Class: Chef::REST

Inherits:
Object
  • Object
show all
Defined in:
lib/chef/rest.rb,
lib/chef/rest/cookie_jar.rb,
lib/chef/rest/rest_request.rb,
lib/chef/rest/auth_credentials.rb

Overview

Chef::REST

Chef’s custom REST client with built-in JSON support and RSA signed header authentication.

Direct Known Subclasses

Shef::ShefREST

Defined Under Namespace

Classes: AuthCredentials, CookieJar, RESTRequest

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(url, client_name = Chef::Config[:node_name], signing_key_filename = Chef::Config[:client_key], options = {}) ⇒ REST

Create a REST client object. The supplied url is used as the base for all subsequent requests. For example, when initialized with a base url localhost:4000, a call to get_rest with ‘nodes’ will make an HTTP GET request to localhost:4000/nodes



44
45
46
47
48
49
50
51
52
# File 'lib/chef/rest.rb', line 44

def initialize(url, client_name=Chef::Config[:node_name], signing_key_filename=Chef::Config[:client_key], options={})
  @url = url
  @cookies = CookieJar.instance
  @default_headers = options[:headers] || {}
  @auth_credentials = AuthCredentials.new(client_name, signing_key_filename)
  @sign_on_redirect, @sign_request = true, true
  @redirects_followed = 0
  @redirect_limit = 10
end

Instance Attribute Details

#auth_credentialsObject (readonly)

Returns the value of attribute auth_credentials.



37
38
39
# File 'lib/chef/rest.rb', line 37

def auth_credentials
  @auth_credentials
end

#cookiesObject

Returns the value of attribute cookies.



38
39
40
# File 'lib/chef/rest.rb', line 38

def cookies
  @cookies
end

#redirect_limitObject

Returns the value of attribute redirect_limit.



38
39
40
# File 'lib/chef/rest.rb', line 38

def redirect_limit
  @redirect_limit
end

#sign_on_redirectObject

Returns the value of attribute sign_on_redirect.



38
39
40
# File 'lib/chef/rest.rb', line 38

def sign_on_redirect
  @sign_on_redirect
end

#urlObject

Returns the value of attribute url.



38
39
40
# File 'lib/chef/rest.rb', line 38

def url
  @url
end

Instance Method Details

#api_request(method, url, headers = {}, data = false) ⇒ Object

Runs an HTTP request to a JSON API. File Download not supported.



210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
# File 'lib/chef/rest.rb', line 210

def api_request(method, url, headers={}, data=false)
  json_body = data ? data.to_json : nil
  headers = build_headers(method, url, headers, json_body)

  retriable_rest_request(method, url, json_body, headers) do |rest_request|
    response = rest_request.call {|r| r.read_body}

    if response.kind_of?(Net::HTTPSuccess)
      if response['content-type'] =~ /json/
        JSON.parse(response.body.chomp)
      else
        Chef::Log.warn("Expected JSON response, but got content-type '#{response['content-type']}'")
        response.body
      end
    elsif redirect_location = redirected_to(response)
      follow_redirect {api_request(:GET, create_url(redirect_location))}
    else
      if response['content-type'] =~ /json/
        exception = JSON.parse(response.body)
        msg = "HTTP Request Returned #{response.code} #{response.message}: "
        msg << (exception["error"].respond_to?(:join) ? exception["error"].join(", ") : exception["error"].to_s)
        Chef::Log.warn(msg)
      end
      response.error!
    end
  end
end

#authentication_headers(method, url, json_body = nil) ⇒ Object



312
313
314
315
316
# File 'lib/chef/rest.rb', line 312

def authentication_headers(method, url, json_body=nil)
  request_params = {:http_method => method, :path => url.path, :body => json_body, :host => "#{url.host}:#{url.port}"}
  request_params[:body] ||= ""
  auth_credentials.signature_headers(request_params)
end

#client_nameObject



58
59
60
# File 'lib/chef/rest.rb', line 58

def client_name
  @auth_credentials.client_name
end

#configObject



326
327
328
# File 'lib/chef/rest.rb', line 326

def config
  Chef::Config
end

#create_url(path) ⇒ Object



138
139
140
141
142
143
144
# File 'lib/chef/rest.rb', line 138

def create_url(path)
  if path =~ /^(http|https):\/\//
    URI.parse(path)
  else
    URI.parse("#{@url}/#{path}")
  end
end

#delete_rest(path, headers = {}) ⇒ Object

Send an HTTP DELETE request to the path



115
116
117
# File 'lib/chef/rest.rb', line 115

def delete_rest(path, headers={})
  api_request(:DELETE, create_url(path), headers)
end

#fetch(path, headers = {}) ⇒ Object

Streams a download to a tempfile, then yields the tempfile to a block. After the download, the tempfile will be closed and unlinked. If you rename the tempfile, it will not be deleted. Beware that if the server streams infinite content, this method will stream it until you run out of disk space.



