Class: Chef::REST

Inherits:

Object

• Object
• Chef::REST

Defined in:

lib/chef/rest.rb,
lib/chef/rest/cookie_jar.rb,
lib/chef/rest/rest_request.rb,
lib/chef/rest/auth_credentials.rb

Overview

Chef::REST

Chef’s custom REST client with built-in JSON support and RSA signed header authentication.

Direct Known Subclasses

Shef::ShefREST

Defined Under Namespace

Classes: AuthCredentials, CookieJar, RESTRequest

Instance Attribute Summary

• #auth_credentials ⇒ Object readonly

  Returns the value of attribute auth_credentials.

• #cookies ⇒ Object

  Returns the value of attribute cookies.

• #redirect_limit ⇒ Object

  Returns the value of attribute redirect_limit.

• #sign_on_redirect ⇒ Object

  Returns the value of attribute sign_on_redirect.

• #url ⇒ Object

  Returns the value of attribute url.

Instance Method Summary

• #api_request(method, url, headers = {}, data = false) ⇒ Object

  Runs an HTTP request to a JSON API.

• #authentication_headers(method, url, json_body = nil) ⇒ Object
• #client_name ⇒ Object
• #config ⇒ Object
• #create_url(path) ⇒ Object
• #delete_rest(path, headers = {}) ⇒ Object

  Send an HTTP DELETE request to the path.

• #fetch(path, headers = {}) ⇒ Object

  Streams a download to a tempfile, then yields the tempfile to a block.

• #follow_redirect ⇒ Object
• #get_rest(path, raw = false, headers = {}) ⇒ Object

  Send an HTTP GET request to the path.

• #http_retry_count ⇒ Object
• #http_retry_delay ⇒ Object
• #initialize(url, client_name = Chef::Config[:node_name], signing_key_filename = Chef::Config[:client_key], options = {}) ⇒ REST constructor

  Create a REST client object.

• #post_rest(path, json, headers = {}) ⇒ Object

  Send an HTTP POST request to the path.

• #put_rest(path, json, headers = {}) ⇒ Object

  Send an HTTP PUT request to the path.

• #register(name = Chef::Config[:node_name], destination = Chef::Config[:client_key]) ⇒ Object

  Register the client – Requires you to load chef/api_client beforehand.

• #retriable_rest_request(method, url, req_body, headers) ⇒ Object
• #run_request(method, url, headers = {}, data = false, limit = nil, raw = false) ⇒ Object

  DEPRECATED Use api_request instead – Actually run an HTTP request.

• #sign_requests? ⇒ Boolean
• #signing_key ⇒ Object
• #signing_key_filename ⇒ Object
• #streaming_request(url, headers, &block) ⇒ Object

  Makes a streaming download request.

Constructor Details

#initialize(url, client_name = Chef::Config[:node_name], signing_key_filename = Chef::Config[:client_key], options = {}) ⇒ REST

Create a REST client object. The supplied url is used as the base for all subsequent requests. For example, when initialized with a base url localhost:4000, a call to get_rest with ‘nodes’ will make an HTTP GET request to localhost:4000/nodes

# File 'lib/chef/rest.rb', line 43

def initialize(url, client_name=Chef::Config[:node_name], signing_key_filename=Chef::Config[:client_key], options={})
  @url = url
  @cookies = CookieJar.instance
  @default_headers = options[:headers] || {}
  @auth_credentials = AuthCredentials.new(client_name, signing_key_filename)
  @sign_on_redirect, @sign_request = true, true
  @redirects_followed = 0
  @redirect_limit = 10
end

Instance Attribute Details

#auth_credentials ⇒ Object (readonly)

Returns the value of attribute auth_credentials.

# File 'lib/chef/rest.rb', line 36

def auth_credentials
  @auth_credentials
end

#cookies ⇒ Object

Returns the value of attribute cookies.

# File 'lib/chef/rest.rb', line 37

def cookies
  @cookies
end

#redirect_limit ⇒ Object

Returns the value of attribute redirect_limit.

# File 'lib/chef/rest.rb', line 37

def redirect_limit
  @redirect_limit
end

#sign_on_redirect ⇒ Object

Returns the value of attribute sign_on_redirect.

