Class: Chef::REST

Inherits:
Object show all
Defined in:
lib/chef/rest.rb,
lib/chef/rest/cookie_jar.rb,
lib/chef/rest/rest_request.rb,
lib/chef/rest/auth_credentials.rb

Overview

Chef::REST

Chef's custom REST client with built-in JSON support and RSA signed header authentication.

Direct Known Subclasses

Shef::ShefREST

Defined Under Namespace

Classes: AuthCredentials, CookieJar, NoopInflater, RESTRequest

Constant Summary collapse

CONTENT_ENCODING =
"content-encoding".freeze
GZIP =
"gzip".freeze
DEFLATE =
"deflate".freeze
IDENTITY =
"identity".freeze

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(url, client_name = Chef::Config[:node_name], signing_key_filename = Chef::Config[:client_key], options = {}) ⇒ REST

Create a REST client object. The supplied url is used as the base for all subsequent requests. For example, when initialized with a base url localhost:4000, a call to get_rest with 'nodes' will make an HTTP GET request to localhost:4000/nodes


60
61
62
63
64
65
66
67
68
69
70
# File 'lib/chef/rest.rb', line 60

def initialize(url, client_name=Chef::Config[:node_name], signing_key_filename=Chef::Config[:client_key], options={})
  @url = url
  @cookies = CookieJar.instance
  @default_headers = options[:headers] || {}
  @auth_credentials = AuthCredentials.new(client_name, signing_key_filename)
  @sign_on_redirect, @sign_request = true, true
  @redirects_followed = 0
  @redirect_limit = 10
  @disable_gzip = false
  handle_options(options)
end

Instance Attribute Details

#auth_credentialsObject (readonly)

Returns the value of attribute auth_credentials


48
49
50
# File 'lib/chef/rest.rb', line 48

def auth_credentials
  @auth_credentials
end

#cookiesObject

Returns the value of attribute cookies


49
50
51
# File 'lib/chef/rest.rb', line 49

def cookies
  @cookies
end

#redirect_limitObject

Returns the value of attribute redirect_limit


49
50
51
# File 'lib/chef/rest.rb', line 49

def redirect_limit
  @redirect_limit
end

#sign_on_redirectObject

Returns the value of attribute sign_on_redirect


49
50
51
# File 'lib/chef/rest.rb', line 49

def sign_on_redirect
  @sign_on_redirect
end

#urlObject

Returns the value of attribute url


49
50
51
# File 'lib/chef/rest.rb', line 49

def url
  @url
end

Instance Method Details

#api_request(method, url, headers = {}, data = false) ⇒ Object

Runs an HTTP request to a JSON API with JSON body. File Download not supported.


237
238
239
240
241
242
243
244
# File 'lib/chef/rest.rb', line 237

def api_request(method, url, headers={}, data=false)
  json_body = data ? Chef::JSONCompat.to_json(data) : nil
  # Force encoding to binary to fix SSL related EOFErrors
  # cf. http://tickets.opscode.com/browse/CHEF-2363
  # http://redmine.ruby-lang.org/issues/5233
  json_body.force_encoding(Encoding::BINARY) if json_body.respond_to?(:force_encoding)
  raw_http_request(method, url, headers, json_body)
end

#authentication_headers(method, url, json_body = nil) ⇒ Object


393
394
395
396
397
# File 'lib/chef/rest.rb', line 393

def authentication_headers(method, url, json_body=nil)
  request_params = {:http_method => method, :path => url.path, :body => json_body, :host => "#{url.host}:#{url.port}"}
  request_params[:body] ||= ""
  auth_credentials.signature_headers(request_params)
end

#client_nameObject


76
77
78
# File 'lib/chef/rest.rb', line 76

def client_name
  @auth_credentials.client_name
end

#configObject


407
408
409
# File 'lib/chef/rest.rb', line 407

def config
  Chef::Config
end

#create_url(path) ⇒ Object


161
162
163
164
165
166
167
# File 'lib/chef/rest.rb', line 161

def create_url(path)
  if path =~ /^(http|https):\/\//
    URI.parse(path)
  else
    URI.parse("#{@url}/#{path}")
  end
end

