Class: Conjur::Proxy

Inherits:
Object
  • Object
show all
Defined in:
lib/conjur/proxy.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(url, conjur) ⇒ Proxy

Returns a new instance of Proxy.



28
29
30
31
32
33
34
35
36
37
38
39
 
# File 'lib/conjur/proxy.rb', line 28

def initialize url, conjur
  @conjur = conjur
  @proxy = Rack::StreamingProxy::Proxy.new nil do |request|
    ret = "#{url}#{request.path}"

    unless request.query_string.empty?
      ret = "#{ret}?#{request.query_string}"
    end

    ret
  end
end

Instance Attribute Details

#conjurObject (readonly)

Returns the value of attribute conjur.



41
42
43
 
# File 'lib/conjur/proxy.rb', line 41

def conjur
  @conjur
end

#proxyObject (readonly)

Returns the value of attribute proxy.



41
42
43
 
# File 'lib/conjur/proxy.rb', line 41

def proxy
  @proxy
end

Instance Method Details

#call(env) ⇒ Object 



43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
 
# File 'lib/conjur/proxy.rb', line 43

def call env
  env['HTTP_AUTHORIZATION'] = conjur.credentials[:headers][:authorization]

  if (env['REQUEST_METHOD'] == 'POST' || env['REQUEST_METHOD'] == 'PUT')
    if !env.include?('CONTENT_LENGTH') && (!env.include?('TRANSFER_ENCODING') ||
        env['TRANSFER_ENCODING'] != 'chunked')
      env['CONTENT_LENGTH'] = '0'
    end
  end

  ret = proxy.call env

  # hack for Docker Hub & Registry API
  if ret[1].include?('x-docker-endpoints')
    ret[1]['x-docker-endpoints'] = env['HTTP_HOST']
  end

  ret
end

#start(options) ⇒ Object 



63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
 
# File 'lib/conjur/proxy.rb', line 63

def start options
  if options[:insecure]
    Net::HTTP.class_eval do
      def use_ssl=(flag)
        flag = flag ? true : false
        if started? and @use_ssl != flag
          raise IOError, "use_ssl value changed, but session already started"
        end
        @use_ssl = flag

        self.verify_mode = OpenSSL::SSL::VERIFY_NONE
      end
    end
  end

  if options[:cacert]
    OpenSSL::SSL::SSLContext::DEFAULT_CERT_STORE.add_file options[:cacert]
  end

  Rack::StreamingProxy::Session.class_eval do
    # set timeout to 30 min, 30 seconds is not enought for uploading
    def start
      @piper = Servolux::Piper.new 'r', timeout: 1600
      @piper.child  { child }
      @piper.parent { parent }
    end
  end

  Rack::Server.start app: self, Port: options[:port] || 8080, Host: options[:address] || '127.0.0.1'
end