Sha256: e9c14975a59da3aadf3b76e816fba84b850c8bb953a558a4cc0fa4278fd16f06
Contents?: true
Size: 1.07 KB
Versions: 4
Compression:
Stored size: 1.07 KB
Contents
class ChefVault
class User
attr_accessor :username
def initialize(data_bag, username, chef_config_file)
@username = username
@data_bag = data_bag
if chef_config_file
chef = ChefVault::ChefOffline.new(chef_config_file)
chef.connect
end
end
def decrypt_password
# use the private client_key file to create a decryptor
private_key = open(Chef::Config[:client_key]).read
private_key = OpenSSL::PKey::RSA.new(private_key)
begin
keys = Chef::DataBagItem.load(@data_bag, "#{username}_keys")
rescue
throw "Could not find data bag item #{username}_keys in data bag #{@data_bag}"
end
unless keys[Chef::Config[:node_name]]
throw "Password for #{username} is not encrypted for you! Rebuild the password data bag"
end
node_key = Base64.decode64(keys[Chef::Config[:node_name]])
shared_secret = private_key.private_decrypt(node_key)
cred = Chef::EncryptedDataBagItem.load(@data_bag, @username, shared_secret)
cred["password"]
end
end
end
Version data entries
4 entries across 4 versions & 1 rubygems
| Version | Path |
|---|---|
| chef-vault-1.2.2 | lib/chef-vault/user.rb |
| chef-vault-1.2.1 | lib/chef-vault/user.rb |
| chef-vault-1.2.0 | lib/chef-vault/user.rb |
| chef-vault-1.1.0 | lib/chef-vault/user.rb |