inspec/lib/bundles/inspec-compliance/http.rb

# encoding: utf-8
# author: Christoph Hartmann
# author: Dominik Richter

require 'net/http'
require 'uri'

module Compliance
  # implements a simple http abstraction on top of Net::HTTP
  class HTTP
    # generic get requires
    def self.get(url, headers = nil, insecure)
      uri = _parse_url(url)
      req = Net::HTTP::Get.new(uri.path)
      headers&.each do |key, value|
        req.add_field(key, value)
      end
      send_request(uri, req, insecure)
    end

    # generic post request
    def self.post(url, token, insecure, basic_auth = false)
      # form request
      uri = _parse_url(url)
      req = Net::HTTP::Post.new(uri.path)
      if basic_auth
        req.basic_auth token, ''
      else
        req['Authorization'] = "Bearer #{token}"
      end
      req.form_data={}

      send_request(uri, req, insecure)
    end

    # post a file
    def self.post_file(url, headers, file_path, insecure)
      uri = _parse_url(url)
      raise "Unable to parse URL: #{url}" if uri.nil? || uri.host.nil?
      http = Net::HTTP.new(uri.host, uri.port)

      # set connection flags
      http.use_ssl = (uri.scheme == 'https')
      http.verify_mode = OpenSSL::SSL::VERIFY_NONE if insecure

      req = Net::HTTP::Post.new(uri.path)
      headers.each do |key, value|
        req.add_field(key, value)
      end

      req.body_stream=File.open(file_path, 'rb')
      req.add_field('Content-Length', File.size(file_path))
      req.add_field('Content-Type', 'application/x-gtar')

      boundary = 'INSPEC-PROFILE-UPLOAD'
      req.add_field('session', boundary)
      res=http.request(req)
      res
    end

    # sends a http requests
    def self.send_request(uri, req, insecure)
      opts = {
        use_ssl: uri.scheme == 'https',
      }
      opts[:verify_mode] = OpenSSL::SSL::VERIFY_NONE if insecure

      raise "Unable to parse URI: #{uri}" if uri.nil? || uri.host.nil?
      res = Net::HTTP.start(uri.host, uri.port, opts) { |http|
        http.request(req)
      }
      res
    rescue OpenSSL::SSL::SSLError => e
      raise e unless e.message.include? 'certificate verify failed'

      puts "Error: Failed to connect to #{uri}."
      puts 'If the server uses a self-signed certificate, please re-run the login command with the --insecure option.'
      exit 1
    end

    def self._parse_url(url)
      url = "https://#{url}" if URI.parse(url).scheme.nil?
      URI.parse(url)
    end
  end
end
fix: make the plugin compatible with all versions of chef compliance 2016-04-13 11:47:33 +00:00			`# encoding: utf-8`
			`# author: Christoph Hartmann`
			`# author: Dominik Richter`

			`require 'net/http'`
			`require 'uri'`

			`module Compliance`
			`# implements a simple http abstraction on top of Net::HTTP`
			`class HTTP`
			`# generic get requires`
refactor headers retrieval into get_headers method Signed-off-by: Victoria Jeffrey <vjeffrey@chef.io> 2016-11-30 14:30:11 +00:00			`def self.get(url, headers = nil, insecure)`
bugfix: non-url servers with compliance login Non-url URIs may have lead to broader crashes than initially fixed. Overwrite all URL resolvers in the plugin to work with these non-schema URLs. Fixes #1473 Signed-off-by: Dominik Richter <dominik.richter@gmail.com> 2017-05-30 16:02:52 +00:00			`uri = _parse_url(url)`
fix: make the plugin compatible with all versions of chef compliance 2016-04-13 11:47:33 +00:00			`req = Net::HTTP::Get.new(uri.path)`
Bump Rubocop to 0.49.1 (#2323) * Bump Rubocop to 0.49.1 This change bumps Rubocop to 0.49.1. There have been a lot of changes since 0.39.0 and this PR is hopefully a nice compromise of turning off certain cops and updating our codebase to take advantage of new Ruby 2.3 methods and operators. Signed-off-by: Adam Leff <adam@leff.co> * Set end-of-line format to line-feed only, avoid Windows-related CRLF issues Signed-off-by: Adam Leff <adam@leff.co> 2017-11-21 07:49:41 +00:00			`headers&.each do \|key, value\|`
			`req.add_field(key, value)`
fix: make the plugin compatible with all versions of chef compliance 2016-04-13 11:47:33 +00:00			`end`
			`send_request(uri, req, insecure)`
			`end`

