Class: Chef::REST

Inherits:

Object

• Object
• Chef::REST

Defined in:

lib/chef/rest.rb,
lib/chef/rest/cookie_jar.rb,
lib/chef/rest/rest_request.rb,
lib/chef/rest/auth_credentials.rb

Overview

Chef::REST

Chef’s custom REST client with built-in JSON support and RSA signed header authentication.

Direct Known Subclasses

Shef::ShefREST

Defined Under Namespace

Classes: AuthCredentials, CookieJar, NoopInflater, RESTRequest

Constant Summary

CONTENT_ENCODING =

"content-encoding".freeze

GZIP =

"gzip".freeze

DEFLATE =

"deflate".freeze

IDENTITY =

"identity".freeze

Instance Attribute Summary

• #auth_credentials ⇒ Object readonly

  Returns the value of attribute auth_credentials.

• #cookies ⇒ Object

  Returns the value of attribute cookies.

• #redirect_limit ⇒ Object

  Returns the value of attribute redirect_limit.

• #sign_on_redirect ⇒ Object

  Returns the value of attribute sign_on_redirect.

• #url ⇒ Object

  Returns the value of attribute url.

Instance Method Summary

• #api_request(method, url, headers = {}, data = false) ⇒ Object

  Runs an HTTP request to a JSON API with JSON body.

• #authentication_headers(method, url, json_body = nil) ⇒ Object
• #client_name ⇒ Object
• #config ⇒ Object
• #create_url(path) ⇒ Object
• #decompress_body(response) ⇒ Object
• #delete_rest(path, headers = {}) ⇒ Object

  Send an HTTP DELETE request to the path.

• #fetch(path, headers = {}) ⇒ Object

  Streams a download to a tempfile, then yields the tempfile to a block.

• #follow_redirect ⇒ Object
• #get_rest(path, raw = false, headers = {}) ⇒ Object

  Send an HTTP GET request to the path.

• #http_retry_count ⇒ Object
• #http_retry_delay ⇒ Object
• #initialize(url, client_name = Chef::Config[:node_name], signing_key_filename = Chef::Config[:client_key], options = {}) ⇒ REST constructor

  Create a REST client object.

• #post_rest(path, json, headers = {}) ⇒ Object

  Send an HTTP POST request to the path.

• #put_rest(path, json, headers = {}) ⇒ Object

  Send an HTTP PUT request to the path.

• #raw_http_request(method, url, headers, body) ⇒ Object

  Runs an HTTP request to a JSON API with raw body.

• #register(name = Chef::Config[:node_name], destination = Chef::Config[:client_key]) ⇒ Object

  Register the client – Requires you to load chef/api_client beforehand.

• #retriable_rest_request(method, url, req_body, headers) ⇒ Object
• #run_request(method, url, headers = {}, data = false, limit = nil, raw = false) ⇒ Object

  DEPRECATED Use api_request instead – Actually run an HTTP request.

• #sign_requests? ⇒ Boolean
• #signing_key ⇒ Object
• #signing_key_filename ⇒ Object
• #streaming_request(url, headers, &block) ⇒ Object

  Makes a streaming download request.

Constructor Details

#initialize(url, client_name = Chef::Config[:node_name], signing_key_filename = Chef::Config[:client_key], options = {}) ⇒ REST

Create a REST client object. The supplied url is used as the base for all subsequent requests. For example, when initialized with a base url localhost:4000, a call to get_rest with ‘nodes’ will make an HTTP GET request to localhost:4000/nodes

# File 'lib/chef/rest.rb', line 60

def initialize(url, client_name=Chef::Config[:node_name], signing_key_filename=Chef::Config[:client_key], options={})
  @url = url
  @cookies = CookieJar.instance
  @default_headers = options[:headers] || {}
  @auth_credentials = AuthCredentials.new(client_name, signing_key_filename)
  @sign_on_redirect, @sign_request = true, true
  @redirects_followed = 0
  @redirect_limit = 10
  @disable_gzip = false
  handle_options(options)
end

Instance Attribute Details

#auth_credentials ⇒ Object (readonly)

Returns the value of attribute auth_credentials.

# File 'lib/chef/rest.rb', line 48

def auth_credentials
  @auth_credentials
end

#cookies ⇒ Object

Returns the value of attribute cookies.

# File 'lib/chef/rest.rb', line 49

def cookies
  @cookies
end

#redirect_limit ⇒ Object

Returns the value of attribute redirect_limit.

# File 'lib/chef/rest.rb', line 49

def redirect_limit
  @redirect_limit
end

#sign_on_redirect ⇒ Object

Returns the value of attribute sign_on_redirect.

# File 'lib/chef/rest.rb', line 49

def sign_on_redirect
  @sign_on_redirect
end

#url ⇒ Object

Returns the value of attribute url.

