mirror of
https://github.com/fog/fog.git
synced 2022-11-09 13:51:43 -05:00
use excon rather than net/http
This commit is contained in:
Frederick Cheung
parent
a715819976
commit
29a67f9197
3 changed files with 57 additions and 55 deletions
|
|
@ -64,7 +64,6 @@ Gem::Specification.new do |s|
|
|||
s.add_development_dependency('virtualbox', '~>0.9.1')
|
||||
s.add_development_dependency('fission')
|
||||
s.add_development_dependency('pry')
|
||||
s.add_development_dependency('fakeweb')
|
||||
# s.add_development_dependency('ruby-libvirt','~>0.4.0')
|
||||
|
||||
s.files = `git ls-files`.split("\n")
|
||||
|
|
|
|||
|
|
@ -1,20 +1,18 @@
|
|||
require 'net/http'
|
||||
require 'uri'
|
||||
require 'fog/core/json'
|
||||
module Fog
|
||||
module AWS
|
||||
module CredentialFetcher
|
||||
INSTANCE_METADATA_URI = "http://169.254.169.254/latest/meta-data/iam/security-credentials/"
|
||||
INSTANCE_METADATA_HOST = "http://169.254.169.254"
|
||||
INSTANCE_METADATA_PATH = "/latest/meta-data/iam/security-credentials/"
|
||||
module ServiceMethods
|
||||
def fetch_credentials(options)
|
||||
if options[:use_iam_profile]
|
||||
begin
|
||||
role_name = Net::HTTP.get_response(URI.parse(INSTANCE_METADATA_URI))
|
||||
role_name.error! unless role_name.is_a?(Net::HTTPSuccess)
|
||||
role_data = Net::HTTP.get_response(URI.parse(INSTANCE_METADATA_URI+role_name.body))
|
||||
role_data.error! unless role_data.is_a?(Net::HTTPSuccess)
|
||||
connection = options[:connection] || Excon.new(INSTANCE_METADATA_HOST)
|
||||
role_name = connection.get(:path => INSTANCE_METADATA_PATH, :expects => 200).body
|
||||
role_data = connection.get(:path => INSTANCE_METADATA_PATH+role_name, :expects => 200).body
|
||||
|
||||
session = Fog::JSON.decode(role_data.body)
|
||||
session = Fog::JSON.decode(role_data)
|
||||
credentials = {}
|
||||
credentials[:aws_access_key_id] = session['AccessKeyId']
|
||||
credentials[:aws_secret_access_key] = session['SecretAccessKey']
|
||||
|
|
@ -22,7 +20,7 @@ module Fog
|
|||
credentials[:aws_credentials_expire_at] = Time.xmlschema session['Expiration']
|
||||
#these indicate the metadata service is unavailable or has no profile setup
|
||||
credentials
|
||||
rescue Errno::EHOSTUNREACH, Errno::ECONNREFUSED, SocketError, Timeout::Error, Net::HTTPError, Net::HTTPServerException => e
|
||||
rescue Excon::Errors::Error => e
|
||||
Fog::Logger.warning("Unable to fetch credentuals: #{e.message}")
|
||||
super
|
||||
end
|
||||
|
|
|
|||
|
|
@ -1,52 +1,57 @@
|
|||
require 'fakeweb'
|
||||
Shindo.tests('AWS | credentials', ['aws']) do
|
||||
default_credentials = Fog::Compute::AWS.fetch_credentials({})
|
||||
FakeWeb.clean_registry
|
||||
FakeWeb.register_uri(:get, "http://169.254.169.254/latest/meta-data/iam/security-credentials/", :body => 'arole')
|
||||
old_mock_value = Excon.defaults[:mock]
|
||||
Excon.stubs.clear
|
||||
|
||||
expires_at = Time.at(Time.now.to_i + 500)
|
||||
credentials = {
|
||||
'AccessKeyId' => 'dummykey',
|
||||
'SecretAccessKey' => 'dummysecret',
|
||||
'Token' => 'dummytoken',
|
||||
'Expiration' => expires_at.xmlschema
|
||||
}
|
||||
begin
|
||||
Excon.defaults[:mock] = true
|
||||
default_credentials = Fog::Compute::AWS.fetch_credentials({})
|
||||
Excon.stub({:method => :get, :path => "/latest/meta-data/iam/security-credentials/"}, {:status => 200, :body => 'arole'})
|
||||
|
||||
FakeWeb.register_uri(:get, "http://169.254.169.254/latest/meta-data/iam/security-credentials/arole", :body => Fog::JSON.encode(credentials))
