inspec/lib/resources/http.rb

# encoding: utf-8
# copyright: 2017, Criteo
# copyright: 2017, Chef Software Inc
# author: Guilhem Lettron, Christoph Hartmann
# license: Apache v2

require 'faraday'
require 'hashie'

module Inspec::Resources
  class Http < Inspec.resource(1)
    name 'http'
    desc 'Use the http InSpec audit resource to test http call.'
    example "
      describe http('http://localhost:8080/ping', auth: {user: 'user', pass: 'test'}, params: {format: 'html'}) do
        its('status') { should cmp 200 }
        its('body') { should cmp 'pong' }
        its('headers.Content-Type') { should cmp 'text/html' }
      end

      describe http('http://example.com/ping').headers do
        its('Content-Length') { should cmp 258 }
        its('Content-Type') { should cmp 'text/html; charset=UTF-8' }
      end
    "

    def initialize(url, opts = {})
      @url = url
      @method = opts.fetch(:method, 'GET')
      @params = opts.fetch(:params, nil)
      @auth = opts.fetch(:auth, {})
      @headers = opts.fetch(:headers, {})
      @data = opts.fetch(:data, nil)
      @open_timeout = opts.fetch(:open_timeout, 60)
      @read_timeout = opts.fetch(:read_timeout, 60)
      @ssl_verify = opts.fetch(:ssl_verify, true)
    end

    def status
      response.status
    end

    def body
      response.body
    end

    def headers
      Hashie::Mash.new(response.headers.to_h)
    end

    def to_s
      "http #{@method} on #{@url}"
    end

    private

    def response
      conn = Faraday.new url: @url, headers: @headers, params: @params, ssl: { verify: @ssl_verify }

      # set basic authentication
      conn.basic_auth @auth[:user], @auth[:pass] unless @auth.empty?

      # set default timeout
      conn.options.timeout      = @read_timeout  # open/read timeout in seconds
      conn.options.open_timeout = @open_timeout  # connection open timeout in seconds

      @response = conn.send(@method.downcase) do |req|
        req.body = @data
      end
    end
  end
end
Add an http test method Signed-off-by: Guilhem Lettron <g.lettron@criteo.com> 2017-01-05 19:29:11 +00:00			`# encoding: utf-8`
			`# copyright: 2017, Criteo`
switch to faraday as http backend Signed-off-by: Christoph Hartmann <chris@lollyrock.com> 2017-02-02 21:13:03 +00:00			`# copyright: 2017, Chef Software Inc`
			`# author: Guilhem Lettron, Christoph Hartmann`
Add an http test method Signed-off-by: Guilhem Lettron <g.lettron@criteo.com> 2017-01-05 19:29:11 +00:00			`# license: Apache v2`

switch to faraday as http backend Signed-off-by: Christoph Hartmann <chris@lollyrock.com> 2017-02-02 21:13:03 +00:00			`require 'faraday'`
improve http header handling Signed-off-by: Christoph Hartmann <chris@lollyrock.com> 2017-01-26 13:18:49 +00:00			`require 'hashie'`
Add an http test method Signed-off-by: Guilhem Lettron <g.lettron@criteo.com> 2017-01-05 19:29:11 +00:00
			`module Inspec::Resources`
			`class Http < Inspec.resource(1)`
			`name 'http'`
			`desc 'Use the http InSpec audit resource to test http call.'`
			`example "`
			`describe http('http://localhost:8080/ping', auth: {user: 'user', pass: 'test'}, params: {format: 'html'}) do`
			`its('status') { should cmp 200 }`
			`its('body') { should cmp 'pong' }`
improve http header handling Signed-off-by: Christoph Hartmann <chris@lollyrock.com> 2017-01-26 13:18:49 +00:00			`its('headers.Content-Type') { should cmp 'text/html' }`
			`end`

			`describe http('http://example.com/ping').headers do`
			`its('Content-Length') { should cmp 258 }`
			`its('Content-Type') { should cmp 'text/html; charset=UTF-8' }`
Add an http test method Signed-off-by: Guilhem Lettron <g.lettron@criteo.com> 2017-01-05 19:29:11 +00:00			`end`
			`"`

