Refactoring GET request handling. (#45051)

2025-07-25 06:10:22 -07:00 · 2018-09-04 21:28:04 +02:00 · 2018-09-04 21:28:04 +02:00 · 26edeb7cce
commit 26edeb7cce
parent 998badbda5
2 changed files with 47 additions and 51 deletions
--- a/lib/ansible/module_utils/acme.py
+++ b/lib/ansible/module_utils/acme.py
@ -81,29 +81,6 @@ def nopad_b64(data):
    return base64.urlsafe_b64encode(data).decode('utf8').replace("=", "")


-def simple_get(module, url):
-    resp, info = fetch_url(module, url, method='GET')
-
-    result = {}
-    try:
-        content = resp.read()
-    except AttributeError:
-        content = info.get('body')
-
-    if content:
-        if info['content-type'].startswith('application/json'):
-            try:
-                result = module.from_json(content.decode('utf8'))
-            except ValueError:
-                raise ModuleFailException("Failed to parse the ACME response: {0} {1}".format(url, content))
-        else:
-            result = content
-
-    if info['status'] >= 400:
-        raise ModuleFailException("ACME request failed: CODE: {0} RESULT: {1}".format(info['status'], result))
-    return result
-
-
 def read_file(fn, mode='b'):
    try:
        with open(fn, 'r' + mode) as f:
@ -469,12 +446,12 @@ class ACMEDirectory(object):
    https://tools.ietf.org/html/draft-ietf-acme-acme-14#section-7.1.1
    '''

-    def __init__(self, module):
+    def __init__(self, module, account):
        self.module = module
        self.directory_root = module.params['acme_directory']
        self.version = module.params['acme_version']

-        self.directory = simple_get(self.module, self.directory_root)
+        self.directory, dummy = account.get_request(self.directory_root)

        # Check whether self.version matches what we expect
        if self.version == 1:
@ -512,7 +489,6 @@ class ACMEAccount(object):
        # account_key path and content are mutually exclusive
        self.key = module.params['account_key_src']
        self.key_content = module.params['account_key_content']
-        self.directory = ACMEDirectory(module)

        # Grab account URI from module parameters.
        # Make sure empty string is treated as None.
@ -533,6 +509,8 @@ class ACMEAccount(object):
                # Make sure self.jws_header is updated
                self.set_account_uri(self.uri)

+        self.directory = ACMEDirectory(module, self)
+
    def get_keyauthorization(self, token):
        '''
        Returns the key authorization for the given token
@ -566,7 +544,7 @@ class ACMEAccount(object):
        else:
            return _sign_request_openssl(self._openssl_bin, self.module, payload64, protected64, key_data)

-    def send_signed_request(self, url, payload, key_data=None, jws_header=None):
+    def send_signed_request(self, url, payload, key_data=None, jws_header=None, parse_json_result=True):
        '''
        Sends a JWS signed HTTP POST request to the ACME server and returns
        the response as dictionary
@ -596,17 +574,19 @@ class ACMEAccount(object):
            except AttributeError:
                content = info.get('body')

-            if content:
-                if info['content-type'].startswith('application/json') or 400 <= info['status'] < 600:
+            if content or not parse_json_result:
+                if (parse_json_result and info['content-type'].startswith('application/json')) or 400 <= info['status'] < 600:
                    try:
-                        result = self.module.from_json(content.decode('utf8'))
+                        decoded_result = self.module.from_json(content.decode('utf8'))
                        # In case of badNonce error, try again (up to 5 times)
                        # (https://tools.ietf.org/html/draft-ietf-acme-acme-14#section-6.6)
                        if (400 <= info['status'] < 600 and
-                                result.get('type') == 'urn:ietf:params:acme:error:badNonce' and
+                                decoded_result.get('type') == 'urn:ietf:params:acme:error:badNonce' and
                                failed_tries <= 5):
                            failed_tries += 1
                            continue
+                        if parse_json_result:
+                            result = decoded_result
                    except ValueError:
                        raise ModuleFailException("Failed to parse the ACME response: {0} {1}".format(url, content))
                else:
@ -614,6 +594,31 @@ class ACMEAccount(object):

            return result, info

+    def get_request(self, uri, parse_json_result=True, headers=None):
+        resp, info = fetch_url(self.module, uri, method='GET', headers=headers)
+
+        try:
+            content = resp.read()
+        except AttributeError:
+            content = info.get('body')
+
+        if parse_json_result:
+            result = {}
+            if content:
+                if info['content-type'].startswith('application/json'):
+                    try:
+                        result = self.module.from_json(content.decode('utf8'))
+                    except ValueError:
+                        raise ModuleFailException("Failed to parse the ACME response: {0} {1}".format(uri, content))
+                else:
+                    result = content
+        else:
+            result = content
+
+        if info['status'] >= 400:
+            raise ModuleFailException("ACME request failed: CODE: {0} RESULT: {1}".format(info['status'], result))
+        return result, info
+
    def set_account_uri(self, uri):
        '''
        Set account URI. For ACME v2, it needs to be used to sending signed