Class: Chef::REST

Inherits:
Object show all
Defined in:
lib/chef/rest.rb,
lib/chef/rest/cookie_jar.rb,
lib/chef/rest/rest_request.rb,
lib/chef/rest/auth_credentials.rb

Overview

Chef::REST

Chef’s custom REST client with built-in JSON support and RSA signed header authentication.

Direct Known Subclasses

Shef::ShefREST

Defined Under Namespace

Classes: AuthCredentials, CookieJar, RESTRequest

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(url, client_name = Chef::Config[:node_name], signing_key_filename = Chef::Config[:client_key], options = {}) ⇒ REST

Create a REST client object. The supplied url is used as the base for all subsequent requests. For example, when initialized with a base url localhost:4000, a call to get_rest with ‘nodes’ will make an HTTP GET request to localhost:4000/nodes



43
44
45
46
47
48
49
50
51
# File 'lib/chef/rest.rb', line 43

def initialize(url, client_name=Chef::Config[:node_name], signing_key_filename=Chef::Config[:client_key], options={})
  @url = url
  @cookies = CookieJar.instance
  @default_headers = options[:headers] || {}
  @auth_credentials = AuthCredentials.new(client_name, signing_key_filename)
  @sign_on_redirect, @sign_request = true, true
  @redirects_followed = 0
  @redirect_limit = 10
end

Instance Attribute Details

#auth_credentialsObject (readonly)

Returns the value of attribute auth_credentials.



36
37
38
# File 'lib/chef/rest.rb', line 36

def auth_credentials
  @auth_credentials
end

#cookiesObject

Returns the value of attribute cookies.



37
38
39
# File 'lib/chef/rest.rb', line 37

def cookies
  @cookies
end

#redirect_limitObject

Returns the value of attribute redirect_limit.



37
38
39
# File 'lib/chef/rest.rb', line 37

def redirect_limit
  @redirect_limit
end

#sign_on_redirectObject

Returns the value of attribute sign_on_redirect.



37
38
39
# File 'lib/chef/rest.rb', line 37

def sign_on_redirect
  @sign_on_redirect
end

#urlObject

Returns the value of attribute url.



37
38
39
# File 'lib/chef/rest.rb', line 37

def url
  @url
end

Instance Method Details

#api_request(method, url, headers = {}, data = false) ⇒ Object

Runs an HTTP request to a JSON API. File Download not supported.



218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
# File 'lib/chef/rest.rb', line 218

def api_request(method, url, headers={}, data=false)
  json_body = data ? Chef::JSONCompat.to_json(data) : nil
  # Force encoding to binary to fix SSL related EOFErrors
  # cf. http://tickets.opscode.com/browse/CHEF-2363
  # http://redmine.ruby-lang.org/issues/5233
  json_body.force_encoding(Encoding::BINARY) if json_body.respond_to?(:force_encoding)
  headers = build_headers(method, url, headers, json_body)

  retriable_rest_request(method, url, json_body, headers) do |rest_request|
    response = rest_request.call {|r| r.read_body}

    if response.kind_of?(Net::HTTPSuccess)
      if response['content-type'] =~ /json/
        Chef::JSONCompat.from_json(response.body.chomp)
      else
        Chef::Log.warn("Expected JSON response, but got content-type '#{response['content-type']}'")
        response.body
      end
    elsif redirect_location = redirected_to(response)
      follow_redirect {api_request(:GET, create_url(redirect_location))}
    else
      if response['content-type'] =~ /json/
        exception = Chef::JSONCompat.from_json(response.body)
        msg = "HTTP Request Returned #{response.code} #{response.message}: "
        msg << (exception["error"].respond_to?(:join) ? exception["error"].join(", ") : exception["error"].to_s)
        Chef::Log.info(msg)
      end
      response.error!
    end
  end
end

#authentication_headers(method, url, json_body = nil) ⇒ Object



326
327
328
329
330
# File 'lib/chef/rest.rb', line 326

def authentication_headers(method, url, json_body=nil)
  request_params = {:http_method => method, :path => url.path, :body => json_body, :host => "#{url.host}:#{url.port}"}
  request_params[:body] ||= ""
  auth_credentials.signature_headers(request_params)
end

#client_nameObject



57
58
59
# File 'lib/chef/rest.rb', line 57

def client_name
  @auth_credentials.client_name
end

#configObject



340
341
342
# File 'lib/chef/rest.rb', line 340

def config
  Chef::Config
end

#create_url(path) ⇒ Object



142
143
144
145
146
147
148
# File 'lib/chef/rest.rb', line 142

def create_url(path)
  if path =~ /^(http|https):\/\//
    URI.parse(path)
  else
    URI.parse("#{@url}/#{path}")
  end
end

#delete_rest(path, headers = {}) ⇒ Object

Send an HTTP DELETE request to the path



119
120
121
# File 'lib/chef/rest.rb', line 119

def delete_rest(path, headers={})
  api_request(:DELETE, create_url(path), headers)
end

#fetch(path, headers = {}) ⇒ Object

Streams a download to a tempfile, then yields the tempfile to a block. After the download, the tempfile will be closed and unlinked. If you rename the tempfile, it will not be deleted. Beware that if the server streams infinite content, this method will stream it until you run out of disk space.