#decompress_body(response) ⇒ Object


293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
# File 'lib/chef/rest.rb', line 293

def decompress_body(response)
  if gzip_disabled?
    response.body
  else
    case response[CONTENT_ENCODING]
    when GZIP
      Chef::Log.debug "decompressing gzip response"
      Zlib::Inflate.new(Zlib::MAX_WBITS + 16).inflate(response.body)
    when DEFLATE
      Chef::Log.debug "decompressing deflate response"
      Zlib::Inflate.inflate(response.body)
    else
      response.body
    end
  end
end

#delete_rest(path, headers = {}) ⇒ Object

Send an HTTP DELETE request to the path


138
139
140
# File 'lib/chef/rest.rb', line 138

def delete_rest(path, headers={})
  api_request(:DELETE, create_url(path), headers)
end

#fetch(path, headers = {}) ⇒ Object

Streams a download to a tempfile, then yields the tempfile to a block. After the download, the tempfile will be closed and unlinked. If you rename the tempfile, it will not be deleted. Beware that if the server streams infinite content, this method will stream it until you run out of disk space.


157
158
159
# File 'lib/chef/rest.rb', line 157

def fetch(path, headers={})
  streaming_request(create_url(path), headers) {|tmp_file| yield tmp_file }
end

#follow_redirectObject


411
412
413
414
415
416
417
418
419
420
421
422
423
424
# File 'lib/chef/rest.rb', line 411

def follow_redirect
  raise Chef::Exceptions::RedirectLimitExceeded if @redirects_followed >= redirect_limit
  @redirects_followed += 1
  Chef::Log.debug("Following redirect #{@redirects_followed}/#{redirect_limit}")
  if @sign_on_redirect
    yield
  else
    @sign_request = false
    yield
  end
ensure
  @redirects_followed = 0
  @sign_request = true
end

#get_rest(path, raw = false, headers = {}) ⇒ Object

Send an HTTP GET request to the path

Using this method to fetch a file is considered deprecated.

Parameters

path

The path to GET

raw

Whether you want the raw body returned, or JSON inflated. Defaults

to JSON inflated.

129
130
131
132
133
134
135
# File 'lib/chef/rest.rb', line 129

def get_rest(path, raw=false, headers={})
  if raw
    streaming_request(create_url(path), headers)
  else
    api_request(:GET, create_url(path), headers)
  end
end

#http_retry_countObject


403
404
405
# File 'lib/chef/rest.rb', line 403

def http_retry_count
  config[:http_retry_count]
end

#http_retry_delayObject


399
400
401
# File 'lib/chef/rest.rb', line 399

def http_retry_delay
  config[:http_retry_delay]
end

#post_rest(path, json, headers = {}) ⇒ Object

Send an HTTP POST request to the path


143
144
145
# File 'lib/chef/rest.rb', line 143

def post_rest(path, json, headers={})
  api_request(:POST, create_url(path), headers, json)
end

#put_rest(path, json, headers = {}) ⇒ Object

Send an HTTP PUT request to the path


148
149
150
# File 'lib/chef/rest.rb', line 148

def put_rest(path, json, headers={})
  api_request(:PUT, create_url(path), headers, json)
end

#raw_http_request(method, url, headers, body) ⇒ Object

Runs an HTTP request to a JSON API with raw body. File Download not supported.


247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
# File 'lib/chef/rest.rb', line 247

def raw_http_request(method, url, headers, body)
  headers = build_headers(method, url, headers, body)
  retriable_rest_request(method, url, body, headers) do |rest_request|
    begin
      response = rest_request.call {|r| r.read_body}

      Chef::Log.debug("---- HTTP Status and Header Data: ----")
      Chef::Log.debug("HTTP #{response.http_version} #{response.code} #{response.msg}")

      response.each do |header, value|
        Chef::Log.debug("#{header}: #{value}")
      end
      Chef::Log.debug("---- End HTTP Status/Header Data ----")

      response_body = decompress_body(response)

