Class: Chef::HTTP::Authenticator

Inherits:

Object

• Object
• Chef::HTTP::Authenticator

Defined in:

lib/chef/http/authenticator.rb

Constant Summary

DEFAULT_SERVER_API_VERSION =

"1"

Instance Attribute Summary

• #attr_names ⇒ Object readonly

  Returns the value of attribute attr_names.

• #auth_credentials ⇒ Object readonly

  Returns the value of attribute auth_credentials.

• #raw_key ⇒ Object readonly

  Returns the value of attribute raw_key.

• #sign_request ⇒ Object

  Returns the value of attribute sign_request.

• #signing_key_filename ⇒ Object readonly

  Returns the value of attribute signing_key_filename.

Instance Method Summary

• #authentication_headers(method, url, json_body = nil, headers = nil) ⇒ Object
• #client_name ⇒ Object
• #handle_request(method, url, headers = {}, data = false) ⇒ Object
• #handle_response(http_response, rest_request, return_value) ⇒ Object
• #handle_stream_complete(http_response, rest_request, return_value) ⇒ Object
• #initialize(opts = {}) ⇒ Authenticator constructor

  A new instance of Authenticator.

• #load_signing_key(key_file, raw_key = nil) ⇒ Object
• #sign_requests? ⇒ Boolean
• #stream_response_handler(response) ⇒ Object

Constructor Details

#initialize(opts = {}) ⇒ Authenticator

Returns a new instance of Authenticator.

# File 'lib/chef/http/authenticator.rb', line 36

def initialize(opts = {})
  @raw_key = nil
  @sign_request = true
  @signing_key_filename = opts[:signing_key_filename]
  @key = load_signing_key(opts[:signing_key_filename], opts[:raw_key])
  @auth_credentials = AuthCredentials.new(opts[:client_name], @key)
  if opts[:api_version]
    @api_version = opts[:api_version]
  else
    @api_version = DEFAULT_SERVER_API_VERSION
  end
end

Instance Attribute Details

#attr_names ⇒ Object (readonly)

Returns the value of attribute attr_names.

# File 'lib/chef/http/authenticator.rb', line 31

def attr_names
  @attr_names
end

#auth_credentials ⇒ Object (readonly)

Returns the value of attribute auth_credentials.

# File 'lib/chef/http/authenticator.rb', line 32

def auth_credentials
  @auth_credentials
end

#raw_key ⇒ Object (readonly)

Returns the value of attribute raw_key.

# File 'lib/chef/http/authenticator.rb', line 30

def raw_key
  @raw_key
end

#sign_request ⇒ Object

Returns the value of attribute sign_request.

# File 'lib/chef/http/authenticator.rb', line 34

def sign_request
  @sign_request
end

#signing_key_filename ⇒ Object (readonly)

Returns the value of attribute signing_key_filename.

# File 'lib/chef/http/authenticator.rb', line 29

def signing_key_filename
  @signing_key_filename
end

Instance Method Details

#authentication_headers(method, url, json_body = nil, headers = nil) ⇒ Object

# File 'lib/chef/http/authenticator.rb', line 93

def authentication_headers(method, url, json_body = nil, headers = nil)
  request_params = {
    :http_method => method,
    :path => url.path,
    :body => json_body,
    :host => "#{url.host}:#{url.port}",
    :headers => headers,
  }
  request_params[:body] ||= ""
  auth_credentials.signature_headers(request_params)
end

#client_name ⇒ Object

# File 'lib/chef/http/authenticator.rb', line 71

def client_name
  @auth_credentials.client_name
end

#handle_request(method, url, headers = {}, data = false) ⇒ Object

# File 'lib/chef/http/authenticator.rb', line 49

def handle_request(method, url, headers = {}, data = false)
  headers["X-Ops-Server-API-Version"] = @api_version
  headers.merge!(authentication_headers(method, url, data, headers)) if sign_requests?
  [method, url, headers, data]
end

#handle_response(http_response, rest_request, return_value) ⇒ Object

# File 'lib/chef/http/authenticator.rb', line 55

def handle_response(http_response, rest_request, return_value)
  [http_response, rest_request, return_value]
end

#handle_stream_complete(http_response, rest_request, return_value) ⇒ Object

# File 'lib/chef/http/authenticator.rb', line 63

def handle_stream_complete(http_response, rest_request, return_value)
  [http_response, rest_request, return_value]
end

#load_signing_key(key_file, raw_key = nil) ⇒ Object

# File 'lib/chef/http/authenticator.rb', line 75

def load_signing_key(key_file, raw_key = nil)
  if !!key_file
    @raw_key = IO.read(key_file).strip
  elsif !!raw_key
    @raw_key = raw_key.strip
  else
    return nil
  end
  @key = OpenSSL::PKey::RSA.new(@raw_key)
rescue SystemCallError, IOError => e
  Chef::Log.warn "Failed to read the private key #{key_file}: #{e.inspect}"
  raise Chef::Exceptions::PrivateKeyMissing, "I cannot read #{key_file}, which you told me to use to sign requests!"
rescue OpenSSL::PKey::RSAError
  msg = "The file #{key_file} or :raw_key option does not contain a correctly formatted private key.\n"
  msg << "The key file should begin with '-----BEGIN RSA PRIVATE KEY-----' and end with '-----END RSA PRIVATE KEY-----'"
  raise Chef::Exceptions::InvalidPrivateKey, msg
end

#sign_requests? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/chef/http/authenticator.rb', line 67

def sign_requests?
  auth_credentials.sign_requests? && @sign_request
end

#stream_response_handler(response) ⇒ Object

# File 'lib/chef/http/authenticator.rb', line 59

def stream_response_handler(response)
  nil
end