Class: Chef::REST

Inherits:

Object

• Object
• Chef::REST

Defined in:

lib/chef/rest.rb,
lib/chef/rest/cookie_jar.rb,
lib/chef/rest/rest_request.rb,
lib/chef/rest/auth_credentials.rb

Overview

Chef::REST

Chef’s custom REST client with built-in JSON support and RSA signed header authentication.

Direct Known Subclasses

Shef::ShefREST

Defined Under Namespace

Classes: AuthCredentials, CookieJar, NoopInflater, RESTRequest

Constant Summary

CONTENT_ENCODING =

"content-encoding".freeze

GZIP =

"gzip".freeze

DEFLATE =

"deflate".freeze

IDENTITY =

"identity".freeze

Instance Attribute Summary

• #auth_credentials ⇒ Object readonly

  Returns the value of attribute auth_credentials.

• #cookies ⇒ Object

  Returns the value of attribute cookies.

• #redirect_limit ⇒ Object

  Returns the value of attribute redirect_limit.

• #sign_on_redirect ⇒ Object

  Returns the value of attribute sign_on_redirect.

• #url ⇒ Object

  Returns the value of attribute url.

Instance Method Summary

• #api_request(method, url, headers = {}, data = false) ⇒ Object

  Runs an HTTP request to a JSON API.

• #authentication_headers(method, url, json_body = nil) ⇒ Object
• #client_name ⇒ Object
• #config ⇒ Object
• #create_url(path) ⇒ Object
• #decompress_body(response) ⇒ Object
• #delete_rest(path, headers = {}) ⇒ Object

  Send an HTTP DELETE request to the path.

• #fetch(path, headers = {}) ⇒ Object

  Streams a download to a tempfile, then yields the tempfile to a block.

• #follow_redirect ⇒ Object
• #get_rest(path, raw = false, headers = {}) ⇒ Object

  Send an HTTP GET request to the path.

• #http_retry_count ⇒ Object
• #http_retry_delay ⇒ Object
• #initialize(url, client_name = Chef::Config[:node_name], signing_key_filename = Chef::Config[:client_key], options = {}) ⇒ REST constructor

  Create a REST client object.

• #post_rest(path, json, headers = {}) ⇒ Object

  Send an HTTP POST request to the path.

• #put_rest(path, json, headers = {}) ⇒ Object

  Send an HTTP PUT request to the path.

• #register(name = Chef::Config[:node_name], destination = Chef::Config[:client_key]) ⇒ Object

  Register the client – Requires you to load chef/api_client beforehand.

• #retriable_rest_request(method, url, req_body, headers) ⇒ Object
• #run_request(method, url, headers = {}, data = false, limit = nil, raw = false) ⇒ Object

  DEPRECATED Use api_request instead – Actually run an HTTP request.

• #sign_requests? ⇒ Boolean
• #signing_key ⇒ Object
• #signing_key_filename ⇒ Object
• #streaming_request(url, headers, &block) ⇒ Object

  Makes a streaming download request.

Constructor Details

#initialize(url, client_name = Chef::Config[:node_name], signing_key_filename = Chef::Config[:client_key], options = {}) ⇒ REST

Create a REST client object. The supplied url is used as the base for all subsequent requests. For example, when initialized with a base url localhost:4000, a call to get_rest with ‘nodes’ will make an HTTP GET request to localhost:4000/nodes

# File 'lib/chef/rest.rb', line 57

def initialize(url, client_name=Chef::Config[:node_name], signing_key_filename=Chef::Config[:client_key], options={})
  @url = url
  @cookies = CookieJar.instance
  @default_headers = options[:headers] || {}
  @auth_credentials = AuthCredentials.new(client_name, signing_key_filename)
  @sign_on_redirect, @sign_request = true, true
  @redirects_followed = 0
  @redirect_limit = 10
end

Instance Attribute Details

#auth_credentials ⇒ Object (readonly)

Returns the value of attribute auth_credentials.

# File 'lib/chef/rest.rb', line 45

def auth_credentials
  @auth_credentials
end

#cookies ⇒ Object

Returns the value of attribute cookies.

# File 'lib/chef/rest.rb', line 46

def cookies
  @cookies
end

#redirect_limit ⇒ Object

Returns the value of attribute redirect_limit.

# File 'lib/chef/rest.rb', line 46

def redirect_limit
  @redirect_limit
end

#sign_on_redirect ⇒ Object

Returns the value of attribute sign_on_redirect.

