Module: Puppet::Rest::Routes

Defined in:: lib/puppet/rest/routes.rb

Constant Summary collapse

ACCEPT_ENCODING =

'gzip;q=1.0,deflate;q=0.6,identity;q=0.3'

Class Method Summary collapse

.ca ⇒ Object
.clear ⇒ Object
.get_certificate(name, ssl_context) ⇒ String

Make an HTTP request to fetch the named certificate.
.get_certificate_request(name, ssl_context) ⇒ String deprecated Deprecated.
.get_crls(name, ssl_context, if_modified_since: nil) ⇒ String

Make an HTTP request to fetch the named crl.
.put_certificate_request(csr_pem, name, ssl_context) ⇒ Object

Make an HTTP request to send the named CSR.

Class Method Details

.ca ⇒ `Object`

# File 'lib/puppet/rest/routes.rb', line 13

def self.ca
  Puppet.deprecation_warning("Puppet::Rest::Routes is deprecated, use Puppet::HTTP::Client instead")

  @ca ||= Route.new(api: '/puppet-ca/v1/',
                    server_setting: :ca_server,
                    port_setting: :ca_port,
                    srv_service: :ca)
end

.clear ⇒ `Object`


22
23
24

# File 'lib/puppet/rest/routes.rb', line 22

def self.clear
  @ca = nil
end

.get_certificate(name, ssl_context) ⇒ `String`

Make an HTTP request to fetch the named certificate.

Raises:

(Puppet::Rest::ResponseError) —

if the response status is not OK

# File 'lib/puppet/rest/routes.rb', line 32

def self.get_certificate(name, ssl_context)
  ca.with_base_url(Puppet::Network::Resolver.new) do |url|
    header = { 'Accept' => 'text/plain', 'Accept-Encoding' => ACCEPT_ENCODING }
    url.path += "certificate/#{name}"

    use_ssl = url.is_a? URI::HTTPS

    client = Puppet::Network::HttpPool.connection(url.host, url.port, use_ssl: use_ssl, ssl_context: ssl_context)

    response = client.get(url.request_uri, header)
    unless response.code.to_i == 200
      raise Puppet::Rest::ResponseError.new(response.message, response)
    end

    Puppet.info _("Downloaded certificate for %{name} from %{server}") % { name: name, server: ca.server }

    uncompress_body(response)
  end
end

.get_certificate_request(name, ssl_context) ⇒ `String`

Deprecated.

Make an HTTP request to get the named CSR.

Raises:

(Puppet::Rest::ResponseError) —

if the response status is not OK

# File 'lib/puppet/rest/routes.rb', line 115

def self.get_certificate_request(name, ssl_context)
  ca.with_base_url(Puppet::Network::Resolver.new) do |url|
    header = { 'Accept' => 'text/plain', 'Accept-Encoding' => ACCEPT_ENCODING }
    url.path += "certificate_request/#{name}"

    use_ssl = url.is_a? URI::HTTPS

    client = Puppet::Network::HttpPool.connection(url.host, url.port, use_ssl: use_ssl, ssl_context: ssl_context)

    response = client.get(url.request_uri, header)
    unless response.code.to_i == 200
      raise Puppet::Rest::ResponseError.new(response.message, response)
    end

    Puppet.debug _("Downloaded existing certificate request for %{name} from %{server}") % { name: name, server: ca.server }

    uncompress_body(response)
  end
end

.get_crls(name, ssl_context, if_modified_since: nil) ⇒ `String`

Make an HTTP request to fetch the named crl.

Raises:

(Puppet::Rest::ResponseError) —

if the response status is not OK

# File 'lib/puppet/rest/routes.rb', line 60

def self.get_crls(name, ssl_context, if_modified_since: nil)
  ca.with_base_url(Puppet::Network::Resolver.new) do |url|
    header = { 'Accept' => 'text/plain', 'Accept-Encoding' => ACCEPT_ENCODING }
    header['If-Modified-Since'] = if_modified_since.httpdate if if_modified_since

    url.path += "certificate_revocation_list/#{name}"

    use_ssl = url.is_a? URI::HTTPS

    client = Puppet::Network::HttpPool.connection(url.host, url.port, use_ssl: use_ssl, ssl_context: ssl_context)

    response = client.get(url.request_uri, header)
    unless response.code.to_i == 200
      raise Puppet::Rest::ResponseError.new(response.message, response)
    end

    Puppet.info _("Downloaded certificate revocation list for %{name} from %{server}") % { name: name, server: ca.server }

    uncompress_body(response)
  end
end

.put_certificate_request(csr_pem, name, ssl_context) ⇒ `Object`

Make an HTTP request to send the named CSR.

Raises:

(Puppet::Rest::ResponseError) —

if the response status is not OK

# File 'lib/puppet/rest/routes.rb', line 88

def self.put_certificate_request(csr_pem, name, ssl_context)
  ca.with_base_url(Puppet::Network::Resolver.new) do |url|
    header = { 'Accept' => 'text/plain',
               'Accept-Encoding' => ACCEPT_ENCODING,
               'Content-Type' => 'text/plain' }
    url.path += "certificate_request/#{name}"

    use_ssl = url.is_a? URI::HTTPS

    client = Puppet::Network::HttpPool.connection(url.host, url.port, use_ssl: use_ssl, ssl_context: ssl_context)

    response = client.put(url.request_uri, csr_pem, header)
    if response.code.to_i == 200
      Puppet.debug "Submitted certificate request to server."
    else
      raise Puppet::Rest::ResponseError.new(response.message, response)
    end
  end
end

Module: Puppet::Rest::Routes

Constant Summary collapse

Class Method Summary collapse

Class Method Details

.ca ⇒ Object

.clear ⇒ Object

.get_certificate(name, ssl_context) ⇒ String

.get_certificate_request(name, ssl_context) ⇒ String

.get_crls(name, ssl_context, if_modified_since: nil) ⇒ String

.put_certificate_request(csr_pem, name, ssl_context) ⇒ Object

.ca ⇒ `Object`

.clear ⇒ `Object`

.get_certificate(name, ssl_context) ⇒ `String`

.get_certificate_request(name, ssl_context) ⇒ `String`

.get_crls(name, ssl_context, if_modified_since: nil) ⇒ `String`

.put_certificate_request(csr_pem, name, ssl_context) ⇒ `Object`