train-rest 0.3.1 → 0.4.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fd4a52ed234249cf9ae6c2de31b9883061ca31a9d34eb155a5f11e09b461b239
-  data.tar.gz: af4665c3c3637eb4c961f5419af4f145c85a2a60ff4125cfa9bc49800e21dae1
+  metadata.gz: a003dbd0ea47ee7eb23e2173036951f9104493a761a7e1d8d9e1798ce933ddc3
+  data.tar.gz: ee585ad7ed98f701e20fe3d48384260073df3f69eb102faa05d79eb118a63f95
 SHA512:
-  metadata.gz: db180b1416450c343f28be8d2223d5610b4a7ec75216d43f4343842250a47149bad30f5f2436e336bff1d3504e5cb817916ef44adf95ae9c65663f8cc56af0ef
-  data.tar.gz: 586b34568e078702c3ecabf1f40c6a61bdd4557cf95b953389813563f9d023d5239574d621870f319092e7d33bd436bfc8674a8ca8dc4635d52ef8564f125814
+  metadata.gz: 6440c9ff603fe5af0042cd925c4c3729552fb65cc8a41162e4991e9301149ba3795bbf5fffcff87990d52f784331839ff70f99b20d9fceb230785d4e9cc1ba38
+  data.tar.gz: e92001e986dce6ead7361cb6b3e55213a1c17ba517a62ed99ce9b0275dc689857cec05e05d9b58a6039e1971c3ec7773a9622bb271d4d8f5c495d4bb1c6f6306

data/lib/train-rest/auth_handler/authtype-apikey.rb

@@ -0,0 +1,24 @@
+require "base64" unless defined?(Base64)
+
+require_relative "../auth_handler"
+
+module TrainPlugins
+  module Rest
+    # Authentication via "Apikey" type in Authorization headers.
+    #
+    # Could not find a norm for this, just references in e.g. ElasticSearch & Cloud Conformity APIs.
+    class AuthtypeApikey < AuthHandler
+      def check_options
+        raise ArgumentError.new("Need :apikey for `Authorization: Apikey` authentication") unless options[:apikey]
+      end
+
+      def auth_parameters
+        {
+          headers: {
+            "Authorization" => format("Apikey %s", options[:apikey]),
+          },
+        }
+      end
+    end
+  end
+end

data/lib/train-rest/auth_handler/basic.rb

@@ -4,11 +4,13 @@ require_relative "../auth_handler"
 
 module TrainPlugins
   module Rest
-    # Authentication via HTTP Basic Authentication
+    # Authentication via Basic Authentication.
+    #
+    # @see https://www.rfc-editor.org/rfc/rfc2617#section-4.1
     class Basic < AuthHandler
       def check_options
-        raise ArgumentError.new("Need username for Basic authentication") unless options[:username]
-        raise ArgumentError.new("Need password for Basic authentication") unless options[:password]
+        raise ArgumentError.new("Need :username for Basic authentication") unless options[:username]
+        raise ArgumentError.new("Need :password for Basic authentication") unless options[:password]
       end
 
       def auth_parameters

data/lib/train-rest/auth_handler/bearer.rb

@@ -0,0 +1,24 @@
+require "base64" unless defined?(Base64)
+
+require_relative "../auth_handler"
+
+module TrainPlugins
+  module Rest
+    # Authentication via Bearer Authentication.
+    #
+    # @see https://datatracker.ietf.org/doc/html/rfc6750#section-2.1
+    class Bearer < AuthHandler
+      def check_options
+        raise ArgumentError.new("Need :token for Bearer authentication") unless options[:token]
+      end
+
+      def auth_parameters
+        {
+          headers: {
+            "Authorization" => format("Bearer %s", options[:token]),
+          },
+        }
+      end
+    end
+  end
+end