# File 'lib/chef/rest.rb', line 46

def sign_on_redirect
  @sign_on_redirect
end

#url ⇒ Object

Returns the value of attribute url.

# File 'lib/chef/rest.rb', line 46

def url
  @url
end

Instance Method Details

#api_request(method, url, headers = {}, data = false) ⇒ Object

Runs an HTTP request to a JSON API. File Download not supported.

# File 'lib/chef/rest.rb', line 232

def api_request(method, url, headers={}, data=false)
  json_body = data ? Chef::JSONCompat.to_json(data) : nil
  # Force encoding to binary to fix SSL related EOFErrors
  # cf. http://tickets.opscode.com/browse/CHEF-2363
  # http://redmine.ruby-lang.org/issues/5233
  json_body.force_encoding(Encoding::BINARY) if json_body.respond_to?(:force_encoding)
  headers = build_headers(method, url, headers, json_body)

  retriable_rest_request(method, url, json_body, headers) do |rest_request|
    response = rest_request.call {|r| r.read_body}

    response_body = decompress_body(response)

    if response.kind_of?(Net::HTTPSuccess)
      if response['content-type'] =~ /json/
        Chef::JSONCompat.from_json(response_body.chomp)
      else
        Chef::Log.warn("Expected JSON response, but got content-type '#{response['content-type']}'")
        response_body
      end
    elsif redirect_location = redirected_to(response)
      follow_redirect {api_request(:GET, create_url(redirect_location))}
    else
      # have to decompress the body before making an exception for it. But the body could be nil.
      response.body.replace(decompress_body(response)) if response.body.respond_to?(:replace)

      if response['content-type'] =~ /json/
        exception = Chef::JSONCompat.from_json(response_body)
        msg = "HTTP Request Returned #{response.code} #{response.message}: "
        msg << (exception["error"].respond_to?(:join) ? exception["error"].join(", ") : exception["error"].to_s)
        Chef::Log.info(msg)
      end
      response.error!
    end
  end
end

#authentication_headers(method, url, json_body = nil) ⇒ Object

# File 'lib/chef/rest.rb', line 358

def authentication_headers(method, url, json_body=nil)
  request_params = {:http_method => method, :path => url.path, :body => json_body, :host => "#{url.host}:#{url.port}"}
  request_params[:body] ||= ""
  auth_credentials.signature_headers(request_params)
end

#client_name ⇒ Object

# File 'lib/chef/rest.rb', line 71

def client_name
  @auth_credentials.client_name
end

#config ⇒ Object

# File 'lib/chef/rest.rb', line 372

def config
  Chef::Config
end

#create_url(path) ⇒ Object

# File 'lib/chef/rest.rb', line 156

def create_url(path)
  if path =~ /^(http|https):\/\//
    URI.parse(path)
  else
    URI.parse("#{@url}/#{path}")
  end
end

#decompress_body(response) ⇒ Object

# File 'lib/chef/rest.rb', line 269

def decompress_body(response)
  case response[CONTENT_ENCODING]
  when GZIP
    Chef::Log.debug "decompressing gzip response"
    Zlib::Inflate.new(Zlib::MAX_WBITS + 16).inflate(response.body)
  when DEFLATE
    Chef::Log.debug "decompressing deflate response"
    Zlib::Inflate.inflate(response.body)
  else
    response.body
  end
end

#delete_rest(path, headers = {}) ⇒ Object

Send an HTTP DELETE request to the path

# File 'lib/chef/rest.rb', line 133

def delete_rest(path, headers={})
  api_request(:DELETE, create_url(path), headers)
end

#fetch(path, headers = {}) ⇒ Object

Streams a download to a tempfile, then yields the tempfile to a block. After the download, the tempfile will be closed and unlinked. If you rename the tempfile, it will not be deleted. Beware that if the server streams infinite content, this method will stream it until you run out of disk space.

# File 'lib/chef/rest.rb', line 152

def fetch(path, headers={})
  streaming_request(create_url(path), headers) {|tmp_file| yield tmp_file }
end

#follow_redirect ⇒ Object

# File 'lib/chef/rest.rb', line 376

def follow_redirect
  raise Chef::Exceptions::RedirectLimitExceeded if @redirects_followed >= redirect_limit
  @redirects_followed += 1
  Chef::Log.debug("Following redirect #{@redirects_followed}/#{redirect_limit}")
  if @sign_on_redirect
    yield
  else
    @sign_request = false
    yield
  end
ensure
  @redirects_followed = 0
  @sign_request = true
end

#get_rest(path, raw = false, headers = {}) ⇒ Object

Send an HTTP GET request to the path

Using this method to fetch a file is considered deprecated.