138
139
140
# File 'lib/chef/rest.rb', line 138

def fetch(path, headers={})
  streaming_request(create_url(path), headers) {|tmp_file| yield tmp_file }
end

#follow_redirectObject



344
345
346
347
348
349
350
351
352
353
354
355
356
357
# File 'lib/chef/rest.rb', line 344

def follow_redirect
  raise Chef::Exceptions::RedirectLimitExceeded if @redirects_followed >= redirect_limit
  @redirects_followed += 1
  Chef::Log.debug("Following redirect #{@redirects_followed}/#{redirect_limit}")
  if @sign_on_redirect
    yield
  else
    @sign_request = false
    yield
  end
ensure
  @redirects_followed = 0
  @sign_request = true
end

#get_rest(path, raw = false, headers = {}) ⇒ Object

Send an HTTP GET request to the path

Using this method to fetch a file is considered deprecated.

Parameters

path

The path to GET

raw

Whether you want the raw body returned, or JSON inflated. Defaults

to JSON inflated.


110
111
112
113
114
115
116
# File 'lib/chef/rest.rb', line 110

def get_rest(path, raw=false, headers={})
  if raw
    streaming_request(create_url(path), headers)
  else
    api_request(:GET, create_url(path), headers)
  end
end

#http_retry_countObject



336
337
338
# File 'lib/chef/rest.rb', line 336

def http_retry_count
  config[:http_retry_count]
end

#http_retry_delayObject



332
333
334
# File 'lib/chef/rest.rb', line 332

def http_retry_delay
  config[:http_retry_delay]
end

#post_rest(path, json, headers = {}) ⇒ Object

Send an HTTP POST request to the path



124
125
126
# File 'lib/chef/rest.rb', line 124

def post_rest(path, json, headers={})
  api_request(:POST, create_url(path), headers, json)
end

#put_rest(path, json, headers = {}) ⇒ Object

Send an HTTP PUT request to the path



129
130
131
# File 'lib/chef/rest.rb', line 129

def put_rest(path, json, headers={})
  api_request(:PUT, create_url(path), headers, json)
end

#register(name = Chef::Config[:node_name], destination = Chef::Config[:client_key]) ⇒ Object

Register the client – Requires you to load chef/api_client beforehand. explicit require is removed since most users of this class have no need for chef/api_client. This functionality should be moved anyway…



70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
# File 'lib/chef/rest.rb', line 70

def register(name=Chef::Config[:node_name], destination=Chef::Config[:client_key])
  if (File.exists?(destination) &&  !File.writable?(destination))
    raise Chef::Exceptions::CannotWritePrivateKey, "I cannot write your private key to #{destination} - check permissions?"
  end
  nc = Chef::ApiClient.new
  nc.name(name)

  catch(:done) do
    retries = config[:client_registration_retries] || 5
    0.upto(retries) do |n|
      begin
        response = nc.save(true, true)
        Chef::Log.debug("Registration response: #{response.inspect}")
        raise Chef::Exceptions::CannotWritePrivateKey, "The response from the server did not include a private key!" unless response.has_key?("private_key")
        # Write out the private key
        ::File.open(destination, "w") {|f|
          f.chmod(0600)
          f.print(response["private_key"])
        }
        throw :done
      rescue IOError
        raise Chef::Exceptions::CannotWritePrivateKey, "I cannot write your private key to #{destination}"
      rescue Net::HTTPFatalError => e
        Chef::Log.warn("Failed attempt #{n} of #{retries+1} on client creation")
        raise unless e.response.code == "500"
      end
    end
  end

  true
end

#retriable_rest_request(method, url, req_body, headers) ⇒ Object



286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
# File 'lib/chef/rest.rb', line 286

def retriable_rest_request(method, url, req_body, headers)
  rest_request = Chef::REST::RESTRequest.new(method, url, req_body, headers)

  Chef::Log.debug("Sending HTTP Request via #{method} to #{url.host}:#{url.port}#{rest_request.path}")

