ipa-ruby 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/LICENSE +12 -0
- data/README.md +69 -0
- data/lib/ipa/client.rb +80 -0
- data/lib/ipa/version.rb +13 -0
- metadata +89 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 4aa29a3916121d99fd9408d251f1f4c9ff89ba47
|
4
|
+
data.tar.gz: fab5dc8814de9f8c9deaf7ee9a69706fbc70f11b
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: d3669dcc279138d1a5a24af6a46546d55e8d8195083538162a1a3768a6876acf426edb94e57d3bd6cb0c4e848e966167a712e3a08dbc1e36f692726064333d09
|
7
|
+
data.tar.gz: 18af66dc1227e8e9d1a0226ddce50ca64566842b1503e3fadfb0ded24ad42111fc63a18413ee01217079a2ebb84cd90fcb0275ea5b2574ee3987d683512c71ff
|
data/LICENSE
ADDED
@@ -0,0 +1,12 @@
|
|
1
|
+
Copyright 2016 Matteo Cerutti
|
2
|
+
|
3
|
+
Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
+
you may not use this file except in compliance with the License.
|
5
|
+
You may obtain a copy of the License at
|
6
|
+
http://www.apache.org/licenses/LICENSE-2.0
|
7
|
+
|
8
|
+
Unless required by applicable law or agreed to in writing, software
|
9
|
+
distributed under the License is distributed on an "AS IS" BASIS,
|
10
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
11
|
+
See the License for the specific language governing permissions and
|
12
|
+
limitations under the License.
|
data/README.md
ADDED
@@ -0,0 +1,69 @@
|
|
1
|
+
# Ruby client library for FreeIPA JSON API
|
2
|
+
This is a simple Ruby client library that allows to interact with the FreeIPA JSON API. It currently only supports authenticating via
|
3
|
+
Kerberos/GSSAPI tickets.
|
4
|
+
|
5
|
+
Pull requests to add additional API features are very welcome. I only implemented what I needed.
|
6
|
+
|
7
|
+
## Install
|
8
|
+
To install it simply issue the following command:
|
9
|
+
|
10
|
+
```
|
11
|
+
gem install ipa-ruby
|
12
|
+
```
|
13
|
+
|
14
|
+
## Usage
|
15
|
+
|
16
|
+
You can optionally pass a `ca_cert` keyword argument specifying the path to the FreeIPA CA certificate. Default is /etc/ipa/ca.crt.
|
17
|
+
```
|
18
|
+
require 'ipa'
|
19
|
+
ipa = IPA::Client.new(host: 'ipa.example.org')
|
20
|
+
```
|
21
|
+
|
22
|
+
Note that additional parameters can be passed via the `params` keyword argument.
|
23
|
+
|
24
|
+
Add a host (with a random password):
|
25
|
+
```
|
26
|
+
ipa.host_add(hostname: 'foo.example.org', force: true, random: true, all: true)
|
27
|
+
```
|
28
|
+
|
29
|
+
Add a host (with a specific password)
|
30
|
+
```
|
31
|
+
ipa.host_add(hostname: 'foo.example.org', force: true, userpassword: 'bar', all: true)
|
32
|
+
```
|
33
|
+
|
34
|
+
Delete a host:
|
35
|
+
```
|
36
|
+
ipa.host_del(hostname: 'foo.example.org')
|
37
|
+
```
|
38
|
+
|
39
|
+
Show a host:
|
40
|
+
```
|
41
|
+
ipa.host_show(hostname: 'foo.example.org', all: true)
|
42
|
+
```
|
43
|
+
|
44
|
+
Find hosts:
|
45
|
+
```
|
46
|
+
ipa.host_find(all: true, params: {:in_hostgroup => true})
|
47
|
+
```
|
48
|
+
|
49
|
+
Check if a host exists
|
50
|
+
```
|
51
|
+
if ipa.host_exists?('foo.example.org)
|
52
|
+
puts "Yep :)"
|
53
|
+
else
|
54
|
+
puts "Nope :("
|
55
|
+
end
|
56
|
+
```
|
57
|
+
|
58
|
+
## Todo
|
59
|
+
|
60
|
+
* Implement user API
|
61
|
+
* Implement group API
|
62
|
+
* Implement hostgroup API
|
63
|
+
* Implement sudocmd API
|
64
|
+
* Implement sudocmdgroup API
|
65
|
+
* Implement hbacrule API
|
66
|
+
* Implement hbacsvcgroup API
|
67
|
+
|
68
|
+
## Contact
|
69
|
+
Matteo Cerutti - matteo.cerutti@hotmail.co.uk
|
data/lib/ipa/client.rb
ADDED
@@ -0,0 +1,80 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
#
|
3
|
+
# client.rb
|
4
|
+
#
|
5
|
+
# Author: Matteo Cerutti <matteo.cerutti@hotmail.co.uk>
|
6
|
+
#
|
7
|
+
|
8
|
+
require 'httpclient'
|
9
|
+
require 'base64'
|
10
|
+
require 'gssapi'
|
11
|
+
require 'json'
|
12
|
+
|
13
|
+
module IPA
|
14
|
+
class Client
|
15
|
+
attr_reader :uri, :http, :headers
|
16
|
+
|
17
|
+
def initialize(host: nil, ca_cert: '/etc/ipa/ca.crt')
|
18
|
+
raise ArgumentError, 'Missing FreeIPA host' unless host
|
19
|
+
|
20
|
+
@uri = URI.parse("https://#{host}/ipa/json")
|
21
|
+
|
22
|
+
gssapi = GSSAPI::Simple.new(uri.host, 'HTTP')
|
23
|
+
# Initiate the security context
|
24
|
+
