Class: Puppet::Context::TrustedInformation Private

Inherits:
Object
  • Object
show all
Defined in:
lib/puppet/context/trusted_information.rb

Overview

This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.

API:

  • private

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(authenticated, certname, extensions) ⇒ TrustedInformation

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns a new instance of TrustedInformation.

API:

  • private



20
21
22
23
24
 
# File 'lib/puppet/context/trusted_information.rb', line 20

def initialize(authenticated, certname, extensions)
  @authenticated = authenticated.freeze
  @certname = certname.freeze
  @extensions = extensions.freeze
end

Instance Attribute Details

#authenticatedString, Boolean (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

one of ‘remote’, ‘local’, or false, where ‘remote’ is authenticated via cert, ‘local’ is trusted by virtue of running on the same machine (not a remote request), and false is an unauthenticated remote request.

Returns:

API:

  • private



8
9
10
 
# File 'lib/puppet/context/trusted_information.rb', line 8

def authenticated
  @authenticated
end

#certnameString (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

The validated certificate name used for the request

Returns:

API:

  • private



13
14
15
 
# File 'lib/puppet/context/trusted_information.rb', line 13

def certname
  @certname
end

#extensionsHash{Object => Object} (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Extra information that comes from the trusted certificate’s extensions.

Returns:

API:

  • private



18
19
20
 
# File 'lib/puppet/context/trusted_information.rb', line 18

def extensions
  @extensions
end

Class Method Details

.local(node) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

API:

  • private



42
43
44
45
46
47
 
# File 'lib/puppet/context/trusted_information.rb', line 42

def self.local(node)
  # Always trust local data by picking up the available parameters.
  client_cert = node ? node.parameters['clientcert'] : nil

  new('local', client_cert, {})
end

.remote(authenticated, node_name, certificate) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

API:

  • private



26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
 
# File 'lib/puppet/context/trusted_information.rb', line 26

def self.remote(authenticated, node_name, certificate)
  if authenticated
    extensions = {}
    if certificate.nil?
      Puppet.info('TrustedInformation expected a certificate, but none was given.')
    else
      extensions = Hash[certificate.custom_extensions.collect do |ext|
        [ext['oid'].freeze, ext['value'].freeze]
      end]
    end
    new('remote', node_name, extensions)
  else
    new(false, nil, {})
  end
end

Instance Method Details

#to_hObject

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

API:

  • private



49
50
51
52
53
54
55
 
# File 'lib/puppet/context/trusted_information.rb', line 49

def to_h
  {
    'authenticated'.freeze => authenticated,
    'certname'.freeze => certname,
    'extensions'.freeze => extensions
  }.freeze
end