134
135
136
# File 'lib/chef/rest.rb', line 134

def fetch(path, headers={})
  streaming_request(create_url(path), headers) {|tmp_file| yield tmp_file }
end

#follow_redirectObject



330
331
332
333
334
335
336
337
338
339
340
341
342
343
# File 'lib/chef/rest.rb', line 330

def follow_redirect
  raise Chef::Exceptions::RedirectLimitExceeded if @redirects_followed >= redirect_limit
  @redirects_followed += 1
  Chef::Log.debug("Following redirect #{@redirects_followed}/#{redirect_limit}")
  if @sign_on_redirect
    yield
  else
    @sign_request = false
    yield
  end
ensure
  @redirects_followed = 0
  @sign_request = true
end

#get_rest(path, raw = false, headers = {}) ⇒ Object

Send an HTTP GET request to the path

Using this method to fetch a file is considered deprecated.

Parameters

path

The path to GET

raw

Whether you want the raw body returned, or JSON inflated. Defaults

to JSON inflated.


106
107
108
109
110
111
112
# File 'lib/chef/rest.rb', line 106

def get_rest(path, raw=false, headers={})
  if raw
    streaming_request(create_url(path), headers)
  else
    api_request(:GET, create_url(path), headers)
  end
end

#http_retry_countObject



322
323
324
# File 'lib/chef/rest.rb', line 322

def http_retry_count
  config[:http_retry_count]
end

#http_retry_delayObject



318
319
320
# File 'lib/chef/rest.rb', line 318

def http_retry_delay
  config[:http_retry_delay]
end

#post_rest(path, json, headers = {}) ⇒ Object

Send an HTTP POST request to the path



120
121
122
# File 'lib/chef/rest.rb', line 120

def post_rest(path, json, headers={})
  api_request(:POST, create_url(path), headers, json)
end

#put_rest(path, json, headers = {}) ⇒ Object

Send an HTTP PUT request to the path



125
126
127
# File 'lib/chef/rest.rb', line 125

def put_rest(path, json, headers={})
  api_request(:PUT, create_url(path), headers, json)
end

#register(name = Chef::Config[:node_name], destination = Chef::Config[:client_key]) ⇒ Object

Register the client



67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
# File 'lib/chef/rest.rb', line 67

def register(name=Chef::Config[:node_name], destination=Chef::Config[:client_key])
  if (File.exists?(destination) &&  !File.writable?(destination))
    raise Chef::Exceptions::CannotWritePrivateKey, "I cannot write your private key to #{destination} - check permissions?"
  end
  nc = Chef::ApiClient.new
  nc.name(name)

  catch(:done) do
    retries = config[:client_registration_retries] || 5
    0.upto(retries) do |n|
      begin
        response = nc.save(true, true)
        Chef::Log.debug("Registration response: #{response.inspect}")
        raise Chef::Exceptions::CannotWritePrivateKey, "The response from the server did not include a private key!" unless response.has_key?("private_key")
        # Write out the private key
        file = ::File.open(destination, File::WRONLY|File::EXCL|File::CREAT, 0600)
        file.print(response["private_key"])
        file.close
        throw :done
      rescue IOError
        raise Chef::Exceptions::CannotWritePrivateKey, "I cannot write your private key to #{destination}"
      rescue Net::HTTPFatalError => e
        Chef::Log.warn("Failed attempt #{n} of #{retries+1} on client creation")
        raise unless e.response.code == "500"
      end
    end
  end

  true
end

#retriable_rest_request(method, url, req_body, headers) ⇒ Object



274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
# File 'lib/chef/rest.rb', line 274

def retriable_rest_request(method, url, req_body, headers)
  rest_request = Chef::REST::RESTRequest.new(method, url, req_body, headers)