data/lib/train-rest/auth_handler/header.rb

@@ -0,0 +1,24 @@
+require_relative "../auth_handler"
+
+module TrainPlugins
+  module Rest
+    # Authentication via additional Header.
+    #
+    # Header name defaults to "X-API-Key"
+    class Header < AuthHandler
+      def check_options
+        raise ArgumentError.new("Need :apikey for Header-based authentication") unless options[:apikey]
+
+        options[:header] = "X-API-Key" unless options[:header]
+      end
+
+      def auth_parameters
+        {
+          headers: {
+            options[:header] => options[:apikey],
+          },
+        }
+      end
+    end
+  end
+end

data/lib/train-rest/auth_handler.rb

@@ -13,7 +13,16 @@ module TrainPlugins
       #
       # @return [String]
       def self.name
-        self.to_s.split("::").last.downcase
+        class_name = self.to_s.split("::").last
+
+        convert_to_snake_case(class_name)
+      end
+
+      # List authentication handlers
+      #
+      # @return [Array] Classes derived from `AuthHandler`
+      def self.descendants
+        ObjectSpace.each_object(Class).select { |klass| klass < self }
       end
 
       # Store authenticator options and trigger validation
@@ -29,10 +38,18 @@ module TrainPlugins
       # @raise [ArgumentError] if options are not as needed
       def check_options; end
 
-      # Handle Login
+      # Handle login
       def login; end
 
-      # Handle Logout
+      # Handle session renewal
+      def renew_session; end
+
+      # Return if session renewal needs to happen soon
+      #
+      # @return [Boolean]
+      def renewal_needed?; end
+
+      # Handle logout
       def logout; end
 
       # Headers added to the rest-client call
@@ -50,11 +67,21 @@ module TrainPlugins
         { headers: auth_headers }
       end
 
-      # List authentication handlers
-      #
-      # @return [Array] Classes derived from `AuthHandler`
-      def self.descendants
-        ObjectSpace.each_object(Class).select { |klass| klass < self }
+      class << self
+        private
+
+        # Convert a class name to snake case.
+        #
+        # @param [String] Class name
+        # @return [String]
+        # @see https://github.com/chef/chef/blob/main/lib/chef/mixin/convert_to_class_name.rb
+        def convert_to_snake_case(str)
+          str = str.dup
+          str.gsub!(/[A-Z]/) { |s| "_" + s }
+          str.downcase!
+          str.sub!(/^\_/, "")
+          str
+        end
       end
     end
   end

data/lib/train-rest/connection.rb

@@ -86,14 +86,18 @@ module TrainPlugins
 
       # User-faced API
 
+      # Allow (programmatically) setting additional headers apart from global transport configuration
+      attr_accessor :override_headers
+
       %i{get post put patch delete head}.each do |method|
-        define_method(method) do |path, *parameters|
-          # TODO: "warning: Using the last argument as keyword parameters is deprecated; maybe ** should be added to the call"
-          request(path, method, *parameters)
+        define_method(method) do |path, **keywords|
+          request(path, method, **keywords)
         end
       end
 
       def request(path, method = :get, request_parameters: {}, data: nil, headers: {}, json_processing: true)
+        auth_handler.renew_session if auth_handler.renewal_needed?
+
         parameters = global_parameters.merge(request_parameters)
 
         parameters[:method] = method
@@ -107,7 +111,9 @@ module TrainPlugins
           parameters[:payload] = data
         end
 
-        parameters[:headers].merge! headers
+        # Merge override headers + request specific headers
+        parameters[:headers].merge!(override_headers || {})
+        parameters[:headers].merge!(headers)
         parameters.compact!
 
         logger.info format("[REST] => %s", parameters.to_s) if options[:debug_rest]
@@ -117,6 +123,27 @@ module TrainPlugins
         transform_response(response, json_processing)
       end
 
