Class: Ridley::Middleware::ChefAuth

Inherits:
Faraday::Middleware
  • Object
show all
Extended by:
Mixlib::Authentication
Includes:
Logging
Defined in:
lib/ridley/middleware/chef_auth.rb

Overview

Author:

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Logging

logger, #logger, set_logger

Constructor Details

#initialize(app, client_name, client_key) ⇒ ChefAuth

Returns a new instance of ChefAuth


51
52
53
54
55
# File 'lib/ridley/middleware/chef_auth.rb', line 51

def initialize(app, client_name, client_key)
  super(app)
  @client_name = client_name
  @client_key  = client_key
end

Instance Attribute Details

#client_keyObject (readonly)

Returns the value of attribute client_key


49
50
51
# File 'lib/ridley/middleware/chef_auth.rb', line 49

def client_key
  @client_key
end

#client_nameObject (readonly)

Returns the value of attribute client_name


48
49
50
# File 'lib/ridley/middleware/chef_auth.rb', line 48

def client_name
  @client_name
end

Class Method Details

.authentication_headers(client_name, client_key, options = {}) ⇒ Object

Generate authentication headers for a request to a Chef Server

Parameters:

  • client_name (String)
  • client_key (String)
  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • :host (String)

See Also:

  • for options

18
19
20
21
22
# File 'lib/ridley/middleware/chef_auth.rb', line 18

def authentication_headers(client_name, client_key, options = {})
  rsa_key = OpenSSL::PKey::RSA.new(File.read(client_key))
  headers = signing_object(client_name, options).sign(rsa_key).merge(host: options[:host])
  headers.inject({}) { |memo, kv| memo["#{kv[0].to_s.upcase}"] = kv[1];memo }
end

.signing_object(client_name, options = {}) ⇒ SigningObject

Create a signing object for a Request to a Chef Server

Parameters:

  • client_name (String)
  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • :http_method (String)
  • :path (String)
  • :body (String)
  • :timestamp (Time)

Returns:

  • (SigningObject)

34
35
36
37
38
39
40
41
42
43
# File 'lib/ridley/middleware/chef_auth.rb', line 34

def signing_object(client_name, options = {})
  options = options.reverse_merge(
    body: String.new,
    timestamp: Time.now.utc.iso8601
  )
  options[:user_id]       = client_name
  options[:proto_version] = "1.0"

  SignedHeaderAuth.signing_object(options)
end

Instance Method Details

#call(env) ⇒ Object


57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
# File 'lib/ridley/middleware/chef_auth.rb', line 57

def call(env)
  signing_options = {
    http_method: env[:method],
    host: env[:url].host || "localhost",
    path: env[:url].path,
    body: env[:body] || ''
  }
  authentication_headers = self.class.authentication_headers(client_name, client_key, signing_options)

  env[:request_headers] = default_headers.merge(env[:request_headers]).merge(authentication_headers)
  env[:request_headers] = env[:request_headers].merge('Content-Length' => env[:body].bytesize.to_s) if env[:body]

  log.debug { "==> performing authenticated Chef request as '#{client_name}'"}
  log.debug { "request env: #{env}"}

  @app.call(env)
end