Class: Puppet::HTTP::Service::Ca

Inherits:
Puppet::HTTP::Service show all
Defined in:
lib/puppet/http/service/ca.rb

Overview

The CA service is used to handle certificate related REST requests.

Constant Summary collapse

HEADERS =

Returns default headers for the ca service.

{ 'Accept' => 'text/plain' }.freeze
API =

Returns default API for the ca service.

'/puppet-ca/v1'

Constants inherited from Puppet::HTTP::Service

EXCLUDED_FORMATS, SERVICE_NAMES

Instance Attribute Summary

Attributes inherited from Puppet::HTTP::Service

#url

Instance Method Summary collapse

Methods inherited from Puppet::HTTP::Service

#connect, create_service, valid_name?, #with_base_url

Constructor Details

#initialize(client, session, server, port) ⇒ Ca

Use ‘Puppet::HTTP::Session.route_to(:ca)` to create or get an instance of this class.



24
25
26
27
 
# File 'lib/puppet/http/service/ca.rb', line 24

def initialize(client, session, server, port)
  url = build_url(API, server || Puppet[:ca_server], port || Puppet[:ca_port])
  super(client, session, url)
end

Instance Method Details

#get_certificate(name, if_modified_since: nil, ssl_context: nil) ⇒ Array<Puppet::HTTP::Response, String>

Submit a GET request to retrieve the named certificate from the server.



40
41
42
43
44
45
46
47
48
49
50
51
52
53
 
# File 'lib/puppet/http/service/ca.rb', line 40

def get_certificate(name, if_modified_since: nil, ssl_context: nil)
  headers = add_puppet_headers(HEADERS)
  headers['If-Modified-Since'] = if_modified_since.httpdate if if_modified_since

  response = @client.get(
    with_base_url("/certificate/#{name}"),
    headers: headers,
    options: { ssl_context: ssl_context }
  )

  process_response(response)

  [response, response.body.to_s]
end

#get_certificate_revocation_list(if_modified_since: nil, ssl_context: nil) ⇒ Array<Puppet::HTTP::Response, String>

Submit a GET request to retrieve the certificate revocation list from the

server.



66
67
68
69
70
71
72
73
74
75
76
77
78
79
 
# File 'lib/puppet/http/service/ca.rb', line 66

def get_certificate_revocation_list(if_modified_since: nil, ssl_context: nil)
  headers = add_puppet_headers(HEADERS)
  headers['If-Modified-Since'] = if_modified_since.httpdate if if_modified_since

  response = @client.get(
    with_base_url("/certificate_revocation_list/ca"),
    headers: headers,
    options: { ssl_context: ssl_context }
  )

  process_response(response)

  [response, response.body.to_s]
end

#post_certificate_renewal(ssl_context) ⇒ Array<Puppet::HTTP::Response, String>

Submit a POST request to send a certificate renewal request to the server

Raises:

  • (ArgumentError) 


116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
 
# File 'lib/puppet/http/service/ca.rb', line 116

def post_certificate_renewal(ssl_context)
  headers = add_puppet_headers(HEADERS)
  headers['Content-Type'] = 'text/plain'

  response = @client.post(
    with_base_url('/certificate_renewal'),
    '', # Puppet::HTTP::Client.post requires a body, the API endpoint does not
    headers: headers,
    options: { ssl_context: ssl_context }
  )

  raise ArgumentError, _('SSL context must contain a client certificate.') unless ssl_context.client_cert

  process_response(response)

  [response, response.body.to_s]
end

#put_certificate_request(name, csr, ssl_context: nil) ⇒ Puppet::HTTP::Response

Submit a PUT request to send a certificate request to the server.



91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
 
# File 'lib/puppet/http/service/ca.rb', line 91

def put_certificate_request(name, csr, ssl_context: nil)
  headers = add_puppet_headers(HEADERS)
  headers['Content-Type'] = 'text/plain'

  response = @client.put(
    with_base_url("/certificate_request/#{name}"),
    csr.to_pem,
    headers: headers,
    options: {
      ssl_context: ssl_context
    }
  )

  process_response(response)

  response
end