tss-sdk 0.0.0 → 0.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c4ed8a314a6339abf161455030a68b95b5acdf89c6b776874b49eaa96f27c07c
-  data.tar.gz: 8fb041e5ead5023d94ecb87ef7707a171c9801de3b3efb1b7bfe1355f4439385
+  metadata.gz: 721d5d13bfe6b37ede36b89c4dc99a06b72142b5f582d120b548e64811f50a94
+  data.tar.gz: 00dc1ba6c06debd7de0858f3ef06fcdb8465cdd179d83d7ce5d4ebc2b8ec3af0
 SHA512:
-  metadata.gz: c06b5b42b1da8a583a0e8c92475e95c574ee8ca5ac4ab88ae5f1abd71ae8bfc9cca50d333fc2b2ee6d01cc6f1f802ec9a6f966880f246d8a0a6d8297d0be857b
-  data.tar.gz: 0be9bab6d50434b47a9c5fe1c182bb93bb2ceba248275c698d25f06cba14072d0efba5225ca2ba5b280e7e6ec81da1799711b27427f72b479503638d251ea37a
+  metadata.gz: 7fdbd1fb0238c49c9d3811a85007b49f55cf8e260c1afaff960c902e33d5fbb0a506d9673159705ff7f4464bc73f08e2b9129e7bf6981a47e6c71ea5ef86a969
+  data.tar.gz: 9af2db55bf30fd0b4e3edfd503c8a75065d5bb11678a325d2f3878b5c7abe0126a277a2ac6e67f9887fadeb8ae93163c56d5344d60701f1b898b718d5111b8f5