      if response.kind_of?(Net::HTTPSuccess)
        if response['content-type'] =~ /json/
          Chef::JSONCompat.from_json(response_body.chomp)
        else
          Chef::Log.warn("Expected JSON response, but got content-type '#{response['content-type']}'")
          response_body
        end
      elsif redirect_location = redirected_to(response)
        follow_redirect {api_request(:GET, create_url(redirect_location))}
      else
        # have to decompress the body before making an exception for it. But the body could be nil.
        response.body.replace(decompress_body(response)) if response.body.respond_to?(:replace)

        if response['content-type'] =~ /json/
          exception = Chef::JSONCompat.from_json(response_body)
          msg = "HTTP Request Returned #{response.code} #{response.message}: "
          msg << (exception["error"].respond_to?(:join) ? exception["error"].join(", ") : exception["error"].to_s)
          Chef::Log.info(msg)
        end
        response.error!
      end
    rescue Exception => e
      if e.respond_to?(:chef_rest_request=)
        e.chef_rest_request = rest_request
      end
      raise
    end
  end
end

#register(name = Chef::Config[:node_name], destination = Chef::Config[:client_key]) ⇒ Object

Register the client – Requires you to load chef/api_client beforehand. explicit require is removed since most users of this class have no need for chef/api_client. This functionality should be moved anyway…


89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
# File 'lib/chef/rest.rb', line 89

def register(name=Chef::Config[:node_name], destination=Chef::Config[:client_key])
  if (File.exists?(destination) &&  !File.writable?(destination))
    raise Chef::Exceptions::CannotWritePrivateKey, "I cannot write your private key to #{destination} - check permissions?"
  end
  nc = Chef::ApiClient.new
  nc.name(name)

  catch(:done) do
    retries = config[:client_registration_retries] || 5
    0.upto(retries) do |n|
      begin
        response = nc.save(true, true)
        Chef::Log.debug("Registration response: #{response.inspect}")
        raise Chef::Exceptions::CannotWritePrivateKey, "The response from the server did not include a private key!" unless response.has_key?("private_key")
        # Write out the private key
        ::File.open(destination, "w") {|f|
          f.chmod(0600)
          f.print(response["private_key"])
        }
        throw :done
      rescue IOError
        raise Chef::Exceptions::CannotWritePrivateKey, "I cannot write your private key to #{destination}"
      rescue Net::HTTPFatalError => e
        Chef::Log.warn("Failed attempt #{n} of #{retries+1} on client creation")
        raise unless e.response.code == "500"
      end
    end
  end

  true
end

#retriable_rest_request(method, url, req_body, headers) ⇒ Object


353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
# File 'lib/chef/rest.rb', line 353

def retriable_rest_request(method, url, req_body, headers)
  rest_request = Chef::REST::RESTRequest.new(method, url, req_body, headers)

  Chef::Log.debug("Sending HTTP Request via #{method} to #{url.host}:#{url.port}#{rest_request.path}")

  http_attempts = 0

  begin
    http_attempts += 1

    res = yield rest_request

  rescue SocketError, Errno::ETIMEDOUT => e
    e.message.replace "Error connecting to #{url} - #{e.message}"
    raise e
  rescue Errno::ECONNREFUSED
    if http_retry_count - http_attempts + 1 > 0
      Chef::Log.error("Connection refused connecting to #{url.host}:#{url.port} for #{rest_request.path}, retry #{http_attempts}/#{http_retry_count}")
      sleep(http_retry_delay)
      retry
    end
    raise Errno::ECONNREFUSED, "Connection refused connecting to #{url.host}:#{url.port} for #{rest_request.path}, giving up"
  rescue Timeout::Error
    if http_retry_count - http_attempts + 1 > 0
      Chef::Log.error("Timeout connecting to #{url.host}:#{url.port} for #{rest_request.path}, retry #{http_attempts}/#{http_retry_count}")
      sleep(http_retry_delay)
      retry
    end
    raise Timeout::Error, "Timeout connecting to #{url.host}:#{url.port} for #{rest_request.path}, giving up"
  rescue Net::HTTPFatalError => e
    if http_retry_count - http_attempts + 1 > 0
      sleep_time = 1 + (2 ** http_attempts) + rand(2 ** http_attempts)
      Chef::Log.error("Server returned error for #{url}, retrying #{http_attempts}/#{http_retry_count} in #{sleep_time}s")
      sleep(sleep_time)
      retry
    end
    raise
  end
end

#run_request(method, url, headers = {}, data = false, limit = nil, raw = false) ⇒ Object

DEPRECATED

Use api_request instead – Actually run an HTTP request. First argument is the HTTP method, which should be one of :GET, :PUT, :POST or :DELETE. Next is the URL, then an object to include in the body (which will be converted with .to_json). The limit argument is unused, it is present for backwards compatibility. Configure the redirect limit with #redirect_limit= instead.

