Class: Puppet::Context::TrustedInformation Private
- Defined in:
- lib/puppet/context/trusted_information.rb
This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.
Instance Attribute Summary collapse
-
#authenticated ⇒ String, Boolean
readonly
private
one of ‘remote’, ‘local’, or false, where ‘remote’ is authenticated via cert, ‘local’ is trusted by virtue of running on the same machine (not a remote request), and false is an unauthenticated remote request.
-
#certname ⇒ String
readonly
private
The validated certificate name used for the request.
-
#domain ⇒ String
readonly
private
The domain name derived from the validated certificate name.
-
#extensions ⇒ Hash{Object => Object}
readonly
private
Extra information that comes from the trusted certificate’s extensions.
-
#hostname ⇒ String
readonly
private
The hostname derived from the validated certificate name.
Class Method Summary collapse
Instance Method Summary collapse
-
#external ⇒ Hash
private
Additional external facts loaded through ‘trusted_external_command`.
-
#initialize(authenticated, certname, extensions, external = {}) ⇒ TrustedInformation
constructor
private
A new instance of TrustedInformation.
- #to_h ⇒ Object private
Constructor Details
#initialize(authenticated, certname, extensions, external = {}) ⇒ TrustedInformation
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Returns a new instance of TrustedInformation.
32 33 34 35 36 37 38 39 40 41 42 43 44 45 |
# File 'lib/puppet/context/trusted_information.rb', line 32 def initialize(authenticated, certname, extensions, external = {}) @authenticated = authenticated.freeze @certname = certname.freeze @extensions = extensions.freeze if @certname hostname, domain = @certname.split('.', 2) else hostname = nil domain = nil end @hostname = hostname.freeze @domain = domain.freeze @external = external.is_a?(Proc) ? external : external.freeze end |
Instance Attribute Details
#authenticated ⇒ String, Boolean (readonly)
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
one of ‘remote’, ‘local’, or false, where ‘remote’ is authenticated via cert, ‘local’ is trusted by virtue of running on the same machine (not a remote request), and false is an unauthenticated remote request.
10 11 12 |
# File 'lib/puppet/context/trusted_information.rb', line 10 def authenticated @authenticated end |
#certname ⇒ String (readonly)
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
The validated certificate name used for the request
15 16 17 |
# File 'lib/puppet/context/trusted_information.rb', line 15 def certname @certname end |
#domain ⇒ String (readonly)
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
The domain name derived from the validated certificate name
25 26 27 |
# File 'lib/puppet/context/trusted_information.rb', line 25 def domain @domain end |
#extensions ⇒ Hash{Object => Object} (readonly)
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Extra information that comes from the trusted certificate’s extensions.
20 21 22 |
# File 'lib/puppet/context/trusted_information.rb', line 20 def extensions @extensions end |
#hostname ⇒ String (readonly)
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
The hostname derived from the validated certificate name
30 31 32 |
# File 'lib/puppet/context/trusted_information.rb', line 30 def hostname @hostname end |
Class Method Details
.local(node) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
65 66 67 68 69 70 71 |
# File 'lib/puppet/context/trusted_information.rb', line 65 def self.local(node) # Always trust local data by picking up the available parameters. client_cert = node ? node.parameters['clientcert'] : nil external = proc { retrieve_trusted_external(client_cert) } new('local', client_cert, {}, external) end |
.remote(authenticated, node_name, certificate) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 |
# File 'lib/puppet/context/trusted_information.rb', line 47 def self.remote(authenticated, node_name, certificate) external = proc { retrieve_trusted_external(node_name) } if authenticated extensions = {} if certificate.nil? Puppet.info(_('TrustedInformation expected a certificate, but none was given.')) else extensions = Hash[certificate.custom_extensions.collect do |ext| [ext['oid'].freeze, ext['value'].freeze] end] end new('remote', node_name, extensions, external) else new(false, nil, {}, external) end end |
Instance Method Details
#external ⇒ Hash
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Additional external facts loaded through ‘trusted_external_command`.
76 77 78 79 80 81 |
# File 'lib/puppet/context/trusted_information.rb', line 76 def external if @external.is_a?(Proc) @external = @external.call.freeze end @external end |
#to_h ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
110 111 112 113 114 115 116 117 118 119 |
# File 'lib/puppet/context/trusted_information.rb', line 110 def to_h { 'authenticated'.freeze => authenticated, 'certname'.freeze => certname, 'extensions'.freeze => extensions, 'hostname'.freeze => hostname, 'domain'.freeze => domain, 'external'.freeze => external, }.freeze end |