# File 'lib/chef/rest.rb', line 37

def sign_on_redirect
  @sign_on_redirect
end

#url ⇒ Object

Returns the value of attribute url.

# File 'lib/chef/rest.rb', line 37

def url
  @url
end

Instance Method Details

#api_request(method, url, headers = {}, data = false) ⇒ Object

Runs an HTTP request to a JSON API. File Download not supported.

# File 'lib/chef/rest.rb', line 218

def api_request(method, url, headers={}, data=false)
  json_body = data ? Chef::JSONCompat.to_json(data) : nil
  # Force encoding to binary to fix SSL related EOFErrors
  # cf. http://tickets.opscode.com/browse/CHEF-2363
  # http://redmine.ruby-lang.org/issues/5233
  json_body.force_encoding(Encoding::BINARY) if json_body.respond_to?(:force_encoding)
  headers = build_headers(method, url, headers, json_body)

  retriable_rest_request(method, url, json_body, headers) do |rest_request|
    response = rest_request.call {|r| r.read_body}

    if response.kind_of?(Net::HTTPSuccess)
      if response['content-type'] =~ /json/
        Chef::JSONCompat.from_json(response.body.chomp)
      else
        Chef::Log.warn("Expected JSON response, but got content-type '#{response['content-type']}'")
        response.body
      end
    elsif redirect_location = redirected_to(response)
      follow_redirect {api_request(:GET, create_url(redirect_location))}
    else
      if response['content-type'] =~ /json/
        exception = Chef::JSONCompat.from_json(response.body)
        msg = "HTTP Request Returned #{response.code} #{response.message}: "
        msg << (exception["error"].respond_to?(:join) ? exception["error"].join(", ") : exception["error"].to_s)
        Chef::Log.info(msg)
      end
      response.error!
    end
  end
end

#authentication_headers(method, url, json_body = nil) ⇒ Object

# File 'lib/chef/rest.rb', line 326

def authentication_headers(method, url, json_body=nil)
  request_params = {:http_method => method, :path => url.path, :body => json_body, :host => "#{url.host}:#{url.port}"}
  request_params[:body] ||= ""
  auth_credentials.signature_headers(request_params)
end

#client_name ⇒ Object

# File 'lib/chef/rest.rb', line 57

def client_name
  @auth_credentials.client_name
end

#config ⇒ Object

# File 'lib/chef/rest.rb', line 340

def config
  Chef::Config
end

#create_url(path) ⇒ Object

# File 'lib/chef/rest.rb', line 142

def create_url(path)
  if path =~ /^(http|https):\/\//
    URI.parse(path)
  else
    URI.parse("#{@url}/#{path}")
  end
end

#delete_rest(path, headers = {}) ⇒ Object

Send an HTTP DELETE request to the path

# File 'lib/chef/rest.rb', line 119

def delete_rest(path, headers={})
  api_request(:DELETE, create_url(path), headers)
end

#fetch(path, headers = {}) ⇒ Object

Streams a download to a tempfile, then yields the tempfile to a block. After the download, the tempfile will be closed and unlinked. If you rename the tempfile, it will not be deleted. Beware that if the server streams infinite content, this method will stream it until you run out of disk space.

# File 'lib/chef/rest.rb', line 138

def fetch(path, headers={})
  streaming_request(create_url(path), headers) {|tmp_file| yield tmp_file }
end

#follow_redirect ⇒ Object

# File 'lib/chef/rest.rb', line 344

def follow_redirect
  raise Chef::Exceptions::RedirectLimitExceeded if @redirects_followed >= redirect_limit
  @redirects_followed += 1
  Chef::Log.debug("Following redirect #{@redirects_followed}/#{redirect_limit}")
  if @sign_on_redirect
    yield
  else
    @sign_request = false
    yield
  end
ensure
  @redirects_followed = 0
  @sign_request = true
end

#get_rest(path, raw = false, headers = {}) ⇒ Object

Send an HTTP GET request to the path

Using this method to fetch a file is considered deprecated.

Parameters

path

The path to GET

raw

Whether you want the raw body returned, or JSON inflated. Defaults

to JSON inflated.

