Class: InspecPlugins::Compliance::HTTP

Inherits:

Object

Object
InspecPlugins::Compliance::HTTP

show all

Defined in:: lib/plugins/inspec-compliance/lib/inspec-compliance/http.rb

Overview

implements a simple http abstraction on top of Net::HTTP

Class Method Summary collapse

._parse_url(url) ⇒ Object
.get(url, headers = nil, insecure) ⇒ Object

generic get requires.
.post(url, token, insecure, basic_auth = false) ⇒ Object

generic post request.
.post_file(url, headers, file_path, insecure) ⇒ Object

post a file.
.post_multipart_file(url, headers, file_path, insecure) ⇒ Object
.post_with_headers(url, headers, body, insecure) ⇒ Object
.send_request(uri, req, insecure) ⇒ Object

sends a http requests.

Class Method Details

._parse_url(url) ⇒ `Object`

# File 'lib/plugins/inspec-compliance/lib/inspec-compliance/http.rb', line 111

def self._parse_url(url)
  url = "https://#{url}" if URI.parse(url).scheme.nil?
  URI.parse(url)
end

.get(url, headers = nil, insecure) ⇒ `Object`

generic get requires

# File 'lib/plugins/inspec-compliance/lib/inspec-compliance/http.rb', line 10

def self.get(url, headers = nil, insecure)
  uri = _parse_url(url)
  req = Net::HTTP::Get.new(uri.path)
  headers&.each do |key, value|
    req.add_field(key, value)
  end
  send_request(uri, req, insecure)
end

.post(url, token, insecure, basic_auth = false) ⇒ `Object`

generic post request

# File 'lib/plugins/inspec-compliance/lib/inspec-compliance/http.rb', line 20

def self.post(url, token, insecure, basic_auth = false)
  # form request
  uri = _parse_url(url)
  req = Net::HTTP::Post.new(uri.path)
  if basic_auth
    req.basic_auth token, ""
  else
    req["Authorization"] = "Bearer #{token}"
  end
  req.form_data = {}

  send_request(uri, req, insecure)
end

.post_file(url, headers, file_path, insecure) ⇒ `Object`

post a file

# File 'lib/plugins/inspec-compliance/lib/inspec-compliance/http.rb', line 45

def self.post_file(url, headers, file_path, insecure)
  uri = _parse_url(url)
  raise "Unable to parse URL: #{url}" if uri.nil? || uri.host.nil?

  http = Net::HTTP.new(uri.host, uri.port)

  # set connection flags
  http.use_ssl = (uri.scheme == "https")
  http.verify_mode = OpenSSL::SSL::VERIFY_NONE if insecure

  req = Net::HTTP::Post.new(uri.path)
  headers.each do |key, value|
    req.add_field(key, value)
  end

  req.body_stream = File.open(file_path, "rb")
  req.add_field("Content-Length", File.size(file_path))
  req.add_field("Content-Type", "application/x-gzip")

  boundary = "INSPEC-PROFILE-UPLOAD"
  req.add_field("session", boundary)
  res = http.request(req)
  res
end

.post_multipart_file(url, headers, file_path, insecure) ⇒ `Object`

# File 'lib/plugins/inspec-compliance/lib/inspec-compliance/http.rb', line 70

def self.post_multipart_file(url, headers, file_path, insecure)
  uri = _parse_url(url)
  raise "Unable to parse URL: #{url}" if uri.nil? || uri.host.nil?

  http = Net::HTTP.new(uri.host, uri.port)

  # set connection flags
  http.use_ssl = (uri.scheme == "https")
  http.verify_mode = OpenSSL::SSL::VERIFY_NONE if insecure

  File.open(file_path) do |tar|
    req = Net::HTTP::Post::Multipart.new(uri, "file" => UploadIO.new(tar, "application/x-gzip", File.basename(file_path)))
    headers.each do |key, value|
      req.add_field(key, value)
    end
    res = http.request(req)
    return res
  end
end

.post_with_headers(url, headers, body, insecure) ⇒ `Object`

# File 'lib/plugins/inspec-compliance/lib/inspec-compliance/http.rb', line 34

def self.post_with_headers(url, headers, body, insecure)
  uri = _parse_url(url)
  req = Net::HTTP::Post.new(uri.path)
  req.body = body unless body.nil?
  headers&.each do |key, value|
    req.add_field(key, value)
  end
  send_request(uri, req, insecure)
end

.send_request(uri, req, insecure) ⇒ `Object`

sends a http requests

# File 'lib/plugins/inspec-compliance/lib/inspec-compliance/http.rb', line 91

def self.send_request(uri, req, insecure)
  opts = {
    use_ssl: uri.scheme == "https",
  }
  opts[:verify_mode] = OpenSSL::SSL::VERIFY_NONE if insecure

  raise "Unable to parse URI: #{uri}" if uri.nil? || uri.host.nil?

  res = Net::HTTP.start(uri.host, uri.port, opts) do |http|
    http.request(req)
  end
  res
rescue OpenSSL::SSL::SSLError => e
  raise e unless e.message.include? "certificate verify failed"

  puts "Error: Failed to connect to #{uri}."
  puts "If the server uses a self-signed certificate, please re-run the login command with the --insecure option."
  exit 1
end

Class: InspecPlugins::Compliance::HTTP

Overview

Class Method Summary collapse

Class Method Details

._parse_url(url) ⇒ Object

.get(url, headers = nil, insecure) ⇒ Object

.post(url, token, insecure, basic_auth = false) ⇒ Object

.post_file(url, headers, file_path, insecure) ⇒ Object

.post_multipart_file(url, headers, file_path, insecure) ⇒ Object

.post_with_headers(url, headers, body, insecure) ⇒ Object

.send_request(uri, req, insecure) ⇒ Object

._parse_url(url) ⇒ `Object`

.get(url, headers = nil, insecure) ⇒ `Object`

.post(url, token, insecure, basic_auth = false) ⇒ `Object`

.post_file(url, headers, file_path, insecure) ⇒ `Object`

.post_multipart_file(url, headers, file_path, insecure) ⇒ `Object`

.post_with_headers(url, headers, body, insecure) ⇒ `Object`

.send_request(uri, req, insecure) ⇒ `Object`