# File 'lib/chef/rest.rb', line 49

def url
  @url
end

Instance Method Details

#api_request(method, url, headers = {}, data = false) ⇒ Object

Runs an HTTP request to a JSON API with JSON body. File Download not supported.

# File 'lib/chef/rest.rb', line 244

def api_request(method, url, headers={}, data=false)
  json_body = data ? Chef::JSONCompat.to_json(data) : nil
  # Force encoding to binary to fix SSL related EOFErrors
  # cf. http://tickets.opscode.com/browse/CHEF-2363
  # http://redmine.ruby-lang.org/issues/5233
  json_body.force_encoding(Encoding::BINARY) if json_body.respond_to?(:force_encoding)
  raw_http_request(method, url, headers, json_body)
end

#authentication_headers(method, url, json_body = nil) ⇒ Object

# File 'lib/chef/rest.rb', line 408

def authentication_headers(method, url, json_body=nil)
  request_params = {:http_method => method, :path => url.path, :body => json_body, :host => "#{url.host}:#{url.port}"}
  request_params[:body] ||= ""
  auth_credentials.signature_headers(request_params)
end

#client_name ⇒ Object

# File 'lib/chef/rest.rb', line 76

def client_name
  @auth_credentials.client_name
end

#config ⇒ Object

# File 'lib/chef/rest.rb', line 422

def config
  Chef::Config
end

#create_url(path) ⇒ Object

# File 'lib/chef/rest.rb', line 168

def create_url(path)
  if path =~ /^(http|https):\/\//
    URI.parse(path)
  else
    URI.parse("#{@url}/#{path}")
  end
end

#decompress_body(response) ⇒ Object

# File 'lib/chef/rest.rb', line 308

def decompress_body(response)
  if gzip_disabled?
    response.body
  else
    case response[CONTENT_ENCODING]
    when GZIP
      Chef::Log.debug "decompressing gzip response"
      Zlib::Inflate.new(Zlib::MAX_WBITS + 16).inflate(response.body)
    when DEFLATE
      Chef::Log.debug "decompressing deflate response"
      Zlib::Inflate.inflate(response.body)
    else
      response.body
    end
  end
end

#delete_rest(path, headers = {}) ⇒ Object

Send an HTTP DELETE request to the path

# File 'lib/chef/rest.rb', line 145

def delete_rest(path, headers={})
  api_request(:DELETE, create_url(path), headers)
end

#fetch(path, headers = {}) ⇒ Object

Streams a download to a tempfile, then yields the tempfile to a block. After the download, the tempfile will be closed and unlinked. If you rename the tempfile, it will not be deleted. Beware that if the server streams infinite content, this method will stream it until you run out of disk space.

# File 'lib/chef/rest.rb', line 164

def fetch(path, headers={})
  streaming_request(create_url(path), headers) {|tmp_file| yield tmp_file }
end

#follow_redirect ⇒ Object

# File 'lib/chef/rest.rb', line 426

def follow_redirect
  raise Chef::Exceptions::RedirectLimitExceeded if @redirects_followed >= redirect_limit
  @redirects_followed += 1
  Chef::Log.debug("Following redirect #{@redirects_followed}/#{redirect_limit}")
  if @sign_on_redirect
    yield
  else
    @sign_request = false
    yield
  end
ensure
  @redirects_followed = 0
  @sign_request = true
end

#get_rest(path, raw = false, headers = {}) ⇒ Object

Send an HTTP GET request to the path

Using this method to fetch a file is considered deprecated.

Parameters

path

The path to GET

raw

Whether you want the raw body returned, or JSON inflated. Defaults

to JSON inflated.

# File 'lib/chef/rest.rb', line 136

def get_rest(path, raw=false, headers={})
  if raw
    streaming_request(create_url(path), headers)
  else
    api_request(:GET, create_url(path), headers)
  end
end

#http_retry_count ⇒ Object

# File 'lib/chef/rest.rb', line 418

def http_retry_count
  config[:http_retry_count]
end

#http_retry_delay ⇒ Object

# File 'lib/chef/rest.rb', line 414

def http_retry_delay
  config[:http_retry_delay]
end

#post_rest(path, json, headers = {}) ⇒ Object

Send an HTTP POST request to the path

# File 'lib/chef/rest.rb', line 150

def post_rest(path, json, headers={})
  api_request(:POST, create_url(path), headers, json)
end

#put_rest(path, json, headers = {}) ⇒ Object

Send an HTTP PUT request to the path

# File 'lib/chef/rest.rb', line 155

def put_rest(path, json, headers={})
  api_request(:PUT, create_url(path), headers, json)
end

#raw_http_request(method, url, headers, body) ⇒ Object

Runs an HTTP request to a JSON API with raw body. File Download not supported.