Parameters

path

The path to GET

raw

Whether you want the raw body returned, or JSON inflated. Defaults

to JSON inflated.

# File 'lib/chef/rest.rb', line 124

def get_rest(path, raw=false, headers={})
  if raw
    streaming_request(create_url(path), headers)
  else
    api_request(:GET, create_url(path), headers)
  end
end

#http_retry_count ⇒ Object

# File 'lib/chef/rest.rb', line 368

def http_retry_count
  config[:http_retry_count]
end

#http_retry_delay ⇒ Object

# File 'lib/chef/rest.rb', line 364

def http_retry_delay
  config[:http_retry_delay]
end

#post_rest(path, json, headers = {}) ⇒ Object

Send an HTTP POST request to the path

# File 'lib/chef/rest.rb', line 138

def post_rest(path, json, headers={})
  api_request(:POST, create_url(path), headers, json)
end

#put_rest(path, json, headers = {}) ⇒ Object

Send an HTTP PUT request to the path

# File 'lib/chef/rest.rb', line 143

def put_rest(path, json, headers={})
  api_request(:PUT, create_url(path), headers, json)
end

#register(name = Chef::Config[:node_name], destination = Chef::Config[:client_key]) ⇒ Object

Register the client – Requires you to load chef/api_client beforehand. explicit require is removed since most users of this class have no need for chef/api_client. This functionality should be moved anyway…

# File 'lib/chef/rest.rb', line 84

def register(name=Chef::Config[:node_name], destination=Chef::Config[:client_key])
  if (File.exists?(destination) &&  !File.writable?(destination))
    raise Chef::Exceptions::CannotWritePrivateKey, "I cannot write your private key to #{destination} - check permissions?"
  end
  nc = Chef::ApiClient.new
  nc.name(name)

  catch(:done) do
    retries = config[:client_registration_retries] || 5
    0.upto(retries) do |n|
      begin
        response = nc.save(true, true)
        Chef::Log.debug("Registration response: #{response.inspect}")
        raise Chef::Exceptions::CannotWritePrivateKey, "The response from the server did not include a private key!" unless response.has_key?("private_key")
        # Write out the private key
        ::File.open(destination, "w") {|f|
          f.chmod(0600)
          f.print(response["private_key"])
        }
        throw :done
      rescue IOError
        raise Chef::Exceptions::CannotWritePrivateKey, "I cannot write your private key to #{destination}"
      rescue Net::HTTPFatalError => e
        Chef::Log.warn("Failed attempt #{n} of #{retries+1} on client creation")
        raise unless e.response.code == "500"
      end
    end
  end

  true
end

#retriable_rest_request(method, url, req_body, headers) ⇒ Object

# File 'lib/chef/rest.rb', line 318

def retriable_rest_request(method, url, req_body, headers)
  rest_request = Chef::REST::RESTRequest.new(method, url, req_body, headers)

  Chef::Log.debug("Sending HTTP Request via #{method} to #{url.host}:#{url.port}#{rest_request.path}")

  http_attempts = 0

  begin
    http_attempts += 1

    res = yield rest_request

  rescue SocketError, Errno::ETIMEDOUT => e
    e.message.replace "Error connecting to #{url} - #{e.message}"
    raise e
  rescue Errno::ECONNREFUSED
    if http_retry_count - http_attempts + 1 > 0
      Chef::Log.error("Connection refused connecting to #{url.host}:#{url.port} for #{rest_request.path}, retry #{http_attempts}/#{http_retry_count}")
      sleep(http_retry_delay)
      retry
    end
    raise Errno::ECONNREFUSED, "Connection refused connecting to #{url.host}:#{url.port} for #{rest_request.path}, giving up"
  rescue Timeout::Error
    if http_retry_count - http_attempts + 1 > 0
      Chef::Log.error("Timeout connecting to #{url.host}:#{url.port} for #{rest_request.path}, retry #{http_attempts}/#{http_retry_count}")
      sleep(http_retry_delay)
      retry
    end
    raise Timeout::Error, "Timeout connecting to #{url.host}:#{url.port} for #{rest_request.path}, giving up"
  rescue Net::HTTPFatalError => e
    if http_retry_count - http_attempts + 1 > 0
      sleep_time = 1 + (2 ** http_attempts) + rand(2 ** http_attempts)
      Chef::Log.error("Server returned error for #{url}, retrying #{http_attempts}/#{http_retry_count} in #{sleep_time}s")
      sleep(sleep_time)
      retry
    end
    raise
  end
end