data/lib/tss.rb

@@ -0,0 +1,187 @@
+require 'json'
+require 'faraday'
+require 'logger'
+
+##
+# If we're in the +test+ environment just dump logs to Null
+# Otherwise, use stdout
+if ENV['test']
+  $logger = Logger.new(IO::NULL)
+else
+  $logger = Logger.new(STDOUT)
+end
+
+##
+# Invoked when the API returns an +API_AccessDenied+ error
+class AccessDeniedException < StandardError; end;
+
+class InvalidConfigurationException < StandardError; end;
+class InvalidCredentialsException < StandardError; end;
+class InvalidMethodTypeException < StandardError; end;
+class UnrecognizedResourceException < StandardError; end;
+
+module Tss
+  require_relative 'tss/secret'
+
+  class Server
+    DEFAULT_URL_TEMPLATE = "https://%s.secretservercloud.%s/"
+    DEFAULT_TLD = "com"
+    DEFAULT_API_PATH_URI = "/api/v1"
+    DEFAULT_TOKEN_PATH_URI = "/oauth2/token"
+  
+    # Initialize a +Server+ object with provided configuration.
+    #
+    # @param config [Hash]
+    #   - username: ''
+    #   - password: ''
+    #   - tld: 'com'
+    #   - api_path_uri: '/api/v1'
+    #   - token_path_uri: '/oauth2/token'
+    #   - tenant: ''
+    #   - server_url: ''
+    def initialize(config)
+      @configuration = config.collect{|k,v| [k.to_s, v]}.to_h
+      if @configuration['server_url'] == "" && @configuration['tenant'] == ""
+        $logger.error("Either ServerURL or Tenant must be set")
+        raise InvalidConfigurationException
+      end
+  
+      if @configuration['username'].nil? || @configuration['password'].nil?
+        $logger.error("Must provide username and password")
+        raise InvalidConfigurationException
+      end
+  
+      if @configuration['tld'].nil?
+        @configuration['tld'] = DEFAULT_TLD
+      end
+  
+      if @configuration['api_path_uri'].nil?
+        @configuration['api_path_uri'] = DEFAULT_API_PATH_URI
+      end
+      @configuration['api_path_uri'].delete_suffix!("/")
+  
+      if @configuration['token_path_uri'].nil?
+        @configuration['token_path_uri'] = DEFAULT_TOKEN_PATH_URI
+      end
+      @configuration['token_path_uri'].delete_suffix!("/")
+    end
+  
+    # Helper method to access a resource via API
+    #
+    # @param method [String] HTTP Request Method
+    # @param resource [String] The resource type to invoke
+    # @param path [String] The API Path to request
+    # @param parse_json [Boolean] Determine whether we want to return a hash, or raw output
+    #
+    # @return [Hash] - If +parse_json+, return Hash of JSON contents
+    # @return [String] - Otherwise, return raw HTTP Response Body
+    #
+    # - +AccessDeniedException+ is raised if the server responds with an +API_AccessDenied+ error
+    # - +InvalidMethodTypeException+ is raised if a method other than +["GET", "POST", "PUT", "DELETE"]+ is provided
+    # - +UnrecognizedResourceException+ is raised if a resource other than +["secrets"]+ is requested
+    def accessResource(method, resource, path, parse_json = true)
+      unless ["GET", "POST", "PUT", "DELETE"].include?(method.upcase)
+        $logger.error "Invalid request method: #{method}"
+        raise InvalidMethodTypeException
+      end
+  
+      unless ["secrets"].include? resource
+        $logger.debug "unrecognized resource: #{resource}"
+        raise UnrecognizedResourceException
+      end
+  
+      accessToken = getAccessToken
+  
+      url = urlFor(resource, path)
+      $logger.debug "Sending request to: #{url}"
+      resp = Faraday.send(method.downcase, url) do | req |
+        req.headers['Authorization'] = "Bearer #{accessToken}"
+  
+        if ["POST", "PUT"].include?(method.upcase)
+          req.headers['Content-Type'] = 'application/json'
+        end
+      end
+  
+      data = resp.body
+  
+      return data unless parse_json
+  
+      begin
+        hash = JSON.parse(data)
+  
+        if hash['errorCode'] == "API_AccessDenied"
+          raise AccessDeniedException
+        end
+      rescue JSON::ParserError => e
+        $logger.error "Error parsing JSON: #{e.to_s}"
+        raise e
+      end
+  
+      return hash
+    end
+  
+    # Query API for OAuth token
+    #
+    # - +InvalidCredentialsException+ is returned if the provided credentials are not valid
+    # 
+    # @return [String]
+    def getAccessToken
+      grantRequest = {
+        grant_type: 'password',
+        username: @configuration['username'],
+        password: @configuration['password']
+      }
+  
+      url = urlFor("token")
+  
+      response = Faraday.post(
+        url, 
+        grantRequest
+      )
+  
+      unless response.status == 200
+        $logger.error "Unable to retrive credentials for username: #{@configuration['username']}"
+        $logger.error "\t #{response.body}"
+        raise InvalidCredentialsException
+      end
+  
+      begin
+        grant = JSON.parse(response.body)
+        return grant['access_token']
+      rescue JSON::ParserError => e
+        $logger.error "Error parsing JSON: #{e.to_s}"
+        raise e
+      end
+    end
+  
+    # Generate the URL for a specific request.
+    # This factors in several configuration options including:
+    # - +tenant+
+    # - +server_url+
+    # - +token_path_uri+
+    # - +api_path_uri+
+    #
+    # @param resource [String] The specific API resource to request
+    # @param path [String] The path to the resource
+    #
+    # @return [String] The generated URL for the request
+    def urlFor(resource, path=nil)
+  
+      if @configuration['server_url'].nil? || @configuration['server_url'] == ""
+        baseURL = sprintf(DEFAULT_URL_TEMPLATE, @configuration['tenant'], @configuration['tld']).delete_suffix("/")
+      else
+        baseURL = @configuration['server_url'].delete_suffix("/")
+      end
+  
+      if resource == "token"
+        return sprintf("%s/%s", baseURL, @configuration['token_path_uri'].delete_prefix("/"))
+      end
+  
+      if path != "/"
+        path = path.delete_prefix("/")
+      end
+  
+      sprintf("%s/%s/%s/%s", baseURL, @configuration['api_path_uri'].delete_prefix("/"), resource.delete_suffix("/").delete_prefix("/"), path)
+    end 
+  end
+end

data/lib/{server → tss}/secret.rb

@@ -1,8 +1,9 @@
 
 class InvalidSecretException < StandardError; end;
 