# File 'lib/chef/rest.rb', line 254

def raw_http_request(method, url, headers, body)
  headers = build_headers(method, url, headers, body)
  retriable_rest_request(method, url, body, headers) do |rest_request|
    begin
      response = rest_request.call {|r| r.read_body}

      Chef::Log.debug("---- HTTP Status and Header Data: ----")
      Chef::Log.debug("HTTP #{response.http_version} #{response.code} #{response.msg}")

      response.each do |header, value|
        Chef::Log.debug("#{header}: #{value}")
      end
      Chef::Log.debug("---- End HTTP Status/Header Data ----")

      response_body = decompress_body(response)

      # 204 is successful, Net::HTTP returns nil response body.
      # Don't attempt to parse it.
      if response.kind_of?(Net::HTTPNoContent)
        response_body
      elsif response.kind_of?(Net::HTTPSuccess)
        if response['content-type'] =~ /json/
          Chef::JSONCompat.from_json(response_body.chomp)
        else
          Chef::Log.warn("Expected JSON response, but got content-type '#{response['content-type']}'")
          response_body
        end
      elsif redirect_location = redirected_to(response)
        if [:GET, :HEAD].include?(method)
          follow_redirect {api_request(method, create_url(redirect_location), headers)}
        else
          raise Exceptions::InvalidRedirect, "#{method} request was redirected from #{url} to #{redirect_location}. Only GET and HEAD support redirects."
        end
      else
        # have to decompress the body before making an exception for it. But the body could be nil.
        response.body.replace(decompress_body(response)) if response.body.respond_to?(:replace)

        if response['content-type'] =~ /json/
          exception = Chef::JSONCompat.from_json(response_body)
          msg = "HTTP Request Returned #{response.code} #{response.message}: "
          msg << (exception["error"].respond_to?(:join) ? exception["error"].join(", ") : exception["error"].to_s)
          Chef::Log.info(msg)
        end
        response.error!
      end
    rescue Exception => e
      if e.respond_to?(:chef_rest_request=)
        e.chef_rest_request = rest_request
      end
      raise
    end
  end
end

#register(name = Chef::Config[:node_name], destination = Chef::Config[:client_key]) ⇒ Object

Register the client – Requires you to load chef/api_client beforehand. explicit require is removed since most users of this class have no need for chef/api_client. This functionality should be moved anyway…

# File 'lib/chef/rest.rb', line 89

def register(name=Chef::Config[:node_name], destination=Chef::Config[:client_key])
  if (File.exists?(destination) &&  !File.writable?(destination))
    raise Chef::Exceptions::CannotWritePrivateKey, "I cannot write your private key to #{destination} - check permissions?"
  end
  nc = Chef::ApiClient.new
  nc.name(name)

  catch(:done) do
    retries = config[:client_registration_retries] || 5
    0.upto(retries) do |n|
      begin
        response = nc.save(true, true)
        Chef::Log.debug("Registration response: #{response.inspect}")
        private_key = if response.respond_to?(:[])
          response["private_key"]
        else
          response.private_key
        end
        unless private_key
          raise Chef::Exceptions::CannotWritePrivateKey, "The response from the server did not include a private key!"
        end
        # Write out the private key
        ::File.open(destination, "w") {|f|
          f.chmod(0600)
          f.print(private_key)
        }
        throw :done
      rescue IOError
        raise Chef::Exceptions::CannotWritePrivateKey, "I cannot write your private key to #{destination}"
      rescue Net::HTTPFatalError => e
        Chef::Log.warn("Failed attempt #{n} of #{retries+1} on client creation")
        raise unless e.response.code == "500"
      end
    end
  end

  true
end

#retriable_rest_request(method, url, req_body, headers) ⇒ Object

# File 'lib/chef/rest.rb', line 368

def retriable_rest_request(method, url, req_body, headers)
  rest_request = Chef::REST::RESTRequest.new(method, url, req_body, headers)

  Chef::Log.debug("Sending HTTP Request via #{method} to #{url.host}:#{url.port}#{rest_request.path}")

  http_attempts = 0

  begin
    http_attempts += 1

    yield rest_request

  rescue SocketError, Errno::ETIMEDOUT => e
    e.message.replace "Error connecting to #{url} - #{e.message}"
    raise e
  rescue Errno::ECONNREFUSED
    if http_retry_count - http_attempts + 1 > 0
      Chef::Log.error("Connection refused connecting to #{url.host}:#{url.port} for #{rest_request.path}, retry #{http_attempts}/#{http_retry_count}")
      sleep(http_retry_delay)
      retry
    end
    raise Errno::ECONNREFUSED, "Connection refused connecting to #{url.host}:#{url.port} for #{rest_request.path}, giving up"
  rescue Timeout::Error
    if http_retry_count - http_attempts + 1 > 0
      Chef::Log.error("Timeout connecting to #{url.host}:#{url.port} for #{rest_request.path}, retry #{http_attempts}/#{http_retry_count}")
      sleep(http_retry_delay)
      retry
    end
    raise Timeout::Error, "Timeout connecting to #{url.host}:#{url.port} for #{rest_request.path}, giving up"
  rescue Net::HTTPFatalError => e
    if http_retry_count - http_attempts + 1 > 0
      sleep_time = 1 + (2 ** http_attempts) + rand(2 ** http_attempts)
      Chef::Log.error("Server returned error for #{url}, retrying #{http_attempts}/#{http_retry_count} in #{sleep_time}s")
      sleep(sleep_time)
      retry
    end
    raise
  end
end