  http_attempts = 0

  begin
    http_attempts += 1

    res = yield rest_request

  rescue SocketError, Errno::ETIMEDOUT => e
    e.message.replace "Error connecting to #{url} - #{e.message}"
    raise e
  rescue Errno::ECONNREFUSED
    if http_retry_count - http_attempts + 1 > 0
      Chef::Log.error("Connection refused connecting to #{url.host}:#{url.port} for #{rest_request.path}, retry #{http_attempts}/#{http_retry_count}")
      sleep(http_retry_delay)
      retry
    end
    raise Errno::ECONNREFUSED, "Connection refused connecting to #{url.host}:#{url.port} for #{rest_request.path}, giving up"
  rescue Timeout::Error
    if http_retry_count - http_attempts + 1 > 0
      Chef::Log.error("Timeout connecting to #{url.host}:#{url.port} for #{rest_request.path}, retry #{http_attempts}/#{http_retry_count}")
      sleep(http_retry_delay)
      retry
    end
    raise Timeout::Error, "Timeout connecting to #{url.host}:#{url.port} for #{rest_request.path}, giving up"
  rescue Net::HTTPFatalError => e
    if http_retry_count - http_attempts + 1 > 0
      sleep_time = 1 + (2 ** http_attempts) + rand(2 ** http_attempts)
      Chef::Log.error("Server returned error for #{url}, retrying #{http_attempts}/#{http_retry_count} in #{sleep_time}s")
      sleep(sleep_time)
      retry
    end
    raise
  end
end

#run_request(method, url, headers = {}, data = false, limit = nil, raw = false) ⇒ Object

DEPRECATED

Use api_request instead – Actually run an HTTP request. First argument is the HTTP method, which should be one of :GET, :PUT, :POST or :DELETE. Next is the URL, then an object to include in the body (which will be converted with .to_json). The limit argument is unused, it is present for backwards compatibility. Configure the redirect limit with #redirect_limit= instead.

Typically, you won’t use this method – instead, you’ll use one of the helper methods (get_rest, post_rest, etc.)

Will return the body of the response on success.



168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
# File 'lib/chef/rest.rb', line 168

def run_request(method, url, headers={}, data=false, limit=nil, raw=false)
  json_body = data ? Chef::JSONCompat.to_json(data) : nil
  # Force encoding to binary to fix SSL related EOFErrors
  # cf. http://tickets.opscode.com/browse/CHEF-2363
  # http://redmine.ruby-lang.org/issues/5233
  json_body.force_encoding(Encoding::BINARY) if json_body.respond_to?(:force_encoding)
  headers = build_headers(method, url, headers, json_body, raw)

  tf = nil

  retriable_rest_request(method, url, json_body, headers) do |rest_request|

    res = rest_request.call do |response|
      if raw
        tf = stream_to_tempfile(url, response)
      else
        response.read_body
      end
    end

    if res.kind_of?(Net::HTTPSuccess)
      if res['content-type'] =~ /json/
        response_body = res.body.chomp
        Chef::JSONCompat.from_json(response_body)
      else
        if method == :HEAD
          true
        elsif raw
          tf
        else
          res.body
        end
      end
    elsif res.kind_of?(Net::HTTPFound) or res.kind_of?(Net::HTTPMovedPermanently)
      follow_redirect {run_request(method, create_url(res['location']), headers, false, nil, raw)}
    elsif res.kind_of?(Net::HTTPNotModified)
      false
    else
      if res['content-type'] =~ /json/
        exception = Chef::JSONCompat.from_json(res.body)
        msg = "HTTP Request Returned #{res.code} #{res.message}: "
        msg << (exception["error"].respond_to?(:join) ? exception["error"].join(", ") : exception["error"].to_s)
        Chef::Log.warn(msg)
      end
      res.error!
    end
  end
end

#sign_requests?Boolean

Returns:

  • (Boolean)


150
151
152
# File 'lib/chef/rest.rb', line 150

def sign_requests?
  auth_credentials.sign_requests? && @sign_request
end

#signing_keyObject



61
62
63
# File 'lib/chef/rest.rb', line 61

def signing_key
  @auth_credentials.raw_key
end

#signing_key_filenameObject



53
54
55
# File 'lib/chef/rest.rb', line 53

def signing_key_filename
  @auth_credentials.key_file
end

#streaming_request(url, headers, &block) ⇒ Object

Makes a streaming download request. Doesn’t speak JSON. Streams the response body to a tempfile. If a block is given, it’s passed to Tempfile.open(), which means that the tempfile will automatically be unlinked after the block is executed.

If no block is given, the tempfile is returned, which means it’s up to you to unlink the tempfile when you’re done with it.



257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
# File 'lib/chef/rest.rb', line 257

def streaming_request(url, headers, &block)
  headers = build_headers(:GET, url, headers, nil, true)
  retriable_rest_request(:GET, url, nil, headers) do |rest_request|
    tempfile = nil
    response = rest_request.call do |r|
      if block_given? && r.kind_of?(Net::HTTPSuccess)
        begin
          tempfile = stream_to_tempfile(url, r, &block)
          yield tempfile
        ensure
          tempfile.close!
        end
      else
        tempfile = stream_to_tempfile(url, r)
      end
    end
    if response.kind_of?(Net::HTTPSuccess)
      tempfile
    elsif redirect_location = redirected_to(response)
      # TODO: test tempfile unlinked when following redirects.
      tempfile && tempfile.close!
      follow_redirect {streaming_request(create_url(redirect_location), {}, &block)}
    else
      tempfile && tempfile.close!
      response.error!
    end
  end
end