kotovalexarian-likes-github/fog--fog
1
0
Fork 0
mirror of https://github.com/fog/fog.git synced 2022-11-09 13:51:43 -05:00
Code Releases Activity

use excon rather than net/http

Browse source
This commit is contained in:
Frederick Cheung 2012-06-22 16:19:52 +01:00
parent a715819976
commit 29a67f9197
3 changed files with 57 additions and 55 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
fog.gemspec
View file

@ -64,7 +64,6 @@ Gem::Specification.new do |s|
s.add_development_dependency('virtualbox', '~>0.9.1') s.add_development_dependency('virtualbox', '~>0.9.1')
s.add_development_dependency('fission') s.add_development_dependency('fission')
s.add_development_dependency('pry') s.add_development_dependency('pry')
s.add_development_dependency('fakeweb')
# s.add_development_dependency('ruby-libvirt','~>0.4.0') # s.add_development_dependency('ruby-libvirt','~>0.4.0')
s.files = `git ls-files`.split("\n") s.files = `git ls-files`.split("\n")

16
lib/fog/aws/credential_fetcher.rb
View file

@ -1,20 +1,18 @@
require 'net/http'
require 'uri'
require 'fog/core/json' require 'fog/core/json'
module Fog module Fog
module AWS module AWS
module CredentialFetcher module CredentialFetcher
INSTANCE_METADATA_URI = "http://169.254.169.254/latest/meta-data/iam/security-credentials/" INSTANCE_METADATA_HOST = "http://169.254.169.254"
INSTANCE_METADATA_PATH = "/latest/meta-data/iam/security-credentials/"
module ServiceMethods module ServiceMethods
def fetch_credentials(options) def fetch_credentials(options)
if options[:use_iam_profile] if options[:use_iam_profile]
begin begin
role_name = Net::HTTP.get_response(URI.parse(INSTANCE_METADATA_URI)) connection = options[:connection] || Excon.new(INSTANCE_METADATA_HOST)
role_name.error! unless role_name.is_a?(Net::HTTPSuccess) role_name = connection.get(:path => INSTANCE_METADATA_PATH, :expects => 200).body
role_data = Net::HTTP.get_response(URI.parse(INSTANCE_METADATA_URI+role_name.body)) role_data = connection.get(:path => INSTANCE_METADATA_PATH+role_name, :expects => 200).body
role_data.error! unless role_data.is_a?(Net::HTTPSuccess)
session = Fog::JSON.decode(role_data.body) session = Fog::JSON.decode(role_data)
credentials = {} credentials = {}
credentials[:aws_access_key_id] = session['AccessKeyId'] credentials[:aws_access_key_id] = session['AccessKeyId']
credentials[:aws_secret_access_key] = session['SecretAccessKey'] credentials[:aws_secret_access_key] = session['SecretAccessKey']
@ -22,7 +20,7 @@ module Fog
credentials[:aws_credentials_expire_at] = Time.xmlschema session['Expiration'] credentials[:aws_credentials_expire_at] = Time.xmlschema session['Expiration']
#these indicate the metadata service is unavailable or has no profile setup #these indicate the metadata service is unavailable or has no profile setup
credentials credentials
rescue Errno::EHOSTUNREACH, Errno::ECONNREFUSED, SocketError, Timeout::Error, Net::HTTPError, Net::HTTPServerException => e rescue Excon::Errors::Error => e
Fog::Logger.warning("Unable to fetch credentuals: #{e.message}") Fog::Logger.warning("Unable to fetch credentuals: #{e.message}")
super super
end end

