Class: Chef::HTTP::Authenticator
- Inherits:
-
Object
- Object
- Chef::HTTP::Authenticator
- Defined in:
- lib/chef/http/authenticator.rb
Constant Summary collapse
- DEFAULT_SERVER_API_VERSION =
"1".freeze
Instance Attribute Summary collapse
-
#api_version ⇒ Object
readonly
Returns the value of attribute api_version.
-
#attr_names ⇒ Object
readonly
Returns the value of attribute attr_names.
-
#auth_credentials ⇒ Object
readonly
Returns the value of attribute auth_credentials.
-
#raw_key ⇒ Object
readonly
Returns the value of attribute raw_key.
-
#sign_request ⇒ Object
Returns the value of attribute sign_request.
-
#signing_key_filename ⇒ Object
readonly
Returns the value of attribute signing_key_filename.
-
#version_class ⇒ Object
readonly
Returns the value of attribute version_class.
Instance Method Summary collapse
- #authentication_headers(method, url, json_body = nil, headers = nil) ⇒ Object
- #client_name ⇒ Object
- #handle_request(method, url, headers = {}, data = false) ⇒ Object
- #handle_response(http_response, rest_request, return_value) ⇒ Object
- #handle_stream_complete(http_response, rest_request, return_value) ⇒ Object
-
#initialize(opts = {}) ⇒ Authenticator
constructor
A new instance of Authenticator.
- #load_signing_key(key_file, raw_key = nil) ⇒ Object
- #request_version ⇒ Object
- #sign_requests? ⇒ Boolean
- #stream_response_handler(response) ⇒ Object
Constructor Details
#initialize(opts = {}) ⇒ Authenticator
Returns a new instance of Authenticator.
38 39 40 41 42 43 44 45 46 |
# File 'lib/chef/http/authenticator.rb', line 38 def initialize(opts = {}) @raw_key = nil @sign_request = true @signing_key_filename = opts[:signing_key_filename] @key = load_signing_key(opts[:signing_key_filename], opts[:raw_key]) @auth_credentials = AuthCredentials.new(opts[:client_name], @key, use_ssh_agent: opts[:ssh_agent_signing]) @version_class = opts[:version_class] @api_version = opts[:api_version] end |
Instance Attribute Details
#api_version ⇒ Object (readonly)
Returns the value of attribute api_version.
34 35 36 |
# File 'lib/chef/http/authenticator.rb', line 34 def api_version @api_version end |
#attr_names ⇒ Object (readonly)
Returns the value of attribute attr_names.
31 32 33 |
# File 'lib/chef/http/authenticator.rb', line 31 def attr_names @attr_names end |
#auth_credentials ⇒ Object (readonly)
Returns the value of attribute auth_credentials.
32 33 34 |
# File 'lib/chef/http/authenticator.rb', line 32 def auth_credentials @auth_credentials end |
#raw_key ⇒ Object (readonly)
Returns the value of attribute raw_key.
30 31 32 |
# File 'lib/chef/http/authenticator.rb', line 30 def raw_key @raw_key end |
#sign_request ⇒ Object
Returns the value of attribute sign_request.
36 37 38 |
# File 'lib/chef/http/authenticator.rb', line 36 def sign_request @sign_request end |
#signing_key_filename ⇒ Object (readonly)
Returns the value of attribute signing_key_filename.
29 30 31 |
# File 'lib/chef/http/authenticator.rb', line 29 def signing_key_filename @signing_key_filename end |
#version_class ⇒ Object (readonly)
Returns the value of attribute version_class.
33 34 35 |
# File 'lib/chef/http/authenticator.rb', line 33 def version_class @version_class end |
Instance Method Details
#authentication_headers(method, url, json_body = nil, headers = nil) ⇒ Object
105 106 107 108 109 110 111 112 113 114 115 |
# File 'lib/chef/http/authenticator.rb', line 105 def authentication_headers(method, url, json_body = nil, headers = nil) request_params = { http_method: method, path: url.path, body: json_body, host: "#{url.host}:#{url.port}", headers: headers, } request_params[:body] ||= "" auth_credentials.signature_headers(request_params) end |
#client_name ⇒ Object
80 81 82 |
# File 'lib/chef/http/authenticator.rb', line 80 def client_name @auth_credentials.client_name end |
#handle_request(method, url, headers = {}, data = false) ⇒ Object
48 49 50 51 52 |
# File 'lib/chef/http/authenticator.rb', line 48 def handle_request(method, url, headers = {}, data = false) headers["X-Ops-Server-API-Version"] = request_version headers.merge!(authentication_headers(method, url, data, headers)) if sign_requests? [method, url, headers, data] end |
#handle_response(http_response, rest_request, return_value) ⇒ Object
54 55 56 |
# File 'lib/chef/http/authenticator.rb', line 54 def handle_response(http_response, rest_request, return_value) [http_response, rest_request, return_value] end |
#handle_stream_complete(http_response, rest_request, return_value) ⇒ Object
62 63 64 |
# File 'lib/chef/http/authenticator.rb', line 62 def handle_stream_complete(http_response, rest_request, return_value) [http_response, rest_request, return_value] end |
#load_signing_key(key_file, raw_key = nil) ⇒ Object
84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 |
# File 'lib/chef/http/authenticator.rb', line 84 def load_signing_key(key_file, raw_key = nil) if !!key_file @raw_key = IO.read(key_file).strip elsif !!raw_key @raw_key = raw_key.strip else return nil end # Pass in '' as the passphrase to avoid OpenSSL prompting on the TTY if # given an encrypted key. This also helps if using a single file for # both the public and private key with ssh-agent mode. @key = OpenSSL::PKey::RSA.new(@raw_key, "") rescue SystemCallError, IOError => e Chef::Log.warn "Failed to read the private key #{key_file}: #{e.inspect}" raise Chef::Exceptions::PrivateKeyMissing, "I cannot read #{key_file}, which you told me to use to sign requests!" rescue OpenSSL::PKey::RSAError msg = "The file #{key_file} or :raw_key option does not contain a correctly formatted private key or the key is encrypted.\n" msg << "The key file should begin with '-----BEGIN RSA PRIVATE KEY-----' and end with '-----END RSA PRIVATE KEY-----'" raise Chef::Exceptions::InvalidPrivateKey, msg end |
#request_version ⇒ Object
66 67 68 69 70 71 72 73 74 |
# File 'lib/chef/http/authenticator.rb', line 66 def request_version if version_class version_class.best_request_version elsif api_version api_version else DEFAULT_SERVER_API_VERSION end end |
#sign_requests? ⇒ Boolean
76 77 78 |
# File 'lib/chef/http/authenticator.rb', line 76 def sign_requests? auth_credentials.sign_requests? && @sign_request end |
#stream_response_handler(response) ⇒ Object
58 59 60 |
# File 'lib/chef/http/authenticator.rb', line 58 def stream_response_handler(response) nil end |