# File 'lib/chef/rest.rb', line 110

def get_rest(path, raw=false, headers={})
  if raw
    streaming_request(create_url(path), headers)
  else
    api_request(:GET, create_url(path), headers)
  end
end

#http_retry_count ⇒ Object

# File 'lib/chef/rest.rb', line 336

def http_retry_count
  config[:http_retry_count]
end

#http_retry_delay ⇒ Object

# File 'lib/chef/rest.rb', line 332

def http_retry_delay
  config[:http_retry_delay]
end

#post_rest(path, json, headers = {}) ⇒ Object

Send an HTTP POST request to the path

# File 'lib/chef/rest.rb', line 124

def post_rest(path, json, headers={})
  api_request(:POST, create_url(path), headers, json)
end

#put_rest(path, json, headers = {}) ⇒ Object

Send an HTTP PUT request to the path

# File 'lib/chef/rest.rb', line 129

def put_rest(path, json, headers={})
  api_request(:PUT, create_url(path), headers, json)
end

#register(name = Chef::Config[:node_name], destination = Chef::Config[:client_key]) ⇒ Object

Register the client – Requires you to load chef/api_client beforehand. explicit require is removed since most users of this class have no need for chef/api_client. This functionality should be moved anyway…

# File 'lib/chef/rest.rb', line 70

def register(name=Chef::Config[:node_name], destination=Chef::Config[:client_key])
  if (File.exists?(destination) &&  !File.writable?(destination))
    raise Chef::Exceptions::CannotWritePrivateKey, "I cannot write your private key to #{destination} - check permissions?"
  end
  nc = Chef::ApiClient.new
  nc.name(name)

  catch(:done) do
    retries = config[:client_registration_retries] || 5
    0.upto(retries) do |n|
      begin
        response = nc.save(true, true)
        Chef::Log.debug("Registration response: #{response.inspect}")
        raise Chef::Exceptions::CannotWritePrivateKey, "The response from the server did not include a private key!" unless response.has_key?("private_key")
        # Write out the private key
        ::File.open(destination, "w") {|f|
          f.chmod(0600)
          f.print(response["private_key"])
        }
        throw :done
      rescue IOError
        raise Chef::Exceptions::CannotWritePrivateKey, "I cannot write your private key to #{destination}"
      rescue Net::HTTPFatalError => e
        Chef::Log.warn("Failed attempt #{n} of #{retries+1} on client creation")
        raise unless e.response.code == "500"
      end
    end
  end

  true
end

#retriable_rest_request(method, url, req_body, headers) ⇒ Object

# File 'lib/chef/rest.rb', line 286

def retriable_rest_request(method, url, req_body, headers)
  rest_request = Chef::REST::RESTRequest.new(method, url, req_body, headers)

  Chef::Log.debug("Sending HTTP Request via #{method} to #{url.host}:#{url.port}#{rest_request.path}")

  http_attempts = 0

  begin
    http_attempts += 1

    res = yield rest_request

  rescue SocketError, Errno::ETIMEDOUT => e
    e.message.replace "Error connecting to #{url} - #{e.message}"
    raise e
  rescue Errno::ECONNREFUSED
    if http_retry_count - http_attempts + 1 > 0
      Chef::Log.error("Connection refused connecting to #{url.host}:#{url.port} for #{rest_request.path}, retry #{http_attempts}/#{http_retry_count}")
      sleep(http_retry_delay)
      retry
    end
    raise Errno::ECONNREFUSED, "Connection refused connecting to #{url.host}:#{url.port} for #{rest_request.path}, giving up"
  rescue Timeout::Error
    if http_retry_count - http_attempts + 1 > 0
      Chef::Log.error("Timeout connecting to #{url.host}:#{url.port} for #{rest_request.path}, retry #{http_attempts}/#{http_retry_count}")
      sleep(http_retry_delay)
      retry
    end
    raise Timeout::Error, "Timeout connecting to #{url.host}:#{url.port} for #{rest_request.path}, giving up"
  rescue Net::HTTPFatalError => e
    if http_retry_count - http_attempts + 1 > 0
      sleep_time = 1 + (2 ** http_attempts) + rand(2 ** http_attempts)
      Chef::Log.error("Server returned error for #{url}, retrying #{http_attempts}/#{http_retry_count} in #{sleep_time}s")
      sleep(sleep_time)
      retry
    end
    raise
  end
end

#run_request(method, url, headers = {}, data = false, limit = nil, raw = false) ⇒ Object

DEPRECATED

Use api_request instead – Actually run an HTTP request. First argument is the HTTP method, which should be one of :GET, :PUT, :POST or :DELETE. Next is the URL, then an object to include in the body (which will be converted with .to_json). The limit argument is unused, it is present for backwards compatibility. Configure the redirect limit with #redirect_limit= instead.

