Module: Conjur::API::Router

Extended by:
Router, Escape::ClassMethods
Included in:
Router
Defined in:
lib/conjur/api/router.rb

Overview

Router translates method arguments to rest-ful API request parameters. because of this, most of the methods suffer from :reek:LongParameterList: and :reek:UtilityFunction:

Instance Method Summary collapse

Methods included from Escape::ClassMethods

fully_escape, path_escape, path_or_query_escape, query_escape

Instance Method Details

#authentication_providers(account, authenticator, credentials) ⇒ Object



78
79
80
81
82
83
# File 'lib/conjur/api/router.rb', line 78

def authentication_providers(, authenticator, credentials)
  RestClient::Resource.new(
    Conjur.configuration.core_url,
    Conjur.configuration.create_rest_client_options(credentials)
  )[fully_escape authenticator][fully_escape ]['providers']
end

#authenticator(account, authenticator, service_id, credentials) ⇒ Object



64
65
66
67
68
69
# File 'lib/conjur/api/router.rb', line 64

def authenticator , authenticator, service_id, credentials
  RestClient::Resource.new(
    Conjur.configuration.core_url,
    Conjur.configuration.create_rest_client_options(credentials)
  )[fully_escape authenticator][fully_escape service_id][fully_escape ]
end

#authenticator_authenticate(account, service_id, authenticator, options) ⇒ Object



57
58
59
60
61
62
# File 'lib/conjur/api/router.rb', line 57

def authenticator_authenticate(, service_id, authenticator, options)
  RestClient::Resource.new(
    Conjur.configuration.core_url,
    Conjur.configuration.rest_client_options
  )[fully_escape authenticator][fully_escape service_id][fully_escape ]['authenticate'][options_querystring options]
end

#authenticatorsObject



71
72
73
74
75
76
# File 'lib/conjur/api/router.rb', line 71

def authenticators
  RestClient::Resource.new(
    Conjur.configuration.core_url,
    Conjur.configuration.rest_client_options
  )['authenticators']
end

#authn_authenticate(account, username) ⇒ Object



38
39
40
41
42
43
# File 'lib/conjur/api/router.rb', line 38

def authn_authenticate , username
  RestClient::Resource.new(
    Conjur.configuration.authn_url,
    Conjur.configuration.rest_client_options
  )[fully_escape ][fully_escape username]['authenticate']
end

#authn_authenticate_local(username, account, expiration, cidr, &block) ⇒ Object

The authn-local message is a JSON string with account, sub, and optional fields.



86
87
88
89
90
91
# File 'lib/conjur/api/router.rb', line 86

def authn_authenticate_local username, , expiration, cidr, &block
  { account: , sub: username }.tap do |params|
    params[:exp] = expiration if expiration
    params[:cidr] = cidr if cidr
  end.to_json
end

#authn_cert_authenticate(account, service_id, host_id, cert_options) ⇒ Object

Builds the RestClient::Resource for an authn-cert authentication request. cert_options must include :ssl_client_cert and :ssl_client_key so that the client certificate is presented during the TLS handshake.



48
49
50
51
52
53
54
55
# File 'lib/conjur/api/router.rb', line 48

def authn_cert_authenticate , service_id, host_id, cert_options
  options = Conjur.configuration.create_rest_client_options(cert_options)
  resource = RestClient::Resource.new(
    Conjur.configuration.core_url,
    options
  )['authn-cert'][fully_escape service_id][fully_escape ]
  host_id ? resource[fully_escape host_id]['authenticate'] : resource['authenticate']
end

#authn_login(account, username, password) ⇒ Object



28
29
30
31
32
33
34
35
36
# File 'lib/conjur/api/router.rb', line 28

def  , username, password
  RestClient::Resource.new(
    Conjur.configuration.authn_url,
    Conjur.configuration.create_rest_client_options(
      user: username,
      password: password
    )
  )[fully_escape ]['login']
end

#authn_rotate_api_key(credentials, account, id) ⇒ Object



103
104
105
106
107
108
# File 'lib/conjur/api/router.rb', line 103

def authn_rotate_api_key credentials, , id
  RestClient::Resource.new(
    Conjur.configuration.core_url,
    Conjur.configuration.create_rest_client_options(credentials)
  )['authn'][fully_escape ]["api_key?role=#{id}"]
end