+      # Allow switching generic handlers for an API-specific one.
+      #
+      # New handler needs to be loaded prior and be derived from TrainPlugins::REST::AuthHandler.
+      def switch_auth_handler(new_handler)
+        return if active_auth_handler == new_handler
+
+        logout
+
+        options[:auth_type] = new_handler.to_sym
+        @auth_handler = nil
+
+        login
+      end
+
+      # Return active auth handler.
+      #
+      # @return [Symbol]
+      def active_auth_handler
+        options[:auth_type]
+      end
+
       # Auth Handlers-faced API
 
       def auth_parameters

data/lib/train-rest/version.rb

@@ -1,5 +1,5 @@
 module TrainPlugins
   module Rest
-    VERSION = "0.3.1".freeze
+    VERSION = "0.4.1".freeze
   end
 end

data/lib/train-rest.rb

@@ -7,5 +7,8 @@ require "train-rest/transport"
 require "train-rest/connection"
 
 require "train-rest/auth_handler/anonymous"
+require "train-rest/auth_handler/authtype-apikey"
+require "train-rest/auth_handler/header"
 require "train-rest/auth_handler/basic"
+require "train-rest/auth_handler/bearer"
 require "train-rest/auth_handler/redfish"

data/train-rest.gemspec

@@ -9,21 +9,21 @@ Gem::Specification.new do |spec|
   spec.email         = ["theinen@tecracer.de"]
   spec.summary       = "Train transport for REST"
   spec.description   = "Provides a transport to communicate easily with RESTful APIs."
-  spec.homepage      = "https://github.com/sgre-chef/train-rest"
+  spec.homepage      = "https://github.com/tecracer-chef/train-rest"
   spec.license       = "Apache-2.0"
 
   spec.files = %w{
-    README.md train-rest.gemspec Gemfile
+    train-rest.gemspec
   } + Dir.glob(
     "lib/**/*", File::FNM_DOTMATCH
   ).reject { |f| File.directory?(f) }
   spec.require_paths = ["lib"]
 
-  spec.add_dependency "train", "~> 3.0"
+  spec.add_dependency "train-core", "~> 3.0"
   spec.add_dependency "rest-client", "~> 2.1"
 
   spec.add_development_dependency "bump", "~> 0.9"
-  spec.add_development_dependency "chefstyle", "~> 0.14"
+  spec.add_development_dependency "chefstyle", "~> 2.2"
   spec.add_development_dependency "guard", "~> 2.16"
   spec.add_development_dependency "mdl", "~> 0.9"
   spec.add_development_dependency "rake", "~> 13.0"

metadata

@@ -1,17 +1,17 @@
 --- !ruby/object:Gem::Specification
 name: train-rest
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.4.1
 platform: ruby
 authors:
 - Thomas Heinen
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-10-08 00:00:00.000000000 Z
+date: 2022-02-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: train
+  name: train-core
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
@@ -58,14 +58,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.14'
+        version: '2.2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.14'
+        version: '2.2'
 - !ruby/object:Gem::Dependency
   name: guard
   requirement: !ruby/object:Gem::Requirement
@@ -115,18 +115,19 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- Gemfile
-- README.md
 - lib/train-rest.rb
 - lib/train-rest/auth_handler.rb
 - lib/train-rest/auth_handler/anonymous.rb
+- lib/train-rest/auth_handler/authtype-apikey.rb
 - lib/train-rest/auth_handler/basic.rb
+- lib/train-rest/auth_handler/bearer.rb
+- lib/train-rest/auth_handler/header.rb
 - lib/train-rest/auth_handler/redfish.rb
 - lib/train-rest/connection.rb
 - lib/train-rest/transport.rb
 - lib/train-rest/version.rb
 - train-rest.gemspec
-homepage: https://github.com/sgre-chef/train-rest
+homepage: https://github.com/tecracer-chef/train-rest
 licenses:
 - Apache-2.0
 metadata: {}
@@ -145,7 +146,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.0.3.1
 signing_key: 
 specification_version: 4
 summary: Train transport for REST

