mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
Expose unredirected_headers on maven_artifact (#4812)
* Expose unredirected_headers to module In some cases, when the initial request returns a redirect and we want to follow it to get the artifact, we might not want to include certain headers in the redirection request. Specially headers like Authorization and Cookies. Or perhaps the redirect server returns a 400 because it included some unexpected headers. Fetch url already supports this feature, but it was being shadowed by maven_artifact. In here we just expose it. * Fix Linting errors * Applied Comments - Specified version added - Changed description of unredirected_headers * Check for ansible version If it's 2.11 or older, we ignore unredirected_headers, otherwise we use it, as fetch_url has them * Applied comments - Removed duplicated code in the call of fetch_url. Used kwargs instead - Added check if unredirected_params is not empty and the fetch_url function does not support it - Changed function that checks for ansible version - Removed unused import * Remove 2.11 breaking change Made default only for ansible-core version 2.12 and above, but for keep it empty for ansible-core version 2.11 and below. Also include the following changes: - change doc to use C() on the function description - changed doc to use ansible-core instead of Ansible * Changes in description for readability * Add changelog fragment * Change description changelog fragment
This commit is contained in:
parent
31ef6c914b
commit
a2677fd051
2 changed files with 32 additions and 1 deletions
|
@ -0,0 +1,2 @@
|
||||||
|
minor_changes:
|
||||||
|
- maven_artifact - add a new ``unredirected_headers`` option that can be used with ansible-core 2.12 and above. The default value is to not use ``Authorization`` and ``Cookie`` headers on redirects for security reasons. With ansible-core 2.11, all headers are still passed on for redirects (https://github.com/ansible-collections/community.general/pull/4812).
|
|
@ -150,6 +150,15 @@ options:
|
||||||
default: 'md5'
|
default: 'md5'
|
||||||
choices: ['md5', 'sha1']
|
choices: ['md5', 'sha1']
|
||||||
version_added: 3.2.0
|
version_added: 3.2.0
|
||||||
|
unredirected_headers:
|
||||||
|
type: list
|
||||||
|
elements: str
|
||||||
|
version_added: 5.2.0
|
||||||
|
description:
|
||||||
|
- A list of headers that should not be included in the redirection. This headers are sent to the fetch_url C(fetch_url) function.
|
||||||
|
- On ansible-core version 2.12 or later, the default of this option is C([Authorization, Cookie]).
|
||||||
|
- Useful if the redirection URL does not need to have sensitive headers in the request.
|
||||||
|
- Requires ansible-core version 2.12 or later.
|
||||||
directory_mode:
|
directory_mode:
|
||||||
type: str
|
type: str
|
||||||
description:
|
description:
|
||||||
|
@ -230,6 +239,7 @@ import tempfile
|
||||||
import traceback
|
import traceback
|
||||||
import re
|
import re
|
||||||
|
|
||||||
|
from ansible_collections.community.general.plugins.module_utils.version import LooseVersion
|
||||||
from ansible.module_utils.ansible_release import __version__ as ansible_version
|
from ansible.module_utils.ansible_release import __version__ as ansible_version
|
||||||
from re import match
|
from re import match
|
||||||
|
|
||||||
|
@ -509,7 +519,18 @@ class MavenDownloader:
|
||||||
self.module.params['url_password'] = self.module.params.get('password', '')
|
self.module.params['url_password'] = self.module.params.get('password', '')
|
||||||
self.module.params['http_agent'] = self.user_agent
|
self.module.params['http_agent'] = self.user_agent
|
||||||
|
|
||||||
response, info = fetch_url(self.module, url_to_use, timeout=req_timeout, headers=self.headers)
|
kwargs = {}
|
||||||
|
if self.module.params['unredirected_headers']:
|
||||||
|
kwargs['unredirected_headers'] = self.module.params['unredirected_headers']
|
||||||
|
|
||||||
|
response, info = fetch_url(
|
||||||
|
self.module,
|
||||||
|
url_to_use,
|
||||||
|
timeout=req_timeout,
|
||||||
|
headers=self.headers,
|
||||||
|
**kwargs
|
||||||
|
)
|
||||||
|
|
||||||
if info['status'] == 200:
|
if info['status'] == 200:
|
||||||
return response
|
return response
|
||||||
if force:
|
if force:
|
||||||
|
@ -614,12 +635,20 @@ def main():
|
||||||
keep_name=dict(required=False, default=False, type='bool'),
|
keep_name=dict(required=False, default=False, type='bool'),
|
||||||
verify_checksum=dict(required=False, default='download', choices=['never', 'download', 'change', 'always']),
|
verify_checksum=dict(required=False, default='download', choices=['never', 'download', 'change', 'always']),
|
||||||
checksum_alg=dict(required=False, default='md5', choices=['md5', 'sha1']),
|
checksum_alg=dict(required=False, default='md5', choices=['md5', 'sha1']),
|
||||||
|
unredirected_headers=dict(type='list', elements='str', required=False),
|
||||||
directory_mode=dict(type='str'),
|
directory_mode=dict(type='str'),
|
||||||
),
|
),
|
||||||
add_file_common_args=True,
|
add_file_common_args=True,
|
||||||
mutually_exclusive=([('version', 'version_by_spec')])
|
mutually_exclusive=([('version', 'version_by_spec')])
|
||||||
)
|
)
|
||||||
|
|
||||||
|
if LooseVersion(ansible_version) < LooseVersion("2.12") and module.params['unredirected_headers']:
|
||||||
|
module.fail_json(msg="Unredirected Headers parameter provided, but your ansible-core version does not support it. Minimum version is 2.12")
|
||||||
|
|
||||||
|
if LooseVersion(ansible_version) >= LooseVersion("2.12") and module.params['unredirected_headers'] is None:
|
||||||
|
# if the user did not supply unredirected params, we use the default, ONLY on ansible core 2.12 and above
|
||||||
|
module.params['unredirected_headers'] = ['Authorization', 'Cookie']
|
||||||
|
|
||||||
if not HAS_LXML_ETREE:
|
if not HAS_LXML_ETREE:
|
||||||
module.fail_json(msg=missing_required_lib('lxml'), exception=LXML_ETREE_IMP_ERR)
|
module.fail_json(msg=missing_required_lib('lxml'), exception=LXML_ETREE_IMP_ERR)
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue