Class: Conjur::Proxy

Inherits:
Object
  • Object
show all
Defined in:
lib/conjur/proxy.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(url, conjur) ⇒ Proxy

Returns a new instance of Proxy.



28
29
30
31
32
33
34
35
36
37
38
39
 
# File 'lib/conjur/proxy.rb', line 28

def initialize url, conjur
  @conjur = conjur
  @proxy = Rack::StreamingProxy::Proxy.new nil do |request|
    ret = "#{url}#{request.path}"

    unless request.query_string.empty?
      ret = "#{ret}?#{request.query_string}"
    end

    ret
  end
end

Instance Attribute Details

#conjurObject (readonly)

Returns the value of attribute conjur.



41
42
43
 
# File 'lib/conjur/proxy.rb', line 41

def conjur
  @conjur
end

#proxyObject (readonly)

Returns the value of attribute proxy.



41
42
43
 
# File 'lib/conjur/proxy.rb', line 41

def proxy
  @proxy
end

Instance Method Details

#call(env) ⇒ Object 



43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
 
# File 'lib/conjur/proxy.rb', line 43

def call env
  env['HTTP_AUTHORIZATION'] = conjur.credentials[:headers][:authorization]

  if (env['REQUEST_METHOD'] == 'POST' || env['REQUEST_METHOD'] == 'PUT')
    if !env.include?('CONTENT_LENGTH') && (!env.include?('TRANSFER_ENCODING') ||
        env['TRANSFER_ENCODING'] != 'chunked')
      env['CONTENT_LENGTH'] = '0'
    end
  end

  ret = proxy.call env

  # hack for Docker Hub & Registry API
  if ret[1].include?('x-docker-endpoints')
    ret[1]['x-docker-endpoints'] = env['HTTP_HOST']
  end

  ret
end

#configure(options = {}) ⇒ Object 



63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
 
# File 'lib/conjur/proxy.rb', line 63

def configure options = {}
  if options[:insecure]
    Net::HTTP.class_eval do
      def use_ssl=(flag)
        flag = flag ? true : false
        if started? and @use_ssl != flag
          raise IOError, "use_ssl value changed, but session already started"
        end
        @use_ssl = flag

        self.verify_mode = OpenSSL::SSL::VERIFY_NONE
      end
    end
  end

  if options[:cacert]
    OpenSSL::SSL::SSLContext::DEFAULT_CERT_STORE.add_file options[:cacert]
  end

  Rack::StreamingProxy::Session.class_eval do
    # set timeout to 30 min, 30 seconds is not enought for uploading
    def start
      @piper = Servolux::Piper.new 'r', timeout: 1600
      @piper.child  { child }
      @piper.parent { parent }
    end
  end
end

#start(options = {}) ⇒ Object 



92
93
94
95
96
 
# File 'lib/conjur/proxy.rb', line 92

def start options = {}
  configure options
  
  Rack::Server.start app: self, Port: options[:port] || 8080, Host: options[:address] || '127.0.0.1'
end