP GET。
- 执行: curl-get-users-from-redmine.bat 21
- 其第二个方法(username with a random password via HTTP Basic authentication)还没有搞明白怎么个使用方法,所以本方不涉及这种。
- HTTP头中指定"X-Redmine-API-Key"域来传递密码
- 执行: curl-get-users-from-redmine.bat 23
- 通过参数key来指定密码。 这是使用HTTP GET。
DOS command/shell 测试脚本:curl-get-users-from-redmine.bat
本测试通过API来获取当前用户的信息。
在新的cURL命令没有-d选项时默认是使用GET命令(此时不需要之前的 -X GET),有-d选项时是POST。 -X GET 使用-G代替
需要根据实际情况更改的值:
admin:abcd1234是“用户名:密码”, 即登录redmine时用的用户名和密码
htpp://192.168.175.133:3000是redmine的URL
key=后面的值。用前面提到的api访问键
"X-Redmine-API-Key:后面的值。用前面提到的api访问键
curl-get-users-from-redmine.bat内容:
@ECHO off
@ECHO Redmine-4.1.1 REST API: get users demo:
if %1==11 @goto L_mothed11
if %1==12 @goto L_mothed12
if %1==21 @goto L_mothed21
if %1==22 @goto L_mothed22
@goto L_mothed23
:L_mothed11
@ECHO mothed 1-1 ...
@REM GET请求, 用户名,密码在header中。
curl -H "Content-Type:application/json" -u admin:abcd1234 http://192.168.175.133:3000/users.json
@goto L_end
:L_mothed12
@ECHO mothed 1-2 ...
@REM GET请求, 用户名,密码在header中。
@REM Base64::encode64('admin:abcd1234') ===> "YWRtaW46YWJjZDEyMzQ="
@REM curl -H "Content-Type:application/json" -H "Authorization: Basic YWRtaW46YWJjZDEyMzQ=" -G http://192.168.175.133:3000/users.json -v
@REM curl -H "Content-Type:application/json" -H "Authorization: Basic YWRtaW46YWJjZDEyMzQ=" POST -v http://192.168.175.133:3000/users.json -v
curl -H "Content-Type:application/json" ^
-H "Authorization: Basic YWRtaW46YWJjZDEyMzQ=" ^
http://192.168.175.133:3000/users.json
@goto L_end
:L_mothed21
@ECHO mothed 2-1 ...
@REM GET请求。用户名,密码作为GET参数。实际请求的 URL 为:
@REM http://192.168.175.133:3000/users.json?key=98b2cf455c43eb1f6a659e5b0ddcfddc1921d451
@REM 如果省略-G,会发出一个 POST 请求。
curl -H "Content-Type:application/json" ^
-G -d key=98b2cf455c43eb1f6a659e5b0ddcfddc1921d451 ^
http://192.168.175.133:3000/users.json
@REM curl -H "Content-Type:application/json" -G -d key=98b2cf455c43eb1f6a659e5b0ddcfddc1921d451 http://192.168.175.133:3000/users.json -v
@REM curl -H "Content-Type:application/json" -d key=98b2cf455c43eb1f6a659e5b0ddcfddc1921d451 http://192.168.175.133:3000/users.json -v #Bad Request
@goto L_end
:L_mothed22
@ECHO mothed 2-2 ...
@ECHO === SORRY. i don't know how to implenment ====
@goto L_end
:L_mothed23
@ECHO mothed 2-3 ...
@REM 'POST请求, 用户名,密码在header['X-Redmine-API-Key']中。'
@REM # '我的帐号>API访问键(侧边菜单栏)>显示'
curl -H "Content-Type:application/json" ^
-H "X-Redmine-API-Key:98b2cf455c43eb1f6a659e5b0ddcfddc1921d451" ^
http://192.168.175.133:3000/users.json
@goto L_end
:L_mothed4
@goto L_end
^ 是DOS BAT的续行符,相当于C语言中的 \。 注意其后面不能再有除回车换行外的其它任何字符(特别注意不要有空格)
==========================================================
Redmine-4.1.1 REST API: get users
https://www.redmine.org/projects/redmine/wiki/Rest_Users
https://www.redmine.org/projects/redmine/wiki/Rest_api
Authentication
Most of the time, the API requires authentication. To enable the API-style authentication,
you have to check Enable REST API in Administration -> Settings -> API. Then, authentication
can be done in 2 different ways:
using your regular login/password via HTTP Basic authentication.
using your API key which is a handy way to avoid putting a password in a script. The API key may
be attached to each request in one of the following way:
passed in as a "key" parameter
passed in as a username with a random password via HTTP Basic authentication
passed in as a "X-Redmine-API-Key" HTTP header (added in Redmine 1.1.0)
You can find your API key on your account page ( /my/account ) when logged in, on the right-hand pane
of the default layout.
