module Conjur::API::Router::V4
Public Instance Methods
authn_authenticate(account, username)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 20 def authn_authenticate account, username verify_account(account) RestClient::Resource.new( Conjur.configuration.authn_url, Conjur.configuration.rest_client_options )['users'][fully_escape username]['authenticate'] end
authn_authenticate_local(username, account, expiration, cidr, &block)
click to toggle source
For v4, the authn-local message is the username.
# File lib/conjur/api/router/v4.rb, line 29 def authn_authenticate_local username, account, expiration, cidr, &block verify_account(account) raise "'expiration' is not supported for authn-local v4" if expiration raise "'cidr' is not supported for authn-local v4" if cidr username end
authn_login(account, username, password)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 9 def authn_login account, username, password verify_account(account) RestClient::Resource.new( Conjur.configuration.authn_url, Conjur.configuration.create_rest_client_options( user: username, password: password ) )['users/login'] end
authn_rotate_api_key(credentials, account, id)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 38 def authn_rotate_api_key credentials, account, id verify_account(account) username = id.kind == "user" ? id.identifier : [id.kind, id.identifier].join('/') RestClient::Resource.new( Conjur.configuration.authn_url, Conjur.configuration.create_rest_client_options(credentials) )['users']["api_key?id=#{username}"] end
authn_rotate_own_api_key(account, username, password)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 47 def authn_rotate_own_api_key account, username, password verify_account(account) RestClient::Resource.new( Conjur.configuration.authn_url, Conjur.configuration.create_rest_client_options(user: username, password: password) )['users']["api_key"] end
group_attributes(credentials, resource, id)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 146 def group_attributes credentials, resource, id verify_account(id.account) JSON.parse( RestClient::Resource.new( Conjur.configuration.core_url, Conjur.configuration.create_rest_client_options(credentials) )['groups'][fully_escape id.identifier].get ) end
host_factory_create_host(token)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 55 def host_factory_create_host token http_options = { headers: { authorization: %Q(Token token="#{token}") } } RestClient::Resource.new( Conjur.configuration.core_url, Conjur.configuration.create_rest_client_options(http_options) )['host_factories']['hosts'] end
host_factory_create_tokens(credentials, id)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 65 def host_factory_create_tokens credentials, id RestClient::Resource.new( Conjur.configuration.core_url, Conjur.configuration.create_rest_client_options(credentials) )['host_factories'][id.identifier]['tokens'] end
host_factory_revoke_token(credentials, token)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 72 def host_factory_revoke_token credentials, token RestClient::Resource.new( Conjur.configuration.core_url, Conjur.configuration.create_rest_client_options(credentials) )['host_factories']['tokens'][token] end
parse_group_gidnumber(attributes)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 176 def parse_group_gidnumber attributes attributes['gidnumber'] end
parse_members(credentials, result)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 192 def parse_members credentials, result result.collect do |json| RoleGrant.parse_from_json(json, credentials) end end
parse_user_uidnumber(attributes)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 180 def parse_user_uidnumber attributes attributes['uidnumber'] end
parse_variable_kind(attributes)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 184 def parse_variable_kind attributes attributes['kind'] end
parse_variable_mime_type(attributes)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 188 def parse_variable_mime_type attributes attributes['mime_type'] end
resources_check(credentials, id, privilege, role)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 87 def resources_check credentials, id, privilege, role options = {} options[:check] = true options[:privilege] = privilege if role options[:resource_id] = id roles_role(credentials, Id.new(role))[options_querystring options].get else resources_resource(credentials, id)[options_querystring options].get end end
resources_permitted_roles(credentials, id, privilege)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 99 def resources_permitted_roles credentials, id, privilege RestClient::Resource.new( Conjur.configuration.core_url, Conjur.configuration.create_rest_client_options(credentials) )['authz'][id.account]['roles']['allowed_to'][privilege][id.kind][id.identifier] end
resources_resource(credentials, id)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 79 def resources_resource credentials, id RestClient::Resource.new( Conjur.configuration.core_url, Conjur.configuration.create_rest_client_options(credentials) )['authz'][id.account]['resources'][id.kind][id.identifier] end
roles_role(credentials, id)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 106 def roles_role credentials, id RestClient::Resource.new( Conjur.configuration.core_url, Conjur.configuration.create_rest_client_options(credentials) )['authz'][id.account]['roles'][id.kind][id.identifier] end
secrets_add(credentials, id)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 113 def secrets_add credentials, id verify_account(id.account) RestClient::Resource.new( Conjur.configuration.core_url, Conjur.configuration.create_rest_client_options(credentials) )['variables'][fully_escape id.identifier]['values'] end
secrets_value(credentials, id, options)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 129 def secrets_value credentials, id, options RestClient::Resource.new( Conjur.configuration.core_url, Conjur.configuration.create_rest_client_options(credentials) )['variables'][fully_escape id.identifier]['value'][options_querystring options] end
secrets_values(credentials, variable_ids)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 136 def secrets_values credentials, variable_ids options = { vars: Array(variable_ids).map { |v| fully_escape(v.identifier) }.join(',') } RestClient::Resource.new( Conjur.configuration.core_url, Conjur.configuration.create_rest_client_options(credentials) )['variables']['values'][options_querystring options] end
user_attributes(credentials, resource, id)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 166 def user_attributes credentials, resource, id verify_account(id.account) JSON.parse( RestClient::Resource.new( Conjur.configuration.core_url, Conjur.configuration.create_rest_client_options(credentials) )['users'][fully_escape id.identifier].get ) end
variable(credentials, id)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 121 def variable credentials, id verify_account(id.account) RestClient::Resource.new( Conjur.configuration.core_url, Conjur.configuration.create_rest_client_options(credentials) )['variables'][fully_escape id.identifier] end
variable_attributes(credentials, resource, id)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 156 def variable_attributes credentials, resource, id verify_account(id.account) JSON.parse( RestClient::Resource.new( Conjur.configuration.core_url, Conjur.configuration.create_rest_client_options(credentials) )['variables'][fully_escape id.identifier].get ) end
Protected Instance Methods
verify_account(account)
click to toggle source
# File lib/conjur/api/router/v4.rb, line 200 def verify_account account raise "Expecting account to be #{Conjur.configuration.account.inspect}, got #{account.inspect}" unless Conjur.configuration.account == account end