1 files changed, 264 insertions, 0 deletions

diff --git a/lib/ansible/plugins/lookup/url.py b/lib/ansible/plugins/lookup/url.py
new file mode 100644
index 0000000..6790e1c
--- /dev/null
+++ b/lib/ansible/plugins/lookup/url.py
@@ -0,0 +1,264 @@
+# (c) 2015, Brian Coca <bcoca@ansible.com>
+# (c) 2012-17 Ansible Project
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+DOCUMENTATION = """
+name: url
+author: Brian Coca (@bcoca)
+version_added: "1.9"
+short_description: return contents from URL
+description:
+    - Returns the content of the URL requested to be used as data in play.
+options:
+  _terms:
+    description: urls to query
+  validate_certs:
+    description: Flag to control SSL certificate validation
+    type: boolean
+    default: True
+  split_lines:
+    description: Flag to control if content is returned as a list of lines or as a single text blob
+    type: boolean
+    default: True
+  use_proxy:
+    description: Flag to control if the lookup will observe HTTP proxy environment variables when present.
+    type: boolean
+    default: True
+  username:
+    description: Username to use for HTTP authentication.
+    type: string
+    version_added: "2.8"
+  password:
+    description: Password to use for HTTP authentication.
+    type: string
+    version_added: "2.8"
+  headers:
+    description: HTTP request headers
+    type: dictionary
+    default: {}
+    version_added: "2.9"
+  force:
+    description: Whether or not to set "cache-control" header with value "no-cache"
+    type: boolean
+    version_added: "2.10"
+    default: False
+    vars:
+        - name: ansible_lookup_url_force
+    env:
+        - name: ANSIBLE_LOOKUP_URL_FORCE
+    ini:
+        - section: url_lookup
+          key: force
+  timeout:
+    description: How long to wait for the server to send data before giving up
+    type: float
+    version_added: "2.10"
+    default: 10
+    vars:
+        - name: ansible_lookup_url_timeout
+    env:
+        - name: ANSIBLE_LOOKUP_URL_TIMEOUT
+    ini:
+        - section: url_lookup
+          key: timeout
+  http_agent:
+    description: User-Agent to use in the request. The default was changed in 2.11 to C(ansible-httpget).
+    type: string
+    version_added: "2.10"
+    default: ansible-httpget
+    vars:
+        - name: ansible_lookup_url_agent
+    env:
+        - name: ANSIBLE_LOOKUP_URL_AGENT
+    ini:
+        - section: url_lookup
+          key: agent
+  force_basic_auth:
+    description: Force basic authentication
+    type: boolean
+    version_added: "2.10"
+    default: False
+    vars:
+        - name: ansible_lookup_url_agent
+    env:
+        - name: ANSIBLE_LOOKUP_URL_AGENT
+    ini:
+        - section: url_lookup
+          key: agent
+  follow_redirects:
+    description: String of urllib2, all/yes, safe, none to determine how redirects are followed, see RedirectHandlerFactory for more information
+    type: string
+    version_added: "2.10"
+    default: 'urllib2'
+    vars:
+        - name: ansible_lookup_url_follow_redirects
+    env:
+        - name: ANSIBLE_LOOKUP_URL_FOLLOW_REDIRECTS
+    ini:
+        - section: url_lookup
+          key: follow_redirects
+  use_gssapi:
+    description:
+    - Use GSSAPI handler of requests
+    - As of Ansible 2.11, GSSAPI credentials can be specified with I(username) and I(password).