#authn_rotate_own_api_key(account, username, password) ⇒ Object



110
111
112
113
114
115
116
117
118
# File 'lib/conjur/api/router.rb', line 110

def authn_rotate_own_api_key , username, password
  RestClient::Resource.new(
    Conjur.configuration.authn_url,
    Conjur.configuration.create_rest_client_options(
      user: username,
      password: password
    )
  )[fully_escape ]['api_key']
end

#authn_update_password(account, username, password) ⇒ Object



93
94
95
96
97
98
99
100
101
# File 'lib/conjur/api/router.rb', line 93

def authn_update_password , username, password
  RestClient::Resource.new(
    Conjur.configuration.authn_url,
    Conjur.configuration.create_rest_client_options(
      user: username,
      password: password
    )
  )[fully_escape ]['password']
end

#group_attributes(credentials, resource, id) ⇒ Object



223
224
225
# File 'lib/conjur/api/router.rb', line 223

def group_attributes credentials, resource, id
  resource_annotations resource
end

#host_factory_create_host(token) ⇒ Object



120
121
122
123
124
125
126
127
128
# File 'lib/conjur/api/router.rb', line 120

def host_factory_create_host token
  http_options = {
    headers: { authorization: %Q(Token token="#{token}") }
  }
  RestClient::Resource.new(
    Conjur.configuration.core_url,
    Conjur.configuration.create_rest_client_options(http_options)
  )["host_factories"]["hosts"]
end

#host_factory_create_tokens(credentials, id) ⇒ Object



130
131
132
133
134
135
# File 'lib/conjur/api/router.rb', line 130

def host_factory_create_tokens credentials, id
  RestClient::Resource.new(
    Conjur.configuration.core_url,
    Conjur.configuration.create_rest_client_options(credentials)
  )['host_factory_tokens']
end

#host_factory_revoke_token(credentials, token) ⇒ Object



137
138
139
140
141
142
# File 'lib/conjur/api/router.rb', line 137

def host_factory_revoke_token credentials, token
  RestClient::Resource.new(
    Conjur.configuration.core_url,
    Conjur.configuration.create_rest_client_options(credentials)
  )['host_factory_tokens'][token]
end

#ldap_sync_policy(credentials, config_name) ⇒ Object



257
258
259
260
261
262
# File 'lib/conjur/api/router.rb', line 257

def ldap_sync_policy(credentials, config_name)
  RestClient::Resource.new(
    Conjur.configuration.core_url,
    Conjur.configuration.create_rest_client_options(credentials)
  )['ldap-sync']["policy?config_name=#{fully_escape(config_name)}"]
end

#parse_group_gidnumber(attributes) ⇒ Object



235
236
237
# File 'lib/conjur/api/router.rb', line 235

def parse_group_gidnumber attributes
  HasAttributes.annotation_value attributes, 'conjur/gidnumber'
end

#parse_members(credentials, result) ⇒ Object



251
252
253
254
255
# File 'lib/conjur/api/router.rb', line 251

def parse_members credentials, result
  result.map do |json|
    RoleGrant.parse_from_json(json, credentials)
  end
end

#parse_user_uidnumber(attributes) ⇒ Object



239
240
241
# File 'lib/conjur/api/router.rb', line 239

def parse_user_uidnumber attributes
  HasAttributes.annotation_value attributes, 'conjur/uidnumber'
end

#parse_variable_kind(attributes) ⇒ Object



243
244
245
# File 'lib/conjur/api/router.rb', line 243

def parse_variable_kind attributes
  HasAttributes.annotation_value attributes, 'conjur/kind'
end

#parse_variable_mime_type(attributes) ⇒ Object



247
248
249
# File 'lib/conjur/api/router.rb', line 247

def parse_variable_mime_type attributes
  HasAttributes.annotation_value attributes, 'conjur/mime_type'
end

#policies_load_policy(credentials, account, id) ⇒ Object



144
145
146
147
148
149
# File 'lib/conjur/api/router.rb', line 144

def policies_load_policy credentials, , id
  RestClient::Resource.new(
    Conjur.configuration.core_url,
    Conjur.configuration.create_rest_client_options(credentials)
  )['policies'][fully_escape ]['policy'][fully_escape id]
end