-# Utilized to fetch secrets from an initialzed +Server+
-class Server::Secret
+module Tss
+  # Utilized to fetch secrets from an initialzed +Server+
+  class Secret
     SECRETS_RESOURCE = "secrets".freeze
   
     # Fetch secrets from the server
@@ -35,4 +36,5 @@ class Server::Secret
 
       return @secret
     end
-  end
+  end
+end

metadata

@@ -1,15 +1,57 @@
 --- !ruby/object:Gem::Specification
 name: tss-sdk
 version: !ruby/object:Gem::Version
-  version: 0.0.0
+  version: 0.0.1
 platform: ruby
 authors:
 - John Poulin
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
 date: 2020-04-08 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: faraday
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: logger
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -30,14 +72,13 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- lib/server.rb
-- lib/server/secret.rb
-- lib/server/server.rb
-homepage: https://rubygems.org/gems/hola
+- lib/tss.rb
+- lib/tss/secret.rb
+homepage: https://github.com/thycotic/tss-sdk-ruby
 licenses:
 - Apache-2.0
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -52,8 +93,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key: 
+rubygems_version: 3.0.8
+signing_key:
 specification_version: 4
 summary: tss-sdk
 test_files: []

data/lib/server.rb

@@ -1,4 +0,0 @@
-class Server
-  require 'server/server'
-  require 'server/secret'
-end

