Class: Puppet::Context::TrustedInformation Private
- Defined in:
- lib/puppet/context/trusted_information.rb
Overview
This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.
Instance Attribute Summary collapse
-
#authenticated ⇒ String, Boolean
readonly
private
one of ‘remote’, ‘local’, or false, where ‘remote’ is authenticated via cert, ‘local’ is trusted by virtue of running on the same machine (not a remote request), and false is an unauthenticated remote request.
-
#certname ⇒ String
readonly
private
The validated certificate name used for the request.
-
#domain ⇒ String
readonly
private
The domain name derived from the validated certificate name.
-
#extensions ⇒ Hash{Object => Object}
readonly
private
Extra information that comes from the trusted certificate’s extensions.
-
#hostname ⇒ String
readonly
private
The hostname derived from the validated certificate name.
Class Method Summary collapse
Instance Method Summary collapse
-
#external ⇒ Hash
private
Additional external facts loaded through ‘trusted_external_command`.
-
#initialize(authenticated, certname, extensions, external = {}) ⇒ TrustedInformation
constructor
private
A new instance of TrustedInformation.
- #to_h ⇒ Object private
Constructor Details
#initialize(authenticated, certname, extensions, external = {}) ⇒ TrustedInformation
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Returns a new instance of TrustedInformation.
34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
# File 'lib/puppet/context/trusted_information.rb', line 34 def initialize(authenticated, certname, extensions, external = {}) @authenticated = authenticated.freeze @certname = certname.freeze @extensions = extensions.freeze if @certname hostname, domain = @certname.split('.', 2) else hostname = nil domain = nil end @hostname = hostname.freeze @domain = domain.freeze @external = external.is_a?(Proc) ? external : external.freeze end |
Instance Attribute Details
#authenticated ⇒ String, Boolean (readonly)
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
one of ‘remote’, ‘local’, or false, where ‘remote’ is authenticated via cert, ‘local’ is trusted by virtue of running on the same machine (not a remote request), and false is an unauthenticated remote request.
12 13 14 |
# File 'lib/puppet/context/trusted_information.rb', line 12 def authenticated @authenticated end |
#certname ⇒ String (readonly)
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
The validated certificate name used for the request
17 18 19 |
# File 'lib/puppet/context/trusted_information.rb', line 17 def certname @certname end |
#domain ⇒ String (readonly)
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
The domain name derived from the validated certificate name
27 28 29 |
# File 'lib/puppet/context/trusted_information.rb', line 27 def domain @domain end |
#extensions ⇒ Hash{Object => Object} (readonly)
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Extra information that comes from the trusted certificate’s extensions.
22 23 24 |
# File 'lib/puppet/context/trusted_information.rb', line 22 def extensions @extensions end |
#hostname ⇒ String (readonly)
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
The hostname derived from the validated certificate name
32 33 34 |
# File 'lib/puppet/context/trusted_information.rb', line 32 def hostname @hostname end |
Class Method Details
.local(node) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
67 68 69 70 71 72 73 |
# File 'lib/puppet/context/trusted_information.rb', line 67 def self.local(node) # Always trust local data by picking up the available parameters. client_cert = node ? node.parameters['clientcert'] : nil external = proc { retrieve_trusted_external(client_cert) } new('local', client_cert, {}, external) end |
.remote(authenticated, node_name, certificate) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 |
# File 'lib/puppet/context/trusted_information.rb', line 49 def self.remote(authenticated, node_name, certificate) external = proc { retrieve_trusted_external(node_name) } if authenticated extensions = {} if certificate.nil? Puppet.info(_('TrustedInformation expected a certificate, but none was given.')) else extensions = certificate.custom_extensions.to_h do |ext| [ext['oid'].freeze, ext['value'].freeze] end end new('remote', node_name, extensions, external) else new(false, nil, {}, external) end end |
Instance Method Details
#external ⇒ Hash
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Additional external facts loaded through ‘trusted_external_command`.
78 79 80 81 82 83 |
# File 'lib/puppet/context/trusted_information.rb', line 78 def external if @external.is_a?(Proc) @external = @external.call.freeze end @external end |
#to_h ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
112 113 114 115 116 117 118 119 120 121 |
# File 'lib/puppet/context/trusted_information.rb', line 112 def to_h { 'authenticated' => authenticated, 'certname' => certname, 'extensions' => extensions, 'hostname' => hostname, 'domain' => domain, 'external' => external, }.freeze end |