#run_request(method, url, headers = {}, data = false, limit = nil, raw = false) ⇒ Object

DEPRECATED

Use api_request instead – Actually run an HTTP request. First argument is the HTTP method, which should be one of :GET, :PUT, :POST or :DELETE. Next is the URL, then an object to include in the body (which will be converted with .to_json). The limit argument is unused, it is present for backwards compatibility. Configure the redirect limit with #redirect_limit= instead.

Typically, you won’t use this method – instead, you’ll use one of the helper methods (get_rest, post_rest, etc.)

Will return the body of the response on success.

# File 'lib/chef/rest.rb', line 182

def run_request(method, url, headers={}, data=false, limit=nil, raw=false)
  json_body = data ? Chef::JSONCompat.to_json(data) : nil
  # Force encoding to binary to fix SSL related EOFErrors
  # cf. http://tickets.opscode.com/browse/CHEF-2363
  # http://redmine.ruby-lang.org/issues/5233
  json_body.force_encoding(Encoding::BINARY) if json_body.respond_to?(:force_encoding)
  headers = build_headers(method, url, headers, json_body, raw)

  tf, response_body = nil, nil

  retriable_rest_request(method, url, json_body, headers) do |rest_request|

    res = rest_request.call do |response|
      if raw
        tf = stream_to_tempfile(url, response)
      else
        response_body = decompress_body(response)
      end
    end

    case res
    when Net::HTTPSuccess
      if res['content-type'] =~ /json/
        Chef::JSONCompat.from_json(response_body)
      else
        if method == :HEAD
          true
        elsif raw
          tf
        else
          response_body
        end
      end
    when Net::HTTPNotModified # Must be tested before Net::HTTPRedirection because it's subclass.
      false
    when Net::HTTPRedirection
      follow_redirect {run_request(method, create_url(res['location']), headers, false, nil, raw)}
    else
      if res['content-type'] =~ /json/
        exception = Chef::JSONCompat.from_json(response_body)
        msg = "HTTP Request Returned #{res.code} #{res.message}: "
        msg << (exception["error"].respond_to?(:join) ? exception["error"].join(", ") : exception["error"].to_s)
        Chef::Log.warn(msg)
      end
      res.error!
    end
  end
end

#sign_requests? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/chef/rest.rb', line 164

def sign_requests?
  auth_credentials.sign_requests? && @sign_request
end

#signing_key ⇒ Object

# File 'lib/chef/rest.rb', line 75

def signing_key
  @auth_credentials.raw_key
end

#signing_key_filename ⇒ Object

# File 'lib/chef/rest.rb', line 67

def signing_key_filename
  @auth_credentials.key_file
end

#streaming_request(url, headers, &block) ⇒ Object

Makes a streaming download request. Doesn’t speak JSON. Streams the response body to a tempfile. If a block is given, it’s passed to Tempfile.open(), which means that the tempfile will automatically be unlinked after the block is executed.

If no block is given, the tempfile is returned, which means it’s up to you to unlink the tempfile when you’re done with it.

# File 'lib/chef/rest.rb', line 289

def streaming_request(url, headers, &block)
  headers = build_headers(:GET, url, headers, nil, true)
  retriable_rest_request(:GET, url, nil, headers) do |rest_request|
    tempfile = nil
    response = rest_request.call do |r|
      if block_given? && r.kind_of?(Net::HTTPSuccess)
        begin
          tempfile = stream_to_tempfile(url, r, &block)
          yield tempfile
        ensure
          tempfile.close!
        end
      else
        tempfile = stream_to_tempfile(url, r)
      end
    end
    if response.kind_of?(Net::HTTPSuccess)
      tempfile
    elsif redirect_location = redirected_to(response)
      # TODO: test tempfile unlinked when following redirects.
      tempfile && tempfile.close!
      follow_redirect {streaming_request(create_url(redirect_location), {}, &block)}
    else
      tempfile && tempfile.close!
      response.error!
    end
  end
end