			`# generic post request`
			`def self.post(url, token, insecure, basic_auth = false)`
			`# form request`
bugfix: non-url servers with compliance login Non-url URIs may have lead to broader crashes than initially fixed. Overwrite all URL resolvers in the plugin to work with these non-schema URLs. Fixes #1473 Signed-off-by: Dominik Richter <dominik.richter@gmail.com> 2017-05-30 16:02:52 +00:00			`uri = _parse_url(url)`
fix: make the plugin compatible with all versions of chef compliance 2016-04-13 11:47:33 +00:00			`req = Net::HTTP::Post.new(uri.path)`
			`if basic_auth`
			`req.basic_auth token, ''`
			`else`
			`req['Authorization'] = "Bearer #{token}"`
			`end`
			`req.form_data={}`

			`send_request(uri, req, insecure)`
			`end`

			`# post a file`
refactor headers retrieval into get_headers method Signed-off-by: Victoria Jeffrey <vjeffrey@chef.io> 2016-11-30 14:30:11 +00:00			`def self.post_file(url, headers, file_path, insecure)`
bugfix: non-url servers with compliance login Non-url URIs may have lead to broader crashes than initially fixed. Overwrite all URL resolvers in the plugin to work with these non-schema URLs. Fixes #1473 Signed-off-by: Dominik Richter <dominik.richter@gmail.com> 2017-05-30 16:02:52 +00:00			`uri = _parse_url(url)`
Address rubocop violations Signed-off-by: Tom Duffield <tom@chef.io> 2017-02-08 22:49:16 +00:00			`raise "Unable to parse URL: #{url}" if uri.nil? \|\| uri.host.nil?`
fix: make the plugin compatible with all versions of chef compliance 2016-04-13 11:47:33 +00:00			`http = Net::HTTP.new(uri.host, uri.port)`

			`# set connection flags`
			`http.use_ssl = (uri.scheme == 'https')`
			`http.verify_mode = OpenSSL::SSL::VERIFY_NONE if insecure`

			`req = Net::HTTP::Post.new(uri.path)`
refactor headers retrieval into get_headers method Signed-off-by: Victoria Jeffrey <vjeffrey@chef.io> 2016-11-30 14:30:11 +00:00			`headers.each do \|key, value\|`
			`req.add_field(key, value)`
fix: make the plugin compatible with all versions of chef compliance 2016-04-13 11:47:33 +00:00			`end`

			`req.body_stream=File.open(file_path, 'rb')`
			`req.add_field('Content-Length', File.size(file_path))`
			`req.add_field('Content-Type', 'application/x-gtar')`

			`boundary = 'INSPEC-PROFILE-UPLOAD'`
			`req.add_field('session', boundary)`
			`res=http.request(req)`
			`res`
			`end`

			`# sends a http requests`
			`def self.send_request(uri, req, insecure)`
			`opts = {`
			`use_ssl: uri.scheme == 'https',`
			`}`
			`opts[:verify_mode] = OpenSSL::SSL::VERIFY_NONE if insecure`

Address rubocop violations Signed-off-by: Tom Duffield <tom@chef.io> 2017-02-08 22:49:16 +00:00			`raise "Unable to parse URI: #{uri}" if uri.nil? \|\| uri.host.nil?`
bugfix: warn users about insecure login requirements Fixes https://github.com/chef/inspec/issues/1469 Signed-off-by: Dominik Richter <dominik.richter@gmail.com> 2017-02-08 07:47:20 +00:00			`res = Net::HTTP.start(uri.host, uri.port, opts) { \|http\|`
fix: make the plugin compatible with all versions of chef compliance 2016-04-13 11:47:33 +00:00			`http.request(req)`
			`}`
			`res`
bugfix: warn users about insecure login requirements Fixes https://github.com/chef/inspec/issues/1469 Signed-off-by: Dominik Richter <dominik.richter@gmail.com> 2017-02-08 07:47:20 +00:00			`rescue OpenSSL::SSL::SSLError => e`
			`raise e unless e.message.include? 'certificate verify failed'`

			`puts "Error: Failed to connect to #{uri}."`
			`puts 'If the server uses a self-signed certificate, please re-run the login command with the --insecure option.'`
			`exit 1`
fix: make the plugin compatible with all versions of chef compliance 2016-04-13 11:47:33 +00:00			`end`
bugfix: non-url servers with compliance login Non-url URIs may have lead to broader crashes than initially fixed. Overwrite all URL resolvers in the plugin to work with these non-schema URLs. Fixes #1473 Signed-off-by: Dominik Richter <dominik.richter@gmail.com> 2017-05-30 16:02:52 +00:00
			`def self._parse_url(url)`
			`url = "https://#{url}" if URI.parse(url).scheme.nil?`
			`URI.parse(url)`
			`end`
fix: make the plugin compatible with all versions of chef compliance 2016-04-13 11:47:33 +00:00			`end`
			`end`