data/Gemfile

@@ -1,3 +0,0 @@
-source "https://rubygems.org"
-
-gemspec

data/README.md

@@ -1,246 +0,0 @@
-# train-rest - Train transport
-
-Provides a transport to communicate easily with RESTful APIs.
-
-## Requirements
-
-- Gem `rest-client` in Version 2.1
-
-## Installation
-
-You will have to build this gem yourself to install it as it is not yet on
-Rubygems.Org. For this there is a rake task which makes this a one-liner:
-
-```bash
-rake install:local
-```
-
-## Transport parameters
-
-| Option               | Explanation                             | Default     |
-| -------------------- | --------------------------------------- | ----------- |
-| `endpoint`           | Endpoint of the REST API                | _required_  |
-| `verify_ssl`         | Check certificate and chain             | true        |
-| `auth_type`          | Authentication type                     | `anonymous` |
-| `debug_rest`         | Enable debugging of HTTP traffic        | false       |
-| `logger`             | Alternative logging class               |             |
-
-## Authenticators
-
-### Anonymous
-
-Identifier: `auth_type: :anonymous`
-
-No actions for authentication, logging in/out or session handing are made. This
-assumes a public API.
-
-### Basic Authentication
-
-Identifier: `auth_type: :basic`
-
-| Option               | Explanation                             | Default     |
-| -------------------- | --------------------------------------- | ----------- |
-| `username`           | Username for `basic` authentication     | _required_  |
-| `password`           | Password for `basic` authentication     | _required_  |
-
-If you supply a `username` and a `password`, authentication will automatically
-switch to `basic`.
-
-### Redfish
-
-Identifier: `auth_type: :redfish`
-
-| Option               | Explanation                             | Default     |
-| -------------------- | --------------------------------------- | ----------- |
-| `username`           | Username for `redfish` authentication   | _required_  |
-| `password`           | Password for `redfish` authentication   | _required_  |
-
-For access to integrated management controllers on standardized server hardware.
-The Redfish standard is defined in <http://www.dmtf.org/standards/redfish> and
-this handler does initial login, reuses the received session and logs out when
-closing the transport cleanly.
-
-Known vendors which implement RedFish based management for their systems include
-HPE, Dell, IBM, SuperMicro, Lenovo, Huawei and others.
-
-## Debugging and use in Chef
-
-You can activate debugging by setting the `debug_rest` flag to `true'. Please
-note, that this will also log any confidential parts of HTTP traffic as well.
-
-For better integration into Chef custom resources, all REST debug output will
-be printed on `info` level. This allows debugging Chef resources without
-crawling through all other debug output:
-
-```ruby
-train  = Train.create('rest', {
-            endpoint:   'https://api.example.com/v1/',
-            debug_rest: true,
-            logger:     Chef::Log
-         })
-```
-
-## Request Methods
-
-This transport does not implement the `run_command` method, as there is no
-line-based protocol to execute commands against. Instead, it implements its own
-custom methods which suit REST interfaces. Trying to call this method will
-throw an Exception.
-
-### Generic Request
-
-The `request` methods allows to send free-form requests against any defined or
-custom methods.
-
-`request(path, method = :get, request_parameters: {}, data: nil, headers: {},
-json_processing: true)`
-
-- `path`: The path to request, which will be appended to the `endpoint`
-- `method`: The HTTP method in Ruby Symbol syntax
-- `request_parameters`: A hash of parameters to the `rest-client` request
-  method for additional settings
-- `data`: Data for actions like `:post` or `:put`. Not all methods accept
-  a data body.
-- `headers`: Additional headers for the request
-- `json_processing`: If the response is a JSON and you want to receive a
-  processed Hash/Array instead of text
-
-For `request_parameters` and `headers`, there is data mixed in to add
-authenticator responses, JSON processing etc. Please check the