Typically, you won't use this method – instead, you'll use one of the helper methods (get_rest, post_rest, etc.)

Will return the body of the response on success.


187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
# File 'lib/chef/rest.rb', line 187

def run_request(method, url, headers={}, data=false, limit=nil, raw=false)
  json_body = data ? Chef::JSONCompat.to_json(data) : nil
  # Force encoding to binary to fix SSL related EOFErrors
  # cf. http://tickets.opscode.com/browse/CHEF-2363
  # http://redmine.ruby-lang.org/issues/5233
  json_body.force_encoding(Encoding::BINARY) if json_body.respond_to?(:force_encoding)
  headers = build_headers(method, url, headers, json_body, raw)

  tf, response_body = nil, nil

  retriable_rest_request(method, url, json_body, headers) do |rest_request|

    res = rest_request.call do |response|
      if raw
        tf = stream_to_tempfile(url, response)
      else
        response_body = decompress_body(response)
      end
    end

    case res
    when Net::HTTPSuccess
      if res['content-type'] =~ /json/
        Chef::JSONCompat.from_json(response_body)
      else
        if method == :HEAD
          true
        elsif raw
          tf
        else
          response_body
        end
      end
    when Net::HTTPNotModified # Must be tested before Net::HTTPRedirection because it's subclass.
      false
    when Net::HTTPRedirection
      follow_redirect {run_request(method, create_url(res['location']), headers, false, nil, raw)}
    else
      if res['content-type'] =~ /json/
        exception = Chef::JSONCompat.from_json(response_body)
        msg = "HTTP Request Returned #{res.code} #{res.message}: "
        msg << (exception["error"].respond_to?(:join) ? exception["error"].join(", ") : exception["error"].to_s)
        Chef::Log.warn(msg)
      end
      res.error!
    end
  end
end

#sign_requests?Boolean

Returns:

  • (Boolean)

169
170
171
# File 'lib/chef/rest.rb', line 169

def sign_requests?
  auth_credentials.sign_requests? && @sign_request
end

#signing_keyObject


80
81
82
# File 'lib/chef/rest.rb', line 80

def signing_key
  @auth_credentials.raw_key
end

#signing_key_filenameObject


72
73
74
# File 'lib/chef/rest.rb', line 72

def signing_key_filename
  @auth_credentials.key_file
end

#streaming_request(url, headers, &block) ⇒ Object

Makes a streaming download request. Doesn't speak JSON. Streams the response body to a tempfile. If a block is given, it's passed to Tempfile.open(), which means that the tempfile will automatically be unlinked after the block is executed.

If no block is given, the tempfile is returned, which means it's up to you to unlink the tempfile when you're done with it.


317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
# File 'lib/chef/rest.rb', line 317

def streaming_request(url, headers, &block)
  headers = build_headers(:GET, url, headers, nil, true)
  retriable_rest_request(:GET, url, nil, headers) do |rest_request|
    begin
      tempfile = nil
      response = rest_request.call do |r|
        if block_given? && r.kind_of?(Net::HTTPSuccess)
          begin
            tempfile = stream_to_tempfile(url, r, &block)
            yield tempfile
          ensure
            tempfile.close!
          end
        else
          tempfile = stream_to_tempfile(url, r)
        end
      end
      if response.kind_of?(Net::HTTPSuccess)
        tempfile
      elsif redirect_location = redirected_to(response)
        # TODO: test tempfile unlinked when following redirects.
        tempfile && tempfile.close!
        follow_redirect {streaming_request(create_url(redirect_location), {}, &block)}
      else
        tempfile && tempfile.close!
        response.error!
      end
    rescue Exception => e
      if e.respond_to?(:chef_rest_request=)
        e.chef_rest_request = rest_request
      end
      raise
    end
  end
end