class Ridley::Middleware::ChefAuth

Attributes

client_key[R]
client_name[R]

Public Class Methods

authentication_headers(client_name, client_key, options = {}) click to toggle source

Generate authentication headers for a request to a Chef Server

@param [String] client_name @param [String] client_key

the path OR actual client key

@option options [String] :host

@see {#signing_object} for options

# File lib/ridley/middleware/chef_auth.rb, line 18
def authentication_headers(client_name, client_key, options = {})
  contents = File.exists?(client_key) ? File.read(client_key) : client_key.to_s
  rsa_key = OpenSSL::PKey::RSA.new(contents)

  headers = signing_object(client_name, options).sign(rsa_key).merge(host: options[:host])
  headers.inject({}) { |memo, kv| memo["#{kv[0].to_s.upcase}"] = kv[1];memo }
end
new(app, client_name, client_key) click to toggle source
Calls superclass method
# File lib/ridley/middleware/chef_auth.rb, line 53
def initialize(app, client_name, client_key)
  super(app)
  @client_name = client_name
  @client_key  = client_key
end
signing_object(client_name, options = {}) click to toggle source

Create a signing object for a Request to a Chef Server

@param [String] client_name

@option options [String] :http_method @option options [String] :path @option options [String] :body @option options [Time] :timestamp

@return [SigningObject]

# File lib/ridley/middleware/chef_auth.rb, line 36
def signing_object(client_name, options = {})
  options = options.reverse_merge(
    body: String.new,
    timestamp: Time.now.utc.iso8601
  )
  options[:user_id]       = client_name
  options[:proto_version] = "1.0"

  SignedHeaderAuth.signing_object(options)
end

Public Instance Methods

call(env) click to toggle source
# File lib/ridley/middleware/chef_auth.rb, line 59
def call(env)
  signing_options = {
    http_method: env[:method],
    host: "#{env[:url].host}:#{env[:url].port}",
    path: env[:url].path,
    body: env[:body] || ''
  }
  authentication_headers = self.class.authentication_headers(client_name, client_key, signing_options)

  env[:request_headers] = default_headers.merge(env[:request_headers]).merge(authentication_headers)
  env[:request_headers] = env[:request_headers].merge('Content-Length' => env[:body].bytesize.to_s) if env[:body]

  log.debug { "==> performing authenticated Chef request as '#{client_name}'"}
  log.debug { "request env: #{env}"}

  @app.call(env)
end

Private Instance Methods

default_headers() click to toggle source
# File lib/ridley/middleware/chef_auth.rb, line 79
def default_headers
  {
    'Accept' => 'application/json',
    'Content-Type' => 'application/json',
    'X-Chef-Version' => Ridley::CHEF_VERSION
  }
end