token = gssapi.init_context
|
25
|
+
|
26
|
+
@http = HTTPClient.new
|
27
|
+
@http.ssl_config.set_trust_ca(ca_cert)
|
28
|
+
@headers = {'referer' => "https://#{uri.host}/ipa/ui/index.html", 'Content-Type' => 'application/json', 'Accept' => 'application/json', 'Authorization' => "Negotiate #{Base64.strict_encode64(token)}"}
|
29
|
+
end
|
30
|
+
|
31
|
+
def api_post(method: nil, item: [], params: {})
|
32
|
+
raise ArgumentError, 'Missing method in API request' unless method
|
33
|
+
request = {}
|
34
|
+
request[:method] = method
|
35
|
+
request[:params] = [[item || []], params]
|
36
|
+
resp = self.http.post(self.uri, request.to_json, self.headers)
|
37
|
+
JSON.parse(resp.body)
|
38
|
+
end
|
39
|
+
|
40
|
+
def host_add(hostname: nil, all: false, force: false, random: nil, userpassword: nil, params: {})
|
41
|
+
raise ArgumentError, 'Hostname is required' unless hostname
|
42
|
+
|
43
|
+
params[:all] = all
|
44
|
+
params[:force] = force
|
45
|
+
params[:random] = random unless random.nil?
|
46
|
+
params[:userpassword] = userpassword unless userpassword.nil?
|
47
|
+
|
48
|
+
self.api_post(method: 'host_add', item: hostname, params: params)
|
49
|
+
end
|
50
|
+
|
51
|
+
def host_del(hostname: nil, params: {})
|
52
|
+
raise ArgumentError, 'Hostname is required' unless hostname
|
53
|
+
|
54
|
+
self.api_post(method: 'host_del', item: hostname, params: params)
|
55
|
+
end
|
56
|
+
|
57
|
+
def host_find(hostname: nil, all: false, params: {})
|
58
|
+
params[:all] = all
|
59
|
+
|
60
|
+
self.api_post(method: 'host_find', item: hostname, params: params)
|
61
|
+
end
|
62
|
+
|
63
|
+
def host_show(hostname: nil, all: false, params: {})
|
64
|
+
raise ArgumentError, 'Hostname is required' unless hostname
|
65
|
+
|
66
|
+
params[:all] = all
|
67
|
+
|
68
|
+
self.api_post(method: 'host_show', item: hostname, params: params)
|
69
|
+
end
|
70
|
+
|
71
|
+
def host_exists?(hostname)
|
72
|
+
resp = self.host_show(hostname: hostname)
|
73
|
+
if resp['error']
|
74
|
+
false
|
75
|
+
else
|
76
|
+
true
|
77
|
+
end
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
data/lib/ipa/version.rb
ADDED
metadata
ADDED
@@ -0,0 +1,89 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: ipa-ruby
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Matteo Cerutti
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2016-09-30 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: json
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: 1.7.0
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: 1.7.0
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: gssapi
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ">="
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: 1.1.2
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ">="
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: 1.1.2
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: httpclient
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - ">="
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: 2.4.0
|
48
|
+
type: :runtime
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ">="
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: 2.4.0
|
55
|
+
description: Ruby client library for FreeIPA JSON API
|
56
|
+
email: "<matteo.cerutti@hotmail.co.uk>"
|
57
|
+
executables: []
|
58
|
+
extensions: []
|
59
|
+
extra_rdoc_files: []
|
60
|
+
files:
|
61
|
+
- LICENSE
|
62
|
+
- README.md
|
63
|
+
- lib/ipa/client.rb
|
64
|
+
- lib/ipa/version.rb
|
65
|
+
homepage: https://github.com/m4ce/ipa-ruby
|
66
|
+
licenses:
|
67
|
+
- Apache 2.0
|
68
|
+
metadata: {}
|
69
|
+
post_install_message:
|
70
|
+
rdoc_options: []
|
71
|
+
require_paths:
|
72
|
+
- lib
|
73
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
74
|
+
requirements:
|
75
|
+
- - ">="
|
76
|
+
- !ruby/object:Gem::Version
|
77
|
+
version: '0'
|
78
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - ">="
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '0'
|
83
|
+
requirements: []
|
84
|
+
rubyforge_project:
|
85
|
+
rubygems_version: 2.4.5.1
|
86
|
+
signing_key:
|
87
|
+
specification_version: 4
|
88
|
+
summary: Ruby client library that allows to interact with the FreeIPA JSON API
|
89
|
+
test_files: []
|