Typically, you won’t use this method – instead, you’ll use one of the helper methods (get_rest, post_rest, etc.)

Will return the body of the response on success.

# File 'lib/chef/rest.rb', line 168

def run_request(method, url, headers={}, data=false, limit=nil, raw=false)
  json_body = data ? Chef::JSONCompat.to_json(data) : nil
  # Force encoding to binary to fix SSL related EOFErrors
  # cf. http://tickets.opscode.com/browse/CHEF-2363
  # http://redmine.ruby-lang.org/issues/5233
  json_body.force_encoding(Encoding::BINARY) if json_body.respond_to?(:force_encoding)
  headers = build_headers(method, url, headers, json_body, raw)

  tf = nil

  retriable_rest_request(method, url, json_body, headers) do |rest_request|

    res = rest_request.call do |response|
      if raw
        tf = stream_to_tempfile(url, response)
      else
        response.read_body
      end
    end

    if res.kind_of?(Net::HTTPSuccess)
      if res['content-type'] =~ /json/
        response_body = res.body.chomp
        Chef::JSONCompat.from_json(response_body)
      else
        if method == :HEAD
          true
        elsif raw
          tf
        else
          res.body
        end
      end
    elsif res.kind_of?(Net::HTTPFound) or res.kind_of?(Net::HTTPMovedPermanently)
      follow_redirect {run_request(method, create_url(res['location']), headers, false, nil, raw)}
    elsif res.kind_of?(Net::HTTPNotModified)
      false
    else
      if res['content-type'] =~ /json/
        exception = Chef::JSONCompat.from_json(res.body)
        msg = "HTTP Request Returned #{res.code} #{res.message}: "
        msg << (exception["error"].respond_to?(:join) ? exception["error"].join(", ") : exception["error"].to_s)
        Chef::Log.warn(msg)
      end
      res.error!
    end
  end
end

#sign_requests? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/chef/rest.rb', line 150

def sign_requests?
  auth_credentials.sign_requests? && @sign_request
end

#signing_key ⇒ Object

# File 'lib/chef/rest.rb', line 61

def signing_key
  @auth_credentials.raw_key
end

#signing_key_filename ⇒ Object

# File 'lib/chef/rest.rb', line 53

def signing_key_filename
  @auth_credentials.key_file
end

#streaming_request(url, headers, &block) ⇒ Object

Makes a streaming download request. Doesn’t speak JSON. Streams the response body to a tempfile. If a block is given, it’s passed to Tempfile.open(), which means that the tempfile will automatically be unlinked after the block is executed.

If no block is given, the tempfile is returned, which means it’s up to you to unlink the tempfile when you’re done with it.

# File 'lib/chef/rest.rb', line 257

def streaming_request(url, headers, &block)
  headers = build_headers(:GET, url, headers, nil, true)
  retriable_rest_request(:GET, url, nil, headers) do |rest_request|
    tempfile = nil
    response = rest_request.call do |r|
      if block_given? && r.kind_of?(Net::HTTPSuccess)
        begin
          tempfile = stream_to_tempfile(url, r, &block)
          yield tempfile
        ensure
          tempfile.close!
        end
      else
        tempfile = stream_to_tempfile(url, r)
      end
    end
    if response.kind_of?(Net::HTTPSuccess)
      tempfile
    elsif redirect_location = redirected_to(response)
      # TODO: test tempfile unlinked when following redirects.
      tempfile && tempfile.close!
      follow_redirect {streaming_request(create_url(redirect_location), {}, &block)}
    else
      tempfile && tempfile.close!
      response.error!
    end
  end
end