data/lib/server/server.rb

@@ -1,184 +0,0 @@
-require 'json'
-require 'faraday'
-require 'logger'
-
-##
-# If we're in the +test+ environment just dump logs to Null
-# Otherwise, use stdout
-if ENV['test']
-  $logger = Logger.new(IO::NULL)
-else
-  $logger = Logger.new(STDOUT)
-end
-
-##
-# Invoked when the API returns an +API_AccessDenied+ error
-class AccessDeniedException < StandardError; end;
-
-class InvalidConfigurationException < StandardError; end;
-class InvalidCredentialsException < StandardError; end;
-class InvalidMethodTypeException < StandardError; end;
-class UnrecognizedResourceException < StandardError; end;
-
-class Server
-  DEFAULT_URL_TEMPLATE = "https://%s.secretservercloud.%s/"
-  DEFAULT_TLD = "com"
-  DEFAULT_API_PATH_URI = "/api/v1"
-  DEFAULT_TOKEN_PATH_URI = "/oauth2/token"
-
-  # Initialize a +Server+ object with provided configuration.
-  #
-  # @param config [Hash]
-  #   - username: ''
-  #   - password: ''
-  #   - tld: 'com'
-  #   - api_path_uri: '/api/v1'
-  #   - token_path_uri: '/oauth2/token'
-  #   - tenant: ''
-  #   - server_url: ''
-  def initialize(config)
-    @configuration = config.collect{|k,v| [k.to_s, v]}.to_h
-    if @configuration['server_url'] == "" && @configuration['tenant'] == ""
-      $logger.error("Either ServerURL or Tenant must be set")
-      raise InvalidConfigurationException
-    end
-
-    if @configuration['username'].nil? || @configuration['password'].nil?
-      $logger.error("Must provide username and password")
-      raise InvalidConfigurationException
-    end
-
-    if @configuration['tld'].nil?
-      @configuration['tld'] = DEFAULT_TLD
-    end
-
-    if @configuration['api_path_uri'].nil?
-      @configuration['api_path_uri'] = DEFAULT_API_PATH_URI
-    end
-    @configuration['api_path_uri'].delete_suffix!("/")
-
-    if @configuration['token_path_uri'].nil?
-      @configuration['token_path_uri'] = DEFAULT_TOKEN_PATH_URI
-    end
-    @configuration['token_path_uri'].delete_suffix!("/")
-  end
-
-  # Helper method to access a resource via API
-  #
-  # @param method [String] HTTP Request Method
-  # @param resource [String] The resource type to invoke
-  # @param path [String] The API Path to request
-  # @param parse_json [Boolean] Determine whether we want to return a hash, or raw output
-  #
-  # @return [Hash] - If +parse_json+, return Hash of JSON contents
-  # @return [String] - Otherwise, return raw HTTP Response Body
-  #
-  # - +AccessDeniedException+ is raised if the server responds with an +API_AccessDenied+ error
-  # - +InvalidMethodTypeException+ is raised if a method other than +["GET", "POST", "PUT", "DELETE"]+ is provided
-  # - +UnrecognizedResourceException+ is raised if a resource other than +["secrets"]+ is requested
-  def accessResource(method, resource, path, parse_json = true)
-    unless ["GET", "POST", "PUT", "DELETE"].include?(method.upcase)
-      $logger.error "Invalid request method: #{method}"
-      raise InvalidMethodTypeException
-    end
-
-    unless ["secrets"].include? resource
-      $logger.debug "unrecognized resource: #{resource}"
-      raise UnrecognizedResourceException
-    end
-
-    accessToken = getAccessToken
-
-    url = urlFor(resource, path)
-    $logger.debug "Sending request to: #{url}"
-    resp = Faraday.send(method.downcase, url) do | req |
-      req.headers['Authorization'] = "Bearer #{accessToken}"
-
-      if ["POST", "PUT"].include?(method.upcase)
-        req.headers['Content-Type'] = 'application/json'
-      end
-    end
-
-    data = resp.body
-
-    return data unless parse_json
-
-    begin
-      hash = JSON.parse(data)
-
-      if hash['errorCode'] == "API_AccessDenied"
-        raise AccessDeniedException
-      end
-    rescue JSON::ParserError => e
-      $logger.error "Error parsing JSON: #{e.to_s}"
-      raise e
-    end
-
-    return hash
-  end
-
-  # Query API for OAuth token
-  #
-  # - +InvalidCredentialsException+ is returned if the provided credentials are not valid
-  # 
-  # @return [String]
-  def getAccessToken
-    grantRequest = {
-      grant_type: 'password',
-      username: @configuration['username'],
-      password: @configuration['password']
-    }
-
-    url = urlFor("token")
-
-    response = Faraday.post(
-      url, 
-      grantRequest
-    )
-
-    unless response.status == 200
-      $logger.error "Unable to retrive credentials for username: #{@configuration['username']}"
-      $logger.error "\t #{response.body}"
-      raise InvalidCredentialsException
-    end
-
-    begin
-      grant = JSON.parse(response.body)
-      return grant['access_token']
-    rescue JSON::ParserError => e
-      $logger.error "Error parsing JSON: #{e.to_s}"
-      raise e
-    end
-  end
-
-  # Generate the URL for a specific request.
-  # This factors in several configuration options including:
-  # - +tenant+
-  # - +server_url+
-  # - +token_path_uri+
-  # - +api_path_uri+
-  #
-  # @param resource [String] The specific API resource to request
-  # @param path [String] The path to the resource
-  #
-  # @return [String] The generated URL for the request
-  def urlFor(resource, path=nil)
-
-    if @configuration['server_url'].nil? || @configuration['server_url'] == ""
-      baseURL = sprintf(DEFAULT_URL_TEMPLATE, @configuration['tenant'], @configuration['tld']).delete_suffix("/")
-    else
-      baseURL = @configuration['server_url'].delete_suffix("/")
-    end
-
-    if resource == "token"
-      return sprintf("%s/%s", baseURL, @configuration['token_path_uri'].delete_prefix("/"))
-    end
-
-    if path != "/"
-      path = path.delete_prefix("/")
-    end
-
-    sprintf("%s/%s/%s/%s", baseURL, @configuration['api_path_uri'].delete_prefix("/"), resource.delete_suffix("/").delete_prefix("/"), path)
-  end
-  
-end