Sha256: 0ca0b6c067cc5f54b3fbc0c8cad154abfab701a498ed478da5f8c05a5d09ed16
Contents?: true
Size: 1.55 KB
Versions: 89
Compression:
Stored size: 1.55 KB
Contents
# @api private
class Puppet::Context::TrustedInformation
# one of 'remote', 'local', or false, where 'remote' is authenticated via cert,
# 'local' is trusted by virtue of running on the same machine (not a remote
# request), and false is an unauthenticated remote request.
#
# @return [String, Boolean]
attr_reader :authenticated
# The validated certificate name used for the request
#
# @return [String]
attr_reader :certname
# Extra information that comes from the trusted certificate's extensions.
#
# @return [Hash{Object => Object}]
attr_reader :extensions
def initialize(authenticated, certname, extensions)
@authenticated = authenticated.freeze
@certname = certname.freeze
@extensions = extensions.freeze
end
def self.remote(authenticated, node_name, certificate)
if authenticated
extensions = {}
if certificate.nil?
Puppet.info('TrustedInformation expected a certificate, but none was given.')
else
extensions = Hash[certificate.custom_extensions.collect do |ext|
[ext['oid'].freeze, ext['value'].freeze]
end]
end
new('remote', node_name, extensions)
else
new(false, nil, {})
end
end
def self.local(node)
# Always trust local data by picking up the available parameters.
client_cert = node ? node.parameters['clientcert'] : nil
new('local', client_cert, {})
end
def to_h
{
'authenticated'.freeze => authenticated,
'certname'.freeze => certname,
'extensions'.freeze => extensions
}.freeze
end
end
Version data entries
89 entries across 89 versions & 2 rubygems