Class: Compliance::API
- Inherits:
-
Object
- Object
- Compliance::API
- Defined in:
- lib/bundles/inspec-compliance/api.rb
Overview
API Implementation does not hold any state by itself, everything will be stored in local Configuration store
Class Method Summary collapse
-
.exist?(config, profile) ⇒ Boolean
verifies that a profile.
-
.get_token_via_password(url, username, password, insecure) ⇒ Object
Use username and password to get an API access token.
-
.get_token_via_refresh_token(url, refresh_token, insecure) ⇒ Object
Use username and refresh_toke to get an API access token.
-
.profiles(config) ⇒ Object
return all compliance profiles available for the user.
- .upload(config, owner, profile_name, archive_path) ⇒ Object
-
.version(url, insecure) ⇒ Object
return the server api version NB this method does not use Compliance::Configuration to allow for using it before we know the version (e.g. oidc or not).
Class Method Details
.exist?(config, profile) ⇒ Boolean
verifies that a profile
60 61 62 63 64 65 66 67 68 |
# File 'lib/bundles/inspec-compliance/api.rb', line 60 def self.exist?(config, profile) _msg, profiles = Compliance::API.profiles(config) if !profiles.empty? index = profiles.index { |p| "#{p[:org]}/#{p[:name]}" == profile } !index.nil? && index >= 0 else false end end |
.get_token_via_password(url, username, password, insecure) ⇒ Object
Use username and password to get an API access token
105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 |
# File 'lib/bundles/inspec-compliance/api.rb', line 105 def self.get_token_via_password(url, username, password, insecure) uri = URI.parse("#{url}/login") req = Net::HTTP::Post.new(uri.path) req.body = { userid: username, password: password }.to_json access_token = nil response = Compliance::HTTP.send_request(uri, req, insecure) data = response.body if response.code == '200' access_token = data msg = 'Successfully fetched an API access token valid for 12 hours' success = true else success = false msg = "Failed to authenticate to #{url} \n\ Response code: #{response.code}\n Body: #{response.body}" end [success, msg, access_token] end |
.get_token_via_refresh_token(url, refresh_token, insecure) ⇒ Object
Use username and refresh_toke to get an API access token
78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 |
# File 'lib/bundles/inspec-compliance/api.rb', line 78 def self.get_token_via_refresh_token(url, refresh_token, insecure) uri = URI.parse("#{url}/login") req = Net::HTTP::Post.new(uri.path) req.body = { token: refresh_token }.to_json access_token = nil response = Compliance::HTTP.send_request(uri, req, insecure) data = response.body if response.code == '200' begin tokendata = JSON.parse(data) access_token = tokendata['access_token'] msg = 'Successfully fetched API access token' success = true rescue JSON::ParserError => e success = false msg = e. end else success = false msg = "Failed to authenticate to #{url} \n\ Response code: #{response.code}\n Body: #{response.body}" end [success, msg, access_token] end |
.profiles(config) ⇒ Object
return all compliance profiles available for the user
13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 |
# File 'lib/bundles/inspec-compliance/api.rb', line 13 def self.profiles(config) url = "#{config['server']}/user/compliance" # TODO, api should not be dependent on .supported? response = Compliance::HTTP.get(url, config['token'], config['insecure'], !config.supported?(:oidc)) data = response.body response_code = response.code case response_code when '200' msg = 'success' profiles = JSON.parse(data) # iterate over profiles mapped_profiles = profiles.map do |owner, ps| ps.keys.map do |name| { org: owner, name: name } end end.flatten return msg, mapped_profiles when '401' msg = '401 Unauthorized. Please check your token.' return msg, [] else msg = "An unexpected error occurred (HTTP #{response_code}): #{response.}" return msg, [] end end |
.upload(config, owner, profile_name, archive_path) ⇒ Object
70 71 72 73 74 75 |
# File 'lib/bundles/inspec-compliance/api.rb', line 70 def self.upload(config, owner, profile_name, archive_path) # upload the tar to Chef Compliance url = "#{config['server']}/owners/#{owner}/compliance/#{profile_name}/tar" res = Compliance::HTTP.post_file(url, config['token'], archive_path, config['insecure'], !config.supported?(:oidc)) [res.is_a?(Net::HTTPSuccess), res.body] end |
.version(url, insecure) ⇒ Object
return the server api version NB this method does not use Compliance::Configuration to allow for using it before we know the version (e.g. oidc or not)
42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 |
# File 'lib/bundles/inspec-compliance/api.rb', line 42 def self.version(url, insecure) if url.nil? puts " Server configuration information is missing. Please login using `inspec compliance login https://compliance.test --user admin --insecure --token 'PASTE TOKEN HERE' ` " else response = Compliance::HTTP.get(url+'/version', nil, insecure) data = response.body end if !data.nil? JSON.parse(data) else {} end end |