-implementation in `connection.rb` for details.
-
-### Convenience Methods
-
-Simplified wrappers are generated for the most common request types:
-
-- `delete(path, request_parameters: {}, headers: {}, json_processing: true)`
-- `head(path, request_parameters: {}, headers: {}, json_processing: true)`
-- `get(path, request_parameters: {}, headers: {}, json_processing: true)`
-- `post(path, request_parameters: {}, data: nil, headers: {}, json_processing: true)`
-- `put(path, request_parameters: {}, data: nil, headers: {}, json_processing: true)`
-- `patch(path, request_parameters: {}, data: nil, headers: {}, json_processing: true)`
-
-## Example use
-
-```ruby
-require 'train-rest'
-
-train  = Train.create('rest', {
-            endpoint: 'https://api.example.com/v1/',
-
-            logger:   Logger.new($stdout, level: :info)
-         })
-conn   = train.connection
-
-# Get some hypothetical data
-data   = conn.get('device/1/settings')
-
-# Modify + Patch
-data['disabled'] = false
-conn.patch('device/1/settings', data)
-
-conn.close
-```
-
-Example for basic authentication:
-
-```ruby
-require 'train-rest'
-
-# This will immediately do a login and add headers
-train  = Train.create('rest', {
-            endpoint: 'https://api.example.com/v1/',
-
-            auth_type: :basic,
-            username: 'admin',
-            password: '*********'
-         })
-conn   = train.connection
-
-# ... do work, each request will resend Basic authentication headers ...
-
-conn.close
-```
-
-Example for logging into a RedFish based system. Please note that the RedFish
-authentication handler will append `redfish/v1` to the endpoint automatically,
-if it is not present.
-
-Due to this, you can use RedFish systems either with a base URL like in the
-example below or with a full one. Your own code needs to match the style
-you choose.
-
-```ruby
-require 'train-rest'
-
-# This will immediately do a login and add headers
-train  = Train.create('rest', {
-            endpoint: 'https://10.20.30.40',
-            verify_ssl: false,
-
-            auth_type: :redfish,
-            username: 'iloadmin',
-            password: '*********'
-         })
-conn   = train.connection
-
-# ... do work ...
-
-# Handles logout as well
-conn.close
-```
-
-## Use with Redfish, Your Custom Resources and Chef Target Mode
-
-1. Set up a credentials file under `~/.chef/credentials` or `/etc/chef/credentials`:
-
-   ```toml
-   ['10.0.0.1']
-   endpoint = 'https://10.0.0.1/redfish/v1/'
-   username = 'user'
-   password = 'pass'
-   verify_ssl = false
-   auth_type = 'redfish'
-   ```
-
-1. Configure Chef to use the REST transport in `client.rb`:
-
-   ```toml
-   target_mode.protocol = "rest"
-   ```
-
-1. Write your custom resources for REST APIs
-1. Mark them up using the REST methods for target mode:
-
-   ```ruby
-   provides :rest_resource, target_mode: true, platform: 'rest'
-   ```
-
-1. Run against the defiend targets via Chef Target Mode:
-
-   ```shell
-   chef-client --local-mode --target 10.0.0.1 --runlist 'recipe[my-cookbook::setup]'
-   ```
-
-## Use with Prerecorded API responses
-
-For testing during and after development, not all APIs can be used to verify your solution against.
-The VCR gem offers the possibility to hook into web requests and intercept them to play back canned
-responses.
-
-Please read the documentation of the VCR gem on how to record your API and the concepts like
-"cassettes", "libraries" and matchers.
-
-The following options are available in train-rest for this:
-
-| Option               | Explanation                             | Default      |
-| -------------------- | --------------------------------------- | ------------ |
-| `vcr_cassette`       | Name of the response file               | nil          |
-| `vcr_library`        | Directory to search responses in        | `vcr`        |
-| `vcr_match_on`       | Elements to match request by            | `method uri` |
-| `vcr_record`         | Recording mode                          | `none`       |
-| `vcr_hook_into`      | Base library for intercepting           | `webmock`    |
-
-VCR will only be required as a Gem and activated, if you supply a cassette name.
-
-You can use all these settings in your Chef Target Mode `credentials` file as well.