|
||||
expires_at = Time.at(Time.now.to_i + 500)
|
||||
credentials = {
|
||||
'AccessKeyId' => 'dummykey',
|
||||
'SecretAccessKey' => 'dummysecret',
|
||||
'Token' => 'dummytoken',
|
||||
'Expiration' => expires_at.xmlschema
|
||||
}
|
||||
|
||||
Excon.stub({:method => :get, :path => "/latest/meta-data/iam/security-credentials/arole"}, {:status => 200, :body => Fog::JSON.encode(credentials)})
|
||||
|
||||
|
||||
tests("#fetch_credentials") do
|
||||
returns({:aws_access_key_id => 'dummykey',
|
||||
:aws_secret_access_key => 'dummysecret',
|
||||
:aws_session_token => 'dummytoken',
|
||||
:aws_credentials_expire_at => expires_at}) { Fog::Compute::AWS.fetch_credentials(:use_iam_profile => true) }
|
||||
tests("#fetch_credentials") do
|
||||
returns({:aws_access_key_id => 'dummykey',
|
||||
:aws_secret_access_key => 'dummysecret',
|
||||
:aws_session_token => 'dummytoken',
|
||||
:aws_credentials_expire_at => expires_at}) { Fog::Compute::AWS.fetch_credentials(:use_iam_profile => true) }
|
||||
end
|
||||
|
||||
compute = Fog::Compute::AWS.new(:use_iam_profile => true)
|
||||
|
||||
tests("#refresh_credentials_if_expired") do
|
||||
returns(nil){compute.refresh_credentials_if_expired}
|
||||
end
|
||||
|
||||
credentials['AccessKeyId'] = 'newkey'
|
||||
credentials['SecretAccessKey'] = 'newsecret'
|
||||
credentials['Expiration'] = (expires_at + 10).xmlschema
|
||||
|
||||
Excon.stub({:method => :get, :path => "/latest/meta-data/iam/security-credentials/arole"}, {:status => 200, :body => Fog::JSON.encode(credentials)})
|
||||
|
||||
Fog::Time.now = expires_at + 1
|
||||
tests("#refresh_credentials_if_expired") do
|
||||
returns(true){compute.refresh_credentials_if_expired}
|
||||
returns("newkey"){ compute.instance_variable_get(:@aws_access_key_id)}
|
||||
end
|
||||
Fog::Time.now = Time.now
|
||||
|
||||
|
||||
tests("#fetch_credentials when the url 404s") do
|
||||
Excon.stub({:method => :get, :path => "/latest/meta-data/iam/security-credentials/"}, {:status => 404, :body => 'not bound'})
|
||||
returns(default_credentials) {Fog::Compute::AWS.fetch_credentials(:use_iam_profile => true)}
|
||||
end
|
||||
|
||||
ensure
|
||||
Excon.stubs.clear
|
||||
Excon.defaults[:mock] = old_mock_value
|
||||
end
|
||||
|
||||
compute = Fog::Compute::AWS.new(:use_iam_profile => true)
|
||||
|
||||
tests("#refresh_credentials_if_expired") do
|
||||
returns(nil){compute.refresh_credentials_if_expired}
|
||||
end
|
||||
|
||||
credentials['AccessKeyId'] = 'newkey'
|
||||
credentials['SecretAccessKey'] = 'newsecret'
|
||||
credentials['Expiration'] = (expires_at + 10).xmlschema
|
||||
|
||||
FakeWeb.register_uri(:get, "http://169.254.169.254/latest/meta-data/iam/security-credentials/arole", :body => Fog::JSON.encode(credentials))
|
||||
|
||||
Fog::Time.now = expires_at + 1
|
||||
tests("#refresh_credentials_if_expired") do
|
||||
returns(true){compute.refresh_credentials_if_expired}
|
||||
returns("newkey"){ compute.instance_variable_get(:@aws_access_key_id)}
|
||||
end
|
||||
|
||||
|
||||
tests("#fetch_credentials when the url 404s") do
|
||||
FakeWeb.register_uri(:get, "http://169.254.169.254/latest/meta-data/iam/security-credentials/", :body => '', :status => [404, 'Not found'])
|
||||
returns(default_credentials) {Fog::Compute::AWS.fetch_credentials(:use_iam_profile => true)}
|
||||
end
|
||||
|
||||
|
||||
FakeWeb.clean_registry
|
||||
Fog::Time.now = Time.now
|
||||
end
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue