Module: Conjur::API::Router::V4

Extended by:
V4, Escape::ClassMethods
Included in:
V4
Defined in:
lib/conjur/api/router/v4.rb

Instance Method Summary collapse

Methods included from Escape::ClassMethods

fully_escape, path_escape, path_or_query_escape, query_escape

Instance Method Details

#authn_authenticate(account, username) ⇒ Object 



14
15
16
17
 
# File 'lib/conjur/api/router/v4.rb', line 14

def authn_authenticate , username
  ()
  RestClient::Resource.new(Conjur.configuration.authn_url)['users'][fully_escape username]['authenticate']
end

#authn_authenticate_local(username, account, expiration, cidr, &block) ⇒ Object

For v4, the authn-local message is the username.



20
21
22
23
24
25
26
27
 
# File 'lib/conjur/api/router/v4.rb', line 20

def authn_authenticate_local username, , expiration, cidr, &block
  ()
  
  raise "'expiration' is not supported for authn-local v4" if expiration
  raise "'cidr' is not supported for authn-local v4" if cidr

  username
end

#authn_login(account, username, password) ⇒ Object 



9
10
11
12
 
# File 'lib/conjur/api/router/v4.rb', line 9

def  , username, password
  ()
  RestClient::Resource.new(Conjur.configuration.authn_url, user: username, password: password)['users/login']
end

#authn_rotate_api_key(credentials, account, id) ⇒ Object 



29
30
31
32
33
34
35
36
37
 
# File 'lib/conjur/api/router/v4.rb', line 29

def authn_rotate_api_key credentials, , id
  ()
  username = if id.kind == "user"
    id.identifier
  else
    [ id.kind, id.identifier ].join('/')
  end
  RestClient::Resource.new(Conjur.configuration.authn_url, credentials)['users']["api_key?id=#{username}"]
end

#authn_rotate_own_api_key(account, username, password) ⇒ Object 



39
40
41
42
 
# File 'lib/conjur/api/router/v4.rb', line 39

def authn_rotate_own_api_key , username, password
  ()
  RestClient::Resource.new(Conjur.configuration.authn_url, user: username, password: password)['users']["api_key"]
end

#group_attributes(credentials, resource, id) ⇒ Object 



104
105
106
107
 
# File 'lib/conjur/api/router/v4.rb', line 104

def group_attributes credentials, resource, id
  (id.)
  JSON.parse(RestClient::Resource.new(Conjur.configuration.core_url, credentials)['groups'][fully_escape id.identifier].get)
end

#host_factory_create_host(token) ⇒ Object 



44
45
46
47
48
49
 
# File 'lib/conjur/api/router/v4.rb', line 44

def host_factory_create_host token
  http_options = {
    headers: { authorization: %Q(Token token="#{token}") }
  }
  RestClient::Resource.new(Conjur.configuration.core_url, http_options)['host_factories']['hosts']
end

#host_factory_create_tokens(credentials, id) ⇒ Object 



51
52
53
 
# File 'lib/conjur/api/router/v4.rb', line 51

def host_factory_create_tokens credentials, id
  RestClient::Resource.new(Conjur.configuration.core_url, credentials)['host_factories'][id.identifier]['tokens']
end

#host_factory_revoke_token(credentials, token) ⇒ Object 



55
56
57
 
# File 'lib/conjur/api/router/v4.rb', line 55

def host_factory_revoke_token credentials, token
  RestClient::Resource.new(Conjur.configuration.core_url, credentials)['host_factories']['tokens'][token]
end

#parse_group_gidnumber(attributes) ⇒ Object 



119
120
121
 
# File 'lib/conjur/api/router/v4.rb', line 119

def parse_group_gidnumber attributes
  attributes['gidnumber']
end

#parse_members(credentials, result) ⇒ Object 



135
136
137
138
139
 
# File 'lib/conjur/api/router/v4.rb', line 135

def parse_members credentials, result
  result.collect do |json|
    RoleGrant.parse_from_json(json, credentials)
  end
end

