看看cf push的输出：
和登录认证相关的endpoint：

X-Vcap-Request-Id: 16e27e27-17d2-40db-7da2-435e9a0436d7::b73939f3-06da-4b69-838b-336bf5ce78c8
{
  "api_version": "2.128.0",
  "app_ssh_endpoint": "ssh.cf.eu10.hana.ondemand.com:2222",
  "app_ssh_host_key_fingerprint": "f3:12:47:b5:3a:19:6e:6c:4e:9d:90:2e:6f:8e:87:cc",
  "app_ssh_oauth_client": "ssh-proxy",
  "authorization_endpoint": "https://login.cf.eu10.hana.ondemand.com",
  "bits_endpoint": "https://bits.cf.eu10.hana.ondemand.com",
  "build": "",
  "description": "Cloud Foundry at SAP Cloud Platform",
  "doppler_logging_endpoint": "wss://doppler.cf.eu10.hana.ondemand.com:443",
  "min_cli_version": null,
  "min_recommended_cli_version": null,
  "name": "",
  "osbapi_version": "2.14",
  "support": "",
  "token_endpoint": "https://uaa.cf.eu10.hana.ondemand.com",
  "version": 0
}

登录请求响应：

RESPONSE: [2019-03-08T15:03:13+08:00]
HTTP/1.1 200 OK
Cache-Control: no-store
Content-Language: en-US
Content-Length: 551
Content-Type: application/json;charset=UTF-8
Date: Fri, 08 Mar 2019 07:03:12 GMT
Set-Cookie: X-Uaa-Csrf=xY0PfvhOLrudHW5q1tq34k; Max-Age=86400; Expires=Sat, 09-Mar-2019 07:03:13 GMT; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Vcap-Request-Id: 543f350b-825e-4ada-4632-08517b3c5bba
X-Xss-Protection: 1; mode=block

支持的登录方式：

{
  "app": {
    "version": "4.27.0"
  },
  "commit_id": "76e960d",
  "entityID": "login.cf.eu10.hana.ondemand.com",
  "idpDefinitions": {},
  "links": {
    "login": "https://login.cf.eu10.hana.ondemand.com",
    "passwd": "https://accounts.sap.com/ui/createForgottenPasswordMail?spName=cf.eu10.hana.ondemand.com",
    "register": "https://accounts.sap.com/ui/public/showRegisterForm?spName=cf.eu10.hana.ondemand.com",
    "uaa": "https://uaa.cf.eu10.hana.ondemand.com"
  },
  "prompts": {
    "password": [
      "password",
      "Password"
    ],
    "username": [
      "text",
      "Email"
    ]
  },
  "timestamp": "2019-01-25T17:50:24+0000",
  "zone_name": "uaa"
}

开始上传了：

Pushing from manifest to org I042416trial_trial / space dev as [email protected]
Using manifest file c:\Code\wechat\miniserver\manifest.yml
Getting app info...
REQUEST: [2019-03-08T15:03:13+08:00]
GET /v2/apps?q=name%3Ajerry+demo+server&q=space_guid%3A3c737cf5-81eb-4da4-852c-d08739c74def HTTP/1.1
Host: api.cf.eu10.hana.ondemand.com
Accept: application/json
Authorization: [PRIVATE DATA HIDDEN]
User-Agent: cf/6.36.1+e3799ad7e.2018-04-04 (go1.10.1; amd64 windows)

去拿token，599秒后过期：

REQUEST: [2019-03-08T15:03:13+08:00]
POST /oauth/token HTTP/1.1
Host: login.cf.eu10.hana.ondemand.com
Accept: application/json
Authorization: [PRIVATE DATA HIDDEN]
Connection: close
Content-Type: application/x-www-form-urlencoded
User-Agent: cf/6.36.1+e3799ad7e.2018-04-04 (go1.10.1; amd64 windows)
[PRIVATE DATA HIDDEN]

RESPONSE: [2019-03-08T15:03:14+08:00]
HTTP/1.1 200 OK
Cache-Control: no-store
Content-Type: application/json;charset=UTF-8
Date: Fri, 08 Mar 2019 07:03:13 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Vcap-Request-Id: d7e3772f-4c48-4764-68f1-d974eca25f1c
X-Xss-Protection: 1; mode=block
{
  "access_token": "[PRIVATE DATA HIDDEN]",
  "expires_in": 599,
  "id_token": "[PRIVATE DATA HIDDEN]",
  "jti": "1f17e96ef0554b9c91e8028d953cebba",
  "refresh_token": "[PRIVATE DATA HIDDEN]",
  "scope": "cloud_controller.read password.write cloud_controller.write openid uaa.user",
  "token_type": "[PRIVATE DATA HIDDEN]"
}

用Restful API去拿上传应用的抬头信息，

REQUEST: [2019-03-08T15:03:14+08:00]
GET /v2/apps?q=name%3Ajerry+demo+server&q=space_guid%3A3c737cf5-81eb-4da4-852c-d08739c74def HTTP/1.1
Host: api.cf.eu10.hana.ondemand.com
Accept: application/json
Authorization: [PRIVATE DATA HIDDEN]
User-Agent: cf/6.36.1+e3799ad7e.2018-04-04 (go1.10.1; amd64 windows)

RESPONSE: [2019-03-08T15:03:15+08:00]
HTTP/1.1 200 OK
Content-Length: 2141
Content-Type: application/json;charset=utf-8
Date: Fri, 08 Mar 2019 07:03:14 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options: nosniff
X-Ratelimit-Limit: 40000
X-Ratelimit-Remaining: 38707
X-Ratelimit-Reset: 1552029271
X-Vcap-Request-Id: d4e10fef-9f1a-4b47-6804-bbaf61728f57::24c11d5a-512a-4b6a-8def-5fe26d4a8091
{
  "next_url": null,
  "prev_url": null,

检测出的buildpack，监听端口，启动方式，资源quota等，基本就是manifest.yml里指定的内容。

然后去拿当前CloudFoundry物理操作系统的信息：

GET /v2/stacks/c0fdd885-3e8f-4859-9fa4-c0c9373cdeff HTTP/1.1
Host: api.cf.eu10.hana.ondemand.com
Accept: application/json
Authorization: [PRIVATE DATA HIDDEN]
User-Agent: cf/6.36.1+e3799ad7e.2018-04-04 (go1.10.1; amd64 windows)

RESPONSE: [2019-03-08T15:03:15+08:00]
HTTP/1.1 200 OK
Content-Length: 338
Content-Type: application/json;charset=utf-8
Date: Fri, 08 Mar 2019 07:03:15 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options: nosniff
X-Ratelimit-Limit: 40000
X-Ratelimit-Remaining: 38706
X-Ratelimit-Reset: 1552029271
X-Vcap-Request-Id: 330a191e-39f4-42d3-7f49-c9a7cd9875ec::2971cf15-f4be-44da-884b-9bee5bfc3008
{
  "entity": {
    "description": "Cloud Foundry Linux-based filesystem (Ubuntu 18.04)",
    "name": "cflinuxfs3"
  },
  "metadata": {
    "created_at": "2018-12-20T08:31:52Z",
    "guid": "c0fdd885-3e8f-4859-9fa4-c0c9373cdeff",
    "updated_at": "2018-12-20T08:31:52Z",
    "url": "/v2/stacks/c0fdd885-3e8f-4859-9fa4-c0c9373cdeff"
  }
}

要获取更多Jerry的原创文章，请关注公众号"汪子熙":