Class: Conjur::Proxy

Inherits:
Object
  • Object
show all
Defined in:
lib/conjur/proxy.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(url, conjur) ⇒ Proxy

Returns a new instance of Proxy.



28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
 
# File 'lib/conjur/proxy.rb', line 28

def initialize url, conjur
  @conjur = conjur
  @proxy = Rack::StreamingProxy::Proxy.new nil do |request|
    ret = "#{url}#{request.path}"

    unless request.query_string.empty?
      ret = "#{ret}?#{request.query_string}"
    end

    ret
  end

  #Added support for multiple authorization headers
  @auth_method = "conjur"
  @basic_username = ""
  @basic_password = ""
end

Instance Attribute Details

#auth_methodObject (readonly)

Returns the value of attribute auth_method.



46
47
48
 
# File 'lib/conjur/proxy.rb', line 46

def auth_method
  @auth_method
end

#basic_passwordObject (readonly)

Returns the value of attribute basic_password.



46
47
48
 
# File 'lib/conjur/proxy.rb', line 46

def basic_password
  @basic_password
end

#basic_usernameObject (readonly)

Returns the value of attribute basic_username.



46
47
48
 
# File 'lib/conjur/proxy.rb', line 46

def basic_username
  @basic_username
end

#conjurObject (readonly)

Returns the value of attribute conjur.



46
47
48
 
# File 'lib/conjur/proxy.rb', line 46

def conjur
  @conjur
end

#proxyObject (readonly)

Returns the value of attribute proxy.



46
47
48
 
# File 'lib/conjur/proxy.rb', line 46

def proxy
  @proxy
end

Instance Method Details

#call(env) ⇒ Object 



48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
 
# File 'lib/conjur/proxy.rb', line 48

def call env
	
	if @auth_method == "basic"
		header = Base64.strict_encode64(@basic_username+':'+@basic_password)
		authorization_header = 'Basic '+header
		env['HTTP_AUTHORIZATION'] = authorization_header
	else
  		env['HTTP_AUTHORIZATION'] = conjur.credentials[:headers][:authorization]
	end

  if (env['REQUEST_METHOD'] == 'POST' || env['REQUEST_METHOD'] == 'PUT')
    if !env.include?('CONTENT_LENGTH') && (!env.include?('TRANSFER_ENCODING') ||
        env['TRANSFER_ENCODING'] != 'chunked')
      env['CONTENT_LENGTH'] = '0'
    end
  end

  ret = proxy.call env

  # hack for Docker Hub & Registry API
  if ret[1].include?('x-docker-endpoints')
    ret[1]['x-docker-endpoints'] = env['HTTP_HOST']
  end

  ret
end

#configure(options = {}) ⇒ Object 



75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
 
# File 'lib/conjur/proxy.rb', line 75

def configure options = {}
  if options[:insecure]
    Net::HTTP.class_eval do
      def use_ssl=(flag)
        flag = flag ? true : false
        if started? and @use_ssl != flag
          raise IOError, "use_ssl value changed, but session already started"
        end
        @use_ssl = flag

        self.verify_mode = OpenSSL::SSL::VERIFY_NONE
      end
    end
  end

  if options[:cacert]
    OpenSSL::SSL::SSLContext::DEFAULT_CERT_STORE.add_file options[:cacert]
  end

  Rack::StreamingProxy::Session.class_eval do
    # set timeout to 30 min, 30 seconds is not enought for uploading
    def start
      @piper = Servolux::Piper.new 'r', timeout: 1600
      @piper.child  { child }
      @piper.parent { parent }
    end
  end

 #check if the auth method is basic
 if options[:t] == "basic"

	@auth_method = "basic"
	@basic_username = @conjur.variable(options[:u]).value
	@basic_password = @conjur.variable(options[:w]).value


 end

end

#start(options = {}) ⇒ Object 



115
116
117
118
119
 
# File 'lib/conjur/proxy.rb', line 115

def start options = {}
  configure options
  
  Rack::Server.start app: self, Port: options[:port] || 8080, Host: options[:address] || '127.0.0.1'
end