class Puppet::Context::TrustedInformation - puppet-3.8.7 Documentation

Attributes

authenticated[R]

one of ‘remote’, ‘local’, or false, where ‘remote’ is authenticated via cert, ‘local’ is trusted by virtue of running on the same machine (not a remote request), and false is an unauthenticated remote request.

@return [String, Boolean]

certname[R]

The validated certificate name used for the request

@return [String]

extensions[R]

Extra information that comes from the trusted certificate’s extensions.

@return [Hash{Object => Object}]

Public Instance Methods

to_h() click to toggle source

# File lib/puppet/context/trusted_information.rb, line 49
def to_h
  {
    'authenticated'.freeze => authenticated,
    'certname'.freeze => certname,
    'extensions'.freeze => extensions
  }.freeze
end

Public Class Methods

local(node) click to toggle source

# File lib/puppet/context/trusted_information.rb, line 42
def self.local(node)
  # Always trust local data by picking up the available parameters.
  client_cert = node ? node.parameters['clientcert'] : nil

  new('local', client_cert, {})
end

new(authenticated, certname, extensions) click to toggle source

# File lib/puppet/context/trusted_information.rb, line 20
def initialize(authenticated, certname, extensions)
  @authenticated = authenticated.freeze
  @certname = certname.freeze
  @extensions = extensions.freeze
end

remote(authenticated, node_name, certificate) click to toggle source

# File lib/puppet/context/trusted_information.rb, line 26
def self.remote(authenticated, node_name, certificate)
  if authenticated
    extensions = {}
    if certificate.nil?
      Puppet.info('TrustedInformation expected a certificate, but none was given.')
    else
      extensions = Hash[certificate.custom_extensions.collect do |ext|
        [ext['oid'].freeze, ext['value'].freeze]
      end]
    end
    new('remote', node_name, extensions)
  else
    new(false, nil, {})
  end
end