95
tests/aws/credentials_tests.rb
View file

@ -1,52 +1,57 @@
require 'fakeweb'
Shindo.tests('AWS | credentials', ['aws']) do Shindo.tests('AWS | credentials', ['aws']) do
default_credentials = Fog::Compute::AWS.fetch_credentials({}) old_mock_value = Excon.defaults[:mock]
FakeWeb.clean_registry Excon.stubs.clear
FakeWeb.register_uri(:get, "http://169.254.169.254/latest/meta-data/iam/security-credentials/", :body => 'arole')
expires_at = Time.at(Time.now.to_i + 500) begin
credentials = { Excon.defaults[:mock] = true
'AccessKeyId' => 'dummykey', default_credentials = Fog::Compute::AWS.fetch_credentials({})
'SecretAccessKey' => 'dummysecret', Excon.stub({:method => :get, :path => "/latest/meta-data/iam/security-credentials/"}, {:status => 200, :body => 'arole'})
'Token' => 'dummytoken',
'Expiration' => expires_at.xmlschema
}
FakeWeb.register_uri(:get, "http://169.254.169.254/latest/meta-data/iam/security-credentials/arole", :body => Fog::JSON.encode(credentials)) expires_at = Time.at(Time.now.to_i + 500)
credentials = {
'AccessKeyId' => 'dummykey',
'SecretAccessKey' => 'dummysecret',
'Token' => 'dummytoken',
'Expiration' => expires_at.xmlschema
}
Excon.stub({:method => :get, :path => "/latest/meta-data/iam/security-credentials/arole"}, {:status => 200, :body => Fog::JSON.encode(credentials)})
tests("#fetch_credentials") do tests("#fetch_credentials") do
returns({:aws_access_key_id => 'dummykey', returns({:aws_access_key_id => 'dummykey',
:aws_secret_access_key => 'dummysecret', :aws_secret_access_key => 'dummysecret',
:aws_session_token => 'dummytoken', :aws_session_token => 'dummytoken',
:aws_credentials_expire_at => expires_at}) { Fog::Compute::AWS.fetch_credentials(:use_iam_profile => true) } :aws_credentials_expire_at => expires_at}) { Fog::Compute::AWS.fetch_credentials(:use_iam_profile => true) }
end
compute = Fog::Compute::AWS.new(:use_iam_profile => true)
tests("#refresh_credentials_if_expired") do
returns(nil){compute.refresh_credentials_if_expired}
end
credentials['AccessKeyId'] = 'newkey'
credentials['SecretAccessKey'] = 'newsecret'
credentials['Expiration'] = (expires_at + 10).xmlschema
Excon.stub({:method => :get, :path => "/latest/meta-data/iam/security-credentials/arole"}, {:status => 200, :body => Fog::JSON.encode(credentials)})
Fog::Time.now = expires_at + 1
tests("#refresh_credentials_if_expired") do
returns(true){compute.refresh_credentials_if_expired}
returns("newkey"){ compute.instance_variable_get(:@aws_access_key_id)}
end
Fog::Time.now = Time.now
tests("#fetch_credentials when the url 404s") do
Excon.stub({:method => :get, :path => "/latest/meta-data/iam/security-credentials/"}, {:status => 404, :body => 'not bound'})
returns(default_credentials) {Fog::Compute::AWS.fetch_credentials(:use_iam_profile => true)}
end
ensure
Excon.stubs.clear
Excon.defaults[:mock] = old_mock_value
end end
compute = Fog::Compute::AWS.new(:use_iam_profile => true)
tests("#refresh_credentials_if_expired") do
returns(nil){compute.refresh_credentials_if_expired}
end
credentials['AccessKeyId'] = 'newkey'
credentials['SecretAccessKey'] = 'newsecret'
credentials['Expiration'] = (expires_at + 10).xmlschema
FakeWeb.register_uri(:get, "http://169.254.169.254/latest/meta-data/iam/security-credentials/arole", :body => Fog::JSON.encode(credentials))
Fog::Time.now = expires_at + 1
tests("#refresh_credentials_if_expired") do
returns(true){compute.refresh_credentials_if_expired}
returns("newkey"){ compute.instance_variable_get(:@aws_access_key_id)}
end
tests("#fetch_credentials when the url 404s") do
FakeWeb.register_uri(:get, "http://169.254.169.254/latest/meta-data/iam/security-credentials/", :body => '', :status => [404, 'Not found'])
returns(default_credentials) {Fog::Compute::AWS.fetch_credentials(:use_iam_profile => true)}
end
FakeWeb.clean_registry
Fog::Time.now = Time.now
end end