#run_request(method, url, headers = {}, data = false, limit = nil, raw = false) ⇒ Object

DEPRECATED

Use api_request instead – Actually run an HTTP request. First argument is the HTTP method, which should be one of :GET, :PUT, :POST or :DELETE. Next is the URL, then an object to include in the body (which will be converted with .to_json). The limit argument is unused, it is present for backwards compatibility. Configure the redirect limit with #redirect_limit= instead.

Typically, you won’t use this method – instead, you’ll use one of the helper methods (get_rest, post_rest, etc.)

Will return the body of the response on success.

# File 'lib/chef/rest.rb', line 194

def run_request(method, url, headers={}, data=false, limit=nil, raw=false)
  json_body = data ? Chef::JSONCompat.to_json(data) : nil
  # Force encoding to binary to fix SSL related EOFErrors
  # cf. http://tickets.opscode.com/browse/CHEF-2363
  # http://redmine.ruby-lang.org/issues/5233
  json_body.force_encoding(Encoding::BINARY) if json_body.respond_to?(:force_encoding)
  headers = build_headers(method, url, headers, json_body, raw)

  tf, response_body = nil, nil

  retriable_rest_request(method, url, json_body, headers) do |rest_request|

    res = rest_request.call do |response|
      if raw
        tf = stream_to_tempfile(url, response)
      else
        response_body = decompress_body(response)
      end
    end

    case res
    when Net::HTTPSuccess
      if res['content-type'] =~ /json/
        Chef::JSONCompat.from_json(response_body)
      else
        if method == :HEAD
          true
        elsif raw
          tf
        else
          response_body
        end
      end
    when Net::HTTPNotModified # Must be tested before Net::HTTPRedirection because it's subclass.
      false
    when Net::HTTPRedirection
      follow_redirect {run_request(method, create_url(res['location']), headers, false, nil, raw)}
    else
      if res['content-type'] =~ /json/
        exception = Chef::JSONCompat.from_json(response_body)
        msg = "HTTP Request Returned #{res.code} #{res.message}: "
        msg << (exception["error"].respond_to?(:join) ? exception["error"].join(", ") : exception["error"].to_s)
        Chef::Log.warn(msg)
      end
      res.error!
    end
  end
end

#sign_requests? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/chef/rest.rb', line 176

def sign_requests?
  auth_credentials.sign_requests? && @sign_request
end

#signing_key ⇒ Object

# File 'lib/chef/rest.rb', line 80

def signing_key
  @auth_credentials.raw_key
end

#signing_key_filename ⇒ Object

# File 'lib/chef/rest.rb', line 72

def signing_key_filename
  @auth_credentials.key_file
end

#streaming_request(url, headers, &block) ⇒ Object

Makes a streaming download request. Doesn’t speak JSON. Streams the response body to a tempfile. If a block is given, it’s passed to Tempfile.open(), which means that the tempfile will automatically be unlinked after the block is executed.

If no block is given, the tempfile is returned, which means it’s up to you to unlink the tempfile when you’re done with it.

# File 'lib/chef/rest.rb', line 332

def streaming_request(url, headers, &block)
  headers = build_headers(:GET, url, headers, nil, true)
  retriable_rest_request(:GET, url, nil, headers) do |rest_request|
    begin
      tempfile = nil
      response = rest_request.call do |r|
        if block_given? && r.kind_of?(Net::HTTPSuccess)
          begin
            tempfile = stream_to_tempfile(url, r, &block)
            yield tempfile
          ensure
            tempfile && tempfile.close!
          end
        else
          tempfile = stream_to_tempfile(url, r)
        end
      end
      if response.kind_of?(Net::HTTPSuccess)
        tempfile
      elsif redirect_location = redirected_to(response)
        # TODO: test tempfile unlinked when following redirects.
        tempfile && tempfile.close!
        follow_redirect {streaming_request(create_url(redirect_location), {}, &block)}
      else
        tempfile && tempfile.close!
        response.error!
      end
    rescue Exception => e
      if e.respond_to?(:chef_rest_request=)
        e.chef_rest_request = rest_request
      end
      raise
    end
  end
end