Bump default timeouts for `http` resource This changes the default read and open timeouts to be 60 seconds which matches the defaults for `Net::HTTP` backend which Faraday uses by default: https://ruby-doc.org/stdlib-2.4.1/libdoc/net/http/rdoc/Net/HTTP.html#read_timeout-attribute-method https://ruby-doc.org/stdlib-2.4.1/libdoc/net/http/rdoc/Net/HTTP.html#open_timeout-attribute-method The current timeout values are too small which causes tests to be flakey. Signed-off-by: Seth Chisamore <schisamo@chef.io> 2017-05-19 15:23:11 +00:00			`def initialize(url, opts = {})`
Add an http test method Signed-off-by: Guilhem Lettron <g.lettron@criteo.com> 2017-01-05 19:29:11 +00:00			`@url = url`
Bump default timeouts for `http` resource This changes the default read and open timeouts to be 60 seconds which matches the defaults for `Net::HTTP` backend which Faraday uses by default: https://ruby-doc.org/stdlib-2.4.1/libdoc/net/http/rdoc/Net/HTTP.html#read_timeout-attribute-method https://ruby-doc.org/stdlib-2.4.1/libdoc/net/http/rdoc/Net/HTTP.html#open_timeout-attribute-method The current timeout values are too small which causes tests to be flakey. Signed-off-by: Seth Chisamore <schisamo@chef.io> 2017-05-19 15:23:11 +00:00			`@method = opts.fetch(:method, 'GET')`
			`@params = opts.fetch(:params, nil)`
			`@auth = opts.fetch(:auth, {})`
			`@headers = opts.fetch(:headers, {})`
			`@data = opts.fetch(:data, nil)`
			`@open_timeout = opts.fetch(:open_timeout, 60)`
			`@read_timeout = opts.fetch(:read_timeout, 60)`
			`@ssl_verify = opts.fetch(:ssl_verify, true)`
Add an http test method Signed-off-by: Guilhem Lettron <g.lettron@criteo.com> 2017-01-05 19:29:11 +00:00			`end`

			`def status`
			`response.status`
			`end`

			`def body`
switch to faraday as http backend Signed-off-by: Christoph Hartmann <chris@lollyrock.com> 2017-02-02 21:13:03 +00:00			`response.body`
Add an http test method Signed-off-by: Guilhem Lettron <g.lettron@criteo.com> 2017-01-05 19:29:11 +00:00			`end`

improve http header handling Signed-off-by: Christoph Hartmann <chris@lollyrock.com> 2017-01-26 13:18:49 +00:00			`def headers`
			`Hashie::Mash.new(response.headers.to_h)`
Add an http test method Signed-off-by: Guilhem Lettron <g.lettron@criteo.com> 2017-01-05 19:29:11 +00:00			`end`

			`def to_s`
improve http header handling Signed-off-by: Christoph Hartmann <chris@lollyrock.com> 2017-01-26 13:18:49 +00:00			`"http #{@method} on #{@url}"`
Add an http test method Signed-off-by: Guilhem Lettron <g.lettron@criteo.com> 2017-01-05 19:29:11 +00:00			`end`

			`private`

			`def response`
ER-508 Extended http resource to support no ssl verification We needed to be able to run inspec against endpoints with self signed certificates and this was the quickest way for us to get there. Signed-off-by: Elizabeth Uselton <elizabeth.uselton@gmail.com> 2017-04-14 18:52:01 +00:00			`conn = Faraday.new url: @url, headers: @headers, params: @params, ssl: { verify: @ssl_verify }`
switch to faraday as http backend Signed-off-by: Christoph Hartmann <chris@lollyrock.com> 2017-02-02 21:13:03 +00:00
			`# set basic authentication`
			`conn.basic_auth @auth[:user], @auth[:pass] unless @auth.empty?`

			`# set default timeout`
Bump default timeouts for `http` resource This changes the default read and open timeouts to be 60 seconds which matches the defaults for `Net::HTTP` backend which Faraday uses by default: https://ruby-doc.org/stdlib-2.4.1/libdoc/net/http/rdoc/Net/HTTP.html#read_timeout-attribute-method https://ruby-doc.org/stdlib-2.4.1/libdoc/net/http/rdoc/Net/HTTP.html#open_timeout-attribute-method The current timeout values are too small which causes tests to be flakey. Signed-off-by: Seth Chisamore <schisamo@chef.io> 2017-05-19 15:23:11 +00:00			`conn.options.timeout = @read_timeout # open/read timeout in seconds`
			`conn.options.open_timeout = @open_timeout # connection open timeout in seconds`
switch to faraday as http backend Signed-off-by: Christoph Hartmann <chris@lollyrock.com> 2017-02-02 21:13:03 +00:00
			`@response = conn.send(@method.downcase) do \|req\|`
			`req.body = @data`
			`end`
Add an http test method Signed-off-by: Guilhem Lettron <g.lettron@criteo.com> 2017-01-05 19:29:11 +00:00			`end`
			`end`
			`end`