#parse_user_uidnumber(attributes) ⇒ Object 



123
124
125
 
# File 'lib/conjur/api/router/v4.rb', line 123

def parse_user_uidnumber attributes
  attributes['uidnumber']
end

#parse_variable_kind(attributes) ⇒ Object 



127
128
129
 
# File 'lib/conjur/api/router/v4.rb', line 127

def parse_variable_kind attributes
  attributes['kind']
end

#parse_variable_mime_type(attributes) ⇒ Object 



131
132
133
 
# File 'lib/conjur/api/router/v4.rb', line 131

def parse_variable_mime_type attributes
  attributes['mime_type']
end

#resources_check(credentials, id, privilege, role) ⇒ Object 



63
64
65
66
67
68
69
70
71
72
73
 
# File 'lib/conjur/api/router/v4.rb', line 63

def resources_check credentials, id, privilege, role
  options = {}
  options[:check] = true
  options[:privilege] = privilege
  if role
    options[:resource_id] = id
    roles_role(credentials, Id.new(role))[options_querystring options].get
  else
    resources_resource(credentials, id)[options_querystring options].get
  end
end

#resources_permitted_roles(credentials, id, privilege) ⇒ Object 



75
76
77
 
# File 'lib/conjur/api/router/v4.rb', line 75

def resources_permitted_roles credentials, id, privilege
  RestClient::Resource.new(Conjur.configuration.core_url, credentials)['authz'][id.]['roles']['allowed_to'][privilege][id.kind][id.identifier]
end

#resources_resource(credentials, id) ⇒ Object 



59
60
61
 
# File 'lib/conjur/api/router/v4.rb', line 59

def resources_resource credentials, id
  RestClient::Resource.new(Conjur.configuration.core_url, credentials)['authz'][id.]['resources'][id.kind][id.identifier]
end

#roles_role(credentials, id) ⇒ Object 



79
80
81
 
# File 'lib/conjur/api/router/v4.rb', line 79

def roles_role credentials, id
  RestClient::Resource.new(Conjur.configuration.core_url, credentials)['authz'][id.]['roles'][id.kind][id.identifier]
end

#secrets_add(credentials, id) ⇒ Object 



83
84
85
86
 
# File 'lib/conjur/api/router/v4.rb', line 83

def secrets_add credentials, id
  (id.)
  RestClient::Resource.new(Conjur.configuration.core_url, credentials)['variables'][fully_escape id.identifier]['values']
end

#secrets_value(credentials, id, options) ⇒ Object 



93
94
95
 
# File 'lib/conjur/api/router/v4.rb', line 93

def secrets_value credentials, id, options
  RestClient::Resource.new(Conjur.configuration.core_url, credentials)['variables'][fully_escape id.identifier]['value'][options_querystring options]
end

#secrets_values(credentials, variable_ids) ⇒ Object 



97
98
99
100
101
102
 
# File 'lib/conjur/api/router/v4.rb', line 97

def secrets_values credentials, variable_ids
  options = {
    vars: Array(variable_ids).map { |v| fully_escape(v.identifier) }.join(',')
  }
  RestClient::Resource.new(Conjur.configuration.core_url, credentials)['variables']['values'][options_querystring options]
end

#user_attributes(credentials, resource, id) ⇒ Object 



114
115
116
117
 
# File 'lib/conjur/api/router/v4.rb', line 114

def user_attributes credentials, resource, id
  (id.)
  JSON.parse(RestClient::Resource.new(Conjur.configuration.core_url, credentials)['users'][fully_escape id.identifier].get)
end

#variable(credentials, id) ⇒ Object 



88
89
90
91
 
# File 'lib/conjur/api/router/v4.rb', line 88

def variable credentials, id
  (id.)
  RestClient::Resource.new(Conjur.configuration.core_url, credentials)['variables'][fully_escape id.identifier]
end

#variable_attributes(credentials, resource, id) ⇒ Object 



109
110
111
112
 
# File 'lib/conjur/api/router/v4.rb', line 109

def variable_attributes credentials, resource, id
  (id.)
  JSON.parse(RestClient::Resource.new(Conjur.configuration.core_url, credentials)['variables'][fully_escape id.identifier].get)
end