  Chef::Log.debug("Sending HTTP Request via #{method} to #{url.host}:#{url.port}#{rest_request.path}")

  http_attempts = 0

  begin
    http_attempts += 1

    res = yield rest_request

  rescue Errno::ECONNREFUSED
    if http_retry_count - http_attempts + 1 > 0
      Chef::Log.error("Connection refused connecting to #{url.host}:#{url.port} for #{rest_request.path}, retry #{http_attempts}/#{http_retry_count}")
      sleep(http_retry_delay)
      retry
    end
    raise Errno::ECONNREFUSED, "Connection refused connecting to #{url.host}:#{url.port} for #{rest_request.path}, giving up"
  rescue Timeout::Error
    if http_retry_count - http_attempts + 1 > 0
      Chef::Log.error("Timeout connecting to #{url.host}:#{url.port} for #{rest_request.path}, retry #{http_attempts}/#{http_retry_count}")
      sleep(http_retry_delay)
      retry
    end
    raise Timeout::Error, "Timeout connecting to #{url.host}:#{url.port} for #{rest_request.path}, giving up"
  rescue Net::HTTPServerException
    if res.kind_of?(Net::HTTPForbidden)
      if http_retry_count - http_attempts + 1 > 0
        Chef::Log.error("Received 403 Forbidden against #{url.host}:#{url.port} for #{rest_request.path}, retry #{http_attempts}/#{http_retry_count}")
        sleep(http_retry_delay)
        retry
      end
    end
    raise
  end
end

#run_request(method, url, headers = {}, data = false, limit = nil, raw = false) ⇒ Object

DEPRECATED

Use api_request instead – Actually run an HTTP request. First argument is the HTTP method, which should be one of :GET, :PUT, :POST or :DELETE. Next is the URL, then an object to include in the body (which will be converted with .to_json). The limit argument is unused, it is present for backwards compatibility. Configure the redirect limit with #redirect_limit= instead.

Typically, you won’t use this method – instead, you’ll use one of the helper methods (get_rest, post_rest, etc.)

Will return the body of the response on success.



164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
# File 'lib/chef/rest.rb', line 164

def run_request(method, url, headers={}, data=false, limit=nil, raw=false)
  json_body = data ? data.to_json : nil
  headers = build_headers(method, url, headers, json_body, raw)

  tf = nil

  retriable_rest_request(method, url, json_body, headers) do |rest_request|

    res = rest_request.call do |response|
      if raw
        tf = stream_to_tempfile(url, response)
      else
        response.read_body
      end
    end

    if res.kind_of?(Net::HTTPSuccess)
      if res['content-type'] =~ /json/
        response_body = res.body.chomp
        JSON.parse(response_body)
      else
        if method == :HEAD
          true
        elsif raw
          tf
        else
          res.body
        end
      end
    elsif res.kind_of?(Net::HTTPFound) or res.kind_of?(Net::HTTPMovedPermanently)
      follow_redirect {run_request(:GET, create_url(res['location']), {}, false, nil, raw)}
    elsif res.kind_of?(Net::HTTPNotModified)
      false
    else
      if res['content-type'] =~ /json/
        exception = JSON.parse(res.body)
        msg = "HTTP Request Returned #{res.code} #{res.message}: "
        msg << (exception["error"].respond_to?(:join) ? exception["error"].join(", ") : exception["error"].to_s)
        Chef::Log.warn(msg)
      end
      res.error!
    end
  end
end

#sign_requests?Boolean

Returns:

  • (Boolean)


146
147
148
# File 'lib/chef/rest.rb', line 146

def sign_requests?
  auth_credentials.sign_requests? && @sign_request
end

#signing_keyObject



62
63
64
# File 'lib/chef/rest.rb', line 62

def signing_key
  @auth_credentials.raw_key
end

#signing_key_filenameObject



54
55
56
# File 'lib/chef/rest.rb', line 54

def signing_key_filename
  @auth_credentials.key_file
end

#streaming_request(url, headers, &block) ⇒ Object

Makes a streaming download request. Doesn’t speak JSON. Streams the response body to a tempfile. If a block is given, it’s passed to Tempfile.open(), which means that the tempfile will automatically be unlinked after the block is executed.

If no block is given, the tempfile is returned, which means it’s up to you to unlink the tempfile when you’re done with it.



245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
# File 'lib/chef/rest.rb', line 245

def streaming_request(url, headers, &block)
  headers = build_headers(:GET, url, headers, nil, true)
  retriable_rest_request(:GET, url, nil, headers) do |rest_request|
    tempfile = nil
    response = rest_request.call do |r| 
      if block_given? && r.kind_of?(Net::HTTPSuccess)
        begin
          tempfile = stream_to_tempfile(url, r, &block)
          yield tempfile
        ensure
          tempfile.close!
        end
      else
        tempfile = stream_to_tempfile(url, r)
      end
    end
    if response.kind_of?(Net::HTTPSuccess)
      tempfile
    elsif redirect_location = redirected_to(response)
      # TODO: test tempfile unlinked when following redirects.
      tempfile && tempfile.close!
      follow_redirect {streaming_request(create_url(redirect_location), {}, &block)}
    else
      tempfile && tempfile.close!
      response.error!
    end
  end
end