Module: Puppet::Rest::Routes

Defined in:
lib/puppet/rest/routes.rb

Constant Summary collapse

ACCEPT_ENCODING =
'gzip;q=1.0,deflate;q=0.6,identity;q=0.3'

Class Method Summary collapse

Class Method Details

.caObject


13
14
15
16
17
18
19
20
# File 'lib/puppet/rest/routes.rb', line 13

def self.ca
  Puppet.deprecation_warning("Puppet::Rest::Routes is deprecated, use Puppet::HTTP::Client instead")

  @ca ||= Route.new(api: '/puppet-ca/v1/',
                    server_setting: :ca_server,
                    port_setting: :ca_port,
                    srv_service: :ca)
end

.clearObject


22
23
24
# File 'lib/puppet/rest/routes.rb', line 22

def self.clear
  @ca = nil
end

.get_certificate(name, ssl_context) ⇒ String

Make an HTTP request to fetch the named certificate.

Raises:


32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
# File 'lib/puppet/rest/routes.rb', line 32

def self.get_certificate(name, ssl_context)
  ca.with_base_url(Puppet::Network::Resolver.new) do |url|
    header = { 'Accept' => 'text/plain', 'Accept-Encoding' => ACCEPT_ENCODING }
    url.path += "certificate/#{name}"

    use_ssl = url.is_a? URI::HTTPS

    client = Puppet::Network::HttpPool.connection(url.host, url.port, use_ssl: use_ssl, ssl_context: ssl_context)

    response = client.get(url.request_uri, header)
    unless response.code.to_i == 200
      raise Puppet::Rest::ResponseError.new(response.message, response)
    end

    Puppet.info _("Downloaded certificate for %{name} from %{server}") % { name: name, server: ca.server }

    uncompress_body(response)
  end
end

.get_certificate_request(name, ssl_context) ⇒ String

Deprecated.

Make an HTTP request to get the named CSR.

Raises:


115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
# File 'lib/puppet/rest/routes.rb', line 115

def self.get_certificate_request(name, ssl_context)
  ca.with_base_url(Puppet::Network::Resolver.new) do |url|
    header = { 'Accept' => 'text/plain', 'Accept-Encoding' => ACCEPT_ENCODING }
    url.path += "certificate_request/#{name}"

    use_ssl = url.is_a? URI::HTTPS

    client = Puppet::Network::HttpPool.connection(url.host, url.port, use_ssl: use_ssl, ssl_context: ssl_context)

    response = client.get(url.request_uri, header)
    unless response.code.to_i == 200
      raise Puppet::Rest::ResponseError.new(response.message, response)
    end

    Puppet.debug _("Downloaded existing certificate request for %{name} from %{server}") % { name: name, server: ca.server }

    uncompress_body(response)
  end
end

.get_crls(name, ssl_context, if_modified_since: nil) ⇒ String

Make an HTTP request to fetch the named crl.

Raises:


60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
# File 'lib/puppet/rest/routes.rb', line 60

def self.get_crls(name, ssl_context, if_modified_since: nil)
  ca.with_base_url(Puppet::Network::Resolver.new) do |url|
    header = { 'Accept' => 'text/plain', 'Accept-Encoding' => ACCEPT_ENCODING }
    header['If-Modified-Since'] = if_modified_since.httpdate if if_modified_since

    url.path += "certificate_revocation_list/#{name}"

    use_ssl = url.is_a? URI::HTTPS

    client = Puppet::Network::HttpPool.connection(url.host, url.port, use_ssl: use_ssl, ssl_context: ssl_context)

    response = client.get(url.request_uri, header)
    unless response.code.to_i == 200
      raise Puppet::Rest::ResponseError.new(response.message, response)
    end

    Puppet.info _("Downloaded certificate revocation list for %{name} from %{server}") % { name: name, server: ca.server }

    uncompress_body(response)
  end
end

.put_certificate_request(csr_pem, name, ssl_context) ⇒ Object

Make an HTTP request to send the named CSR.

Raises:


88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
# File 'lib/puppet/rest/routes.rb', line 88

def self.put_certificate_request(csr_pem, name, ssl_context)
  ca.with_base_url(Puppet::Network::Resolver.new) do |url|
    header = { 'Accept' => 'text/plain',
               'Accept-Encoding' => ACCEPT_ENCODING,
               'Content-Type' => 'text/plain' }
    url.path += "certificate_request/#{name}"

    use_ssl = url.is_a? URI::HTTPS

    client = Puppet::Network::HttpPool.connection(url.host, url.port, use_ssl: use_ssl, ssl_context: ssl_context)

    response = client.put(url.request_uri, csr_pem, header)
    if response.code.to_i == 200
      Puppet.debug "Submitted certificate request to server."
    else
      raise Puppet::Rest::ResponseError.new(response.message, response)
    end
  end
end