Class: Puppet::HTTP::Service::Ca

Inherits:
Puppet::HTTP::Service show all
Defined in:
lib/puppet/http/service/ca.rb

Overview

The CA service is used to handle certificate related REST requests.

Constant Summary collapse

HEADERS =

Returns default headers for the ca service.

Returns:

  • (Hash)

    default headers for the ca service

{ 'Accept' => 'text/plain' }.freeze
API =

Returns default API for the ca service.

Returns:

  • (String)

    default API for the ca service

'/puppet-ca/v1'.freeze

Constants inherited from Puppet::HTTP::Service

EXCLUDED_FORMATS, SERVICE_NAMES

Instance Attribute Summary

Attributes inherited from Puppet::HTTP::Service

#url

Instance Method Summary collapse

Methods inherited from Puppet::HTTP::Service

#connect, create_service, valid_name?, #with_base_url

Constructor Details

#initialize(client, session, server, port) ⇒ Ca

Use `Puppet::HTTP::Session.route_to(:ca)` to create or get an instance of this class.

Parameters:

  • client (Puppet::HTTP::Client)
  • session (Puppet::HTTP::Session)
  • server (String)

    (`Puppet`) If an explicit server is given, create a service using that server. If server is nil, the default value is used to create the service.

  • port (Integer)

    (`Puppet`) If an explicit port is given, create a service using that port. If port is nil, the default value is used to create the service.


22
23
24
25
# File 'lib/puppet/http/service/ca.rb', line 22

def initialize(client, session, server, port)
  url = build_url(API, server || Puppet[:ca_server], port || Puppet[:ca_port])
  super(client, session, url)
end

Instance Method Details

#get_certificate(name, ssl_context: nil) ⇒ Array<Puppet::HTTP::Response, String>

Submit a GET request to retrieve the named certificate from the server.

Parameters:

Returns:

  • (Array<Puppet::HTTP::Response, String>)

    An array containing the request response and the stringified body of the request response


36
37
38
39
40
41
42
43
44
45
46
# File 'lib/puppet/http/service/ca.rb', line 36

def get_certificate(name, ssl_context: nil)
  response = @client.get(
    with_base_url("/certificate/#{name}"),
    headers: add_puppet_headers(HEADERS),
    options: {ssl_context: ssl_context}
  )

  process_response(response)

  [response, response.body.to_s]
end

#get_certificate_revocation_list(if_modified_since: nil, ssl_context: nil) ⇒ Array<Puppet::HTTP::Response, String>

Submit a GET request to retrieve the certificate revocation list from the

server.

Parameters:

  • if_modified_since (Time) (defaults to: nil)

    If not nil, only download the CRL if it has been modified since the specified time.

  • ssl_context (Puppet::SSL::SSLContext) (defaults to: nil)

Returns:

  • (Array<Puppet::HTTP::Response, String>)

    An array containing the request response and the stringified body of the request response


59
60
61
62
63
64
65
66
67
68
69
70
71
72
# File 'lib/puppet/http/service/ca.rb', line 59

def get_certificate_revocation_list(if_modified_since: nil, ssl_context: nil)
  headers = add_puppet_headers(HEADERS)
  headers['If-Modified-Since'] = if_modified_since.httpdate if if_modified_since

  response = @client.get(
    with_base_url("/certificate_revocation_list/ca"),
    headers: headers,
    options: {ssl_context: ssl_context}
  )

  process_response(response)

  [response, response.body.to_s]
end

#put_certificate_request(name, csr, ssl_context: nil) ⇒ Puppet::HTTP::Response

Submit a PUT request to send a certificate request to the server.

Parameters:

Returns:


84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
# File 'lib/puppet/http/service/ca.rb', line 84

def put_certificate_request(name, csr, ssl_context: nil)
  headers = add_puppet_headers(HEADERS)
  headers['Content-Type'] = 'text/plain'

  response = @client.put(
    with_base_url("/certificate_request/#{name}"),
    csr.to_pem,
    headers: headers,
    options: {
      ssl_context: ssl_context
    }
  )

  process_response(response)

  response
end