ipa-ruby 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 4aa29a3916121d99fd9408d251f1f4c9ff89ba47
+  data.tar.gz: fab5dc8814de9f8c9deaf7ee9a69706fbc70f11b
+SHA512:
+  metadata.gz: d3669dcc279138d1a5a24af6a46546d55e8d8195083538162a1a3768a6876acf426edb94e57d3bd6cb0c4e848e966167a712e3a08dbc1e36f692726064333d09
+  data.tar.gz: 18af66dc1227e8e9d1a0226ddce50ca64566842b1503e3fadfb0ded24ad42111fc63a18413ee01217079a2ebb84cd90fcb0275ea5b2574ee3987d683512c71ff

data/LICENSE

@@ -0,0 +1,12 @@
+ Copyright 2016 Matteo Cerutti
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.

data/README.md

@@ -0,0 +1,69 @@
+# Ruby client library for FreeIPA JSON API
+This is a simple Ruby client library that allows to interact with the FreeIPA JSON API. It currently only supports authenticating via
+Kerberos/GSSAPI tickets.
+
+Pull requests to add additional API features are very welcome. I only implemented what I needed.
+
+## Install
+To install it simply issue the following command:
+
+```
+gem install ipa-ruby
+```
+
+## Usage
+
+You can optionally pass a `ca_cert` keyword argument specifying the path to the FreeIPA CA certificate. Default is /etc/ipa/ca.crt.
+```
+require 'ipa'
+ipa = IPA::Client.new(host: 'ipa.example.org')
+```
+
+Note that additional parameters can be passed via the `params` keyword argument.
+
+Add a host (with a random password):
+```
+ipa.host_add(hostname: 'foo.example.org', force: true, random: true, all: true)
+```
+
+Add a host (with a specific password)
+```
+ipa.host_add(hostname: 'foo.example.org', force: true, userpassword: 'bar', all: true)
+```
+
+Delete a host:
+```
+ipa.host_del(hostname: 'foo.example.org')
+```
+
+Show a host:
+```
+ipa.host_show(hostname: 'foo.example.org', all: true)
+```
+
+Find hosts:
+```
+ipa.host_find(all: true, params: {:in_hostgroup => true})
+```
+
+Check if a host exists
+```
+if ipa.host_exists?('foo.example.org)
+  puts "Yep :)"
+else
+  puts "Nope :("
+end
+```
+
+## Todo
+
+* Implement user API
+* Implement group API
+* Implement hostgroup API
+* Implement sudocmd API
+* Implement sudocmdgroup API
+* Implement hbacrule API
+* Implement hbacsvcgroup API
+
+## Contact
+Matteo Cerutti - matteo.cerutti@hotmail.co.uk

data/lib/ipa/client.rb

@@ -0,0 +1,80 @@
+#!/usr/bin/env ruby
+#
+# client.rb
+#
+# Author: Matteo Cerutti <matteo.cerutti@hotmail.co.uk>
+#
+
+require 'httpclient'
+require 'base64'
+require 'gssapi'
+require 'json'
+
+module IPA
+  class Client
+    attr_reader :uri, :http, :headers
+
+    def initialize(host: nil, ca_cert: '/etc/ipa/ca.crt')
+      raise ArgumentError, 'Missing FreeIPA host' unless host
+
+      @uri = URI.parse("https://#{host}/ipa/json")
+
+      gssapi = GSSAPI::Simple.new(uri.host, 'HTTP')
+      # Initiate the security context
+      token = gssapi.init_context
+
+      @http = HTTPClient.new
+      @http.ssl_config.set_trust_ca(ca_cert)
+      @headers = {'referer' => "https://#{uri.host}/ipa/ui/index.html", 'Content-Type' => 'application/json', 'Accept' => 'application/json', 'Authorization' => "Negotiate #{Base64.strict_encode64(token)}"}
+    end
+
+    def api_post(method: nil, item: [], params: {})
+      raise ArgumentError, 'Missing method in API request' unless method
+      request = {}
+      request[:method] = method
+      request[:params] = [[item || []], params]
+      resp = self.http.post(self.uri, request.to_json, self.headers)
+      JSON.parse(resp.body)
+    end
+
+    def host_add(hostname: nil, all: false, force: false, random: nil, userpassword: nil, params: {})
+      raise ArgumentError, 'Hostname is required' unless hostname
+
+      params[:all] = all
+      params[:force] = force
+      params[:random] = random unless random.nil?
+      params[:userpassword] = userpassword unless userpassword.nil?
+
+      self.api_post(method: 'host_add', item: hostname, params: params)
+    end
+
+    def host_del(hostname: nil, params: {})
+      raise ArgumentError, 'Hostname is required' unless hostname
+
+      self.api_post(method: 'host_del', item: hostname, params: params)
+    end
+
+    def host_find(hostname: nil, all: false, params: {})
+      params[:all] = all
+
+      self.api_post(method: 'host_find', item: hostname, params: params)
+    end
+
+    def host_show(hostname: nil, all: false, params: {})
+      raise ArgumentError, 'Hostname is required' unless hostname
+
+      params[:all] = all
+
+      self.api_post(method: 'host_show', item: hostname, params: params)
+    end
+
+    def host_exists?(hostname)
+      resp = self.host_show(hostname: hostname)
+      if resp['error']
+        false
+      else
+        true
+      end
+    end
+  end
+end

data/lib/ipa/version.rb

@@ -0,0 +1,13 @@
+#
+# version.rb
+#
+# Author: Matteo Cerutti <matteo.cerutti@hotmail.co.uk>
+#
+
+module IPA
+  VERSION = "0.0.1"
+
+  def self.version
+    VERSION
+  end
+end

metadata

@@ -0,0 +1,89 @@
+--- !ruby/object:Gem::Specification
+name: ipa-ruby
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Matteo Cerutti
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2016-09-30 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.7.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.7.0
+- !ruby/object:Gem::Dependency
+  name: gssapi
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.1.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.1.2
+- !ruby/object:Gem::Dependency
+  name: httpclient
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.4.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.4.0
+description: Ruby client library for FreeIPA JSON API
+email: "<matteo.cerutti@hotmail.co.uk>"
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE
+- README.md
+- lib/ipa/client.rb
+- lib/ipa/version.rb
+homepage: https://github.com/m4ce/ipa-ruby
+licenses:
+- Apache 2.0
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.5.1
+signing_key: 
+specification_version: 4
+summary: Ruby client library that allows to interact with the FreeIPA JSON API
+test_files: []