1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

Try to enable more exotic auth methods in httpapi (#43212)

* Try to enable more exotic auth methods in httpapi

* Auth tokens won't always come back.

* Reconcile #43147 with this PR
This commit is contained in:
Nathaniel Case 2018-07-24 13:22:40 -04:00 committed by GitHub
parent ac1f05478e
commit a7097f6735
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 39 additions and 5 deletions

View file

@ -144,7 +144,7 @@ from ansible.errors import AnsibleConnectionFailure
from ansible.module_utils._text import to_bytes
from ansible.module_utils.six import PY3
from ansible.module_utils.six.moves import cPickle
from ansible.module_utils.six.moves.urllib.error import URLError
from ansible.module_utils.six.moves.urllib.error import HTTPError
from ansible.module_utils.urls import open_url
from ansible.playbook.play_context import PlayContext
from ansible.plugins.loader import cliconf_loader, httpapi_loader
@ -222,30 +222,43 @@ class Connection(NetworkConnectionBase):
self._connected = True
def close(self):
'''
Close the active session to the device
'''
# only close the connection if its connected.
if self._connected:
display.vvvv("closing http(s) connection to device", host=self._play_context.remote_addr)
self.logout()
super(Connection, self).close()
def send(self, path, data, **kwargs):
'''
Sends the command to the device over api
'''
url_kwargs = dict(
timeout=self.get_option('timeout'), validate_certs=self.get_option('validate_certs'),
headers={},
)
url_kwargs.update(kwargs)
if self._auth:
url_kwargs['headers']['Cookie'] = self._auth
url_kwargs['headers'].update(self._auth)
else:
url_kwargs['url_username'] = self.get_option('remote_user')
url_kwargs['url_password'] = self.get_option('password')
try:
response = open_url(self._url + path, data=data, **url_kwargs)
except URLError as exc:
if exc.reason == 'Unauthorized' and self._auth:
except HTTPError as exc:
if exc.code == 401 and self._auth:
# Stored auth appears to be invalid, clear and retry
self._auth = None
self.login(self.get_option('remote_user'), self.get_option('password'))
return self.send(path, data, **kwargs)
raise AnsibleConnectionFailure('Could not connect to {0}: {1}'.format(self._url, exc.reason))
self._auth = response.info().get('Set-Cookie')
# Try to assign a new auth token if one is given
self._auth = self.update_auth(response) or self._auth
return response

View file

@ -28,6 +28,27 @@ class HttpApiBase(AnsiblePlugin):
"""
pass
def logout(self):
""" Call to implement session logout.
Method to clear session gracefully e.g. tokens granted in login
need to be revoked.
"""
pass
def update_auth(self, response):
"""Return per-request auth token.
The response should be a dictionary that can be plugged into the
headers of a request. The default implementation uses cookie data.
If no authentication data is found, return None
"""
cookie = response.info().get('Set-Cookie')
if cookie:
return {'Cookie': cookie}
return None
@abstractmethod
def send_request(self, data, **message_kwargs):
"""Prepares and sends request(s) to device."""