==========================================================
e.g.
D:\backup\tools\vcs\redmine\plugin\[email protected]\tools>curl -H "Content-Type:application/json" -u admin:abcd1234 http://192.168.175.133:3000/users.json
{"users":[{"id":1,"login":"admin","admin":true,"firstname":"Sam","lastname":"XIAO","mail":"[email protected]","created_on":"2021-02-19T02:31:57Z","last_login_on":"2021-03-18T06:19:36Z"},{"id":23,"login":"BaoyuJIA","admin":false,"firstname":"JIA","lastname":"BaoyuJIA","mail":"[email protected]","created_on":"2021-03-17T14:24:27Z","last_login_on":null},{"id":24,"login":"DaiyuLIN","admin":false,"firstname":"LIN","lastname":"DaiyuLIN","mail":"[email protected]","created_on":"2021-03-17T14:24:27Z","last_login_on":null},{"id":25,"login":"ldap-20-1","admin":false,"firstname":"tes","lastname":"LDAP2","mail":"[email protected]","created_on":"2021-03-17T14:41:13Z","last_login_on":null},{"id":5,"login":"ldap1001","admin":false,"firstname":"ldap1","lastname":"-LDAP-","mail":"[email protected]","created_on":"2021-03-14T14:16:21Z","last_login_on":"2021-03-15T02:21:41Z"},{"id":15,"login":"qz-test001","admin":false,"firstname":"test1","lastname":"qz","mail":"[email protected]","created_on":"2021-03-17T10:45:06Z","last_login_on":null},{"id":20,"login":"诸葛亮","admin":false,"firstname":"葛亮","lastname":"诸","mail":"[email protected]","created_on":"2021-03-17T13:42:04Z","last_login_on":"2021-03-17T13:42:39Z"}],"total_count":8,"offset":0,"limit":25}
json expand:
{
"users": [
{
"id": 1,
"login": "admin",
"admin": true,
"firstname": "Sam",
"lastname": "XIAO",
"mail": "[email protected]",
"created_on": "2021-02-19T02:31:57Z",
"last_login_on": "2021-03-18T06:19:36Z"
},
{
"id": 23,
"login": "BaoyuJIA",
"admin": false,
"firstname": "JIA",
"lastname": "BaoyuJIA",
"mail": "[email protected]",
"created_on": "2021-03-17T14:24:27Z",
"last_login_on": null
},
{
"id": 24,
"login": "DaiyuLIN",
"admin": false,
"firstname": "LIN",
"lastname": "DaiyuLIN",
"mail": "[email protected]",
"created_on": "2021-03-17T14:24:27Z",
"last_login_on": null
},
{
"id": 25,
"login": "ldap-20-1",
"admin": false,
"firstname": "tes",
"lastname": "LDAP2",
"mail": "[email protected]",
"created_on": "2021-03-17T14:41:13Z",
"last_login_on": null
},
{
"id": 5,
"login": "ldap1001",
"admin": false,
"firstname": "ldap1",
"lastname": "-LDAP-",
"mail": "[email protected]",
"created_on": "2021-03-14T14:16:21Z",
"last_login_on": "2021-03-15T02:21:41Z"
},
{
"id": 15,
"login": "qz-test001",
"admin": false,
"firstname": "test1",
"lastname": "qz",
"mail": "[email protected]",
"created_on": "2021-03-17T10:45:06Z",
"last_login_on": null
},
{
"id": 20,
"login": "诸葛亮",
"admin": false,
"firstname": "葛亮",
"lastname": "诸",
"mail": "[email protected]",
"created_on": "2021-03-17T13:42:04Z",
"last_login_on": "2021-03-17T13:42:39Z"
}
],
"total_count": 8,
"offset": 0,
"limit": 25
}
==========================================================
:L_end
@ECHO on
主要参考
Redmine之RestApi集成方式 淼叔 2017-12-05 21:47:00
Redmine官方参考文档
Guide » Developer Guide » Rest api »
Using the REST API with cURL