#public_keys_for_user(account, username) ⇒ Object



151
152
153
154
155
156
# File 'lib/conjur/api/router.rb', line 151

def public_keys_for_user , username
  RestClient::Resource.new(
    Conjur.configuration.core_url,
    Conjur.configuration.rest_client_options
  )['public_keys'][fully_escape ]['user'][fully_escape username]
end

#resources(credentials, account, kind, options) ⇒ Object



158
159
160
161
162
163
164
165
166
167
168
# File 'lib/conjur/api/router.rb', line 158

def resources credentials, , kind, options
  credentials ||= {}

  path = "/resources/#{fully_escape }"
  path += "/#{fully_escape kind}" if kind

  RestClient::Resource.new(
    Conjur.configuration.core_url,
    Conjur.configuration.create_rest_client_options(credentials)
  )[path][options_querystring options]
end

#resources_check(credentials, id, privilege, role) ⇒ Object



184
185
186
187
188
189
190
# File 'lib/conjur/api/router.rb', line 184

def resources_check credentials, id, privilege, role
  options = {}
  options[:check] = true
  options[:privilege] = privilege
  options[:role] = query_escape(Id.new(role)) if role
  resources_resource(credentials, id)[options_querystring options].get
end

#resources_permitted_roles(credentials, id, privilege) ⇒ Object



177
178
179
180
181
182
# File 'lib/conjur/api/router.rb', line 177

def resources_permitted_roles credentials, id, privilege
  options = {}
  options[:permitted_roles] = true
  options[:privilege] = privilege
  resources_resource(credentials, id)[options_querystring options]
end

#resources_resource(credentials, id) ⇒ Object



170
171
172
173
174
175
# File 'lib/conjur/api/router.rb', line 170

def resources_resource credentials, id
  RestClient::Resource.new(
    Conjur.configuration.core_url,
    Conjur.configuration.create_rest_client_options(credentials)
  )['resources'][id.to_url_path]
end

#roles_role(credentials, id) ⇒ Object



192
193
194
195
196
197
# File 'lib/conjur/api/router.rb', line 192

def roles_role credentials, id
  RestClient::Resource.new(
    Conjur.configuration.core_url,
    Conjur.configuration.create_rest_client_options(credentials)
  )['roles'][id.to_url_path]
end

#secrets_add(credentials, id) ⇒ Object



199
200
201
202
203
204
# File 'lib/conjur/api/router.rb', line 199

def secrets_add credentials, id
  RestClient::Resource.new(
    Conjur.configuration.core_url,
    Conjur.configuration.create_rest_client_options(credentials)
  )['secrets'][id.to_url_path]
end

#secrets_value(credentials, id, options) ⇒ Object



206
207
208
209
210
211
# File 'lib/conjur/api/router.rb', line 206

def secrets_value credentials, id, options
  RestClient::Resource.new(
    Conjur.configuration.core_url,
    Conjur.configuration.create_rest_client_options(credentials)
  )['secrets'][id.to_url_path][options_querystring options]
end

#secrets_values(credentials, variable_ids) ⇒ Object



213
214
215
216
217
218
219
220
221
# File 'lib/conjur/api/router.rb', line 213

def secrets_values credentials, variable_ids
  options = {
    variable_ids: Array(variable_ids).join(',')
  }
  RestClient::Resource.new(
    Conjur.configuration.core_url,
    Conjur.configuration.create_rest_client_options(credentials)
  )['secrets'][options_querystring(options).gsub("%2C", ',')]
end

#user_attributes(credentials, resource, id) ⇒ Object



231
232
233
# File 'lib/conjur/api/router.rb', line 231

def user_attributes credentials, resource, id
  resource_annotations resource
end

#variable_attributes(credentials, resource, id) ⇒ Object



227
228
229
# File 'lib/conjur/api/router.rb', line 227

def variable_attributes credentials, resource, id
  resource_annotations resource
end

#whoami(credentials) ⇒ Object



264
265
266
267
268
269
# File 'lib/conjur/api/router.rb', line 264

def whoami(credentials)
  RestClient::Resource.new(
    Conjur.configuration.core_url,
    Conjur.configuration.create_rest_client_options(credentials)
  )['whoami']
end