+    type: boolean
+    version_added: "2.10"
+    default: False
+    vars:
+        - name: ansible_lookup_url_use_gssapi
+    env:
+        - name: ANSIBLE_LOOKUP_URL_USE_GSSAPI
+    ini:
+        - section: url_lookup
+          key: use_gssapi
+  use_netrc:
+    description:
+    - Determining whether to use credentials from ``~/.netrc`` file
+    - By default .netrc is used with Basic authentication headers
+    - When set to False, .netrc credentials are ignored
+    type: boolean
+    version_added: "2.14"
+    default: True
+    vars:
+        - name: ansible_lookup_url_use_netrc
+    env:
+        - name: ANSIBLE_LOOKUP_URL_USE_NETRC
+    ini:
+        - section: url_lookup
+          key: use_netrc
+  unix_socket:
+    description: String of file system path to unix socket file to use when establishing connection to the provided url
+    type: string
+    version_added: "2.10"
+    vars:
+        - name: ansible_lookup_url_unix_socket
+    env:
+        - name: ANSIBLE_LOOKUP_URL_UNIX_SOCKET
+    ini:
+        - section: url_lookup
+          key: unix_socket
+  ca_path:
+    description: String of file system path to CA cert bundle to use
+    type: string
+    version_added: "2.10"
+    vars:
+        - name: ansible_lookup_url_ca_path
+    env:
+        - name: ANSIBLE_LOOKUP_URL_CA_PATH
+    ini:
+        - section: url_lookup
+          key: ca_path
+  unredirected_headers:
+    description: A list of headers to not attach on a redirected request
+    type: list
+    elements: string
+    version_added: "2.10"
+    vars:
+        - name: ansible_lookup_url_unredir_headers
+    env:
+        - name: ANSIBLE_LOOKUP_URL_UNREDIR_HEADERS
+    ini:
+        - section: url_lookup
+          key: unredirected_headers
+  ciphers:
+    description:
+      - SSL/TLS Ciphers to use for the request
+      - 'When a list is provided, all ciphers are joined in order with C(:)'
+      - See the L(OpenSSL Cipher List Format,https://www.openssl.org/docs/manmaster/man1/openssl-ciphers.html#CIPHER-LIST-FORMAT)
+        for more details.
+      - The available ciphers is dependent on the Python and OpenSSL/LibreSSL versions
+    type: list
+    elements: string
+    version_added: '2.14'
+    vars:
+        - name: ansible_lookup_url_ciphers
+    env:
+        - name: ANSIBLE_LOOKUP_URL_CIPHERS
+    ini:
+        - section: url_lookup
+          key: ciphers
+"""
+
+EXAMPLES = """
+- name: url lookup splits lines by default
+  ansible.builtin.debug: msg="{{item}}"
+  loop: "{{ lookup('ansible.builtin.url', 'https://github.com/gremlin.keys', wantlist=True) }}"
+
+- name: display ip ranges
+  ansible.builtin.debug: msg="{{ lookup('ansible.builtin.url', 'https://ip-ranges.amazonaws.com/ip-ranges.json', split_lines=False) }}"
+
+- name: url lookup using authentication
+  ansible.builtin.debug: msg="{{ lookup('ansible.builtin.url', 'https://some.private.site.com/file.txt', username='bob', password='hunter2') }}"
+
+- name: url lookup using basic authentication
+  ansible.builtin.debug:
+    msg: "{{ lookup('ansible.builtin.url', 'https://some.private.site.com/file.txt', username='bob', password='hunter2', force_basic_auth='True') }}"
+
+- name: url lookup using headers
+  ansible.builtin.debug:
+    msg: "{{ lookup('ansible.builtin.url', 'https://some.private.site.com/api/service', headers={'header1':'value1', 'header2':'value2'} ) }}"
+"""
+
+RETURN = """
+  _list:
+    description: list of list of lines or content of url(s)
+    type: list
+    elements: str
+"""
+
+from urllib.error import HTTPError, URLError
+
+from ansible.errors import AnsibleError
+from ansible.module_utils._text import to_text, to_native
+from ansible.module_utils.urls import open_url, ConnectionError, SSLValidationError
+from ansible.plugins.lookup import LookupBase
+from ansible.utils.display import Display
+
+display = Display()
+
+
+class LookupModule(LookupBase):
+
+    def run(self, terms, variables=None, **kwargs):
+
+        self.set_options(var_options=variables, direct=kwargs)
+
+        ret = []
+        for term in terms:
+            display.vvvv("url lookup connecting to %s" % term)
+            try:
+                response = open_url(
+                    term, validate_certs=self.get_option('validate_certs'),
+                    use_proxy=self.get_option('use_proxy'),
+                    url_username=self.get_option('username'),
+                    url_password=self.get_option('password'),
+                    headers=self.get_option('headers'),
+                    force=self.get_option('force'),
+                    timeout=self.get_option('timeout'),
+                    http_agent=self.get_option('http_agent'),
+                    force_basic_auth=self.get_option('force_basic_auth'),
+                    follow_redirects=self.get_option('follow_redirects'),
+                    use_gssapi=self.get_option('use_gssapi'),
+                    unix_socket=self.get_option('unix_socket'),
+                    ca_path=self.get_option('ca_path'),
+                    unredirected_headers=self.get_option('unredirected_headers'),
+                    ciphers=self.get_option('ciphers'),
+                    use_netrc=self.get_option('use_netrc')
+                )
+            except HTTPError as e:
+                raise AnsibleError("Received HTTP error for %s : %s" % (term, to_native(e)))
+            except URLError as e:
+                raise AnsibleError("Failed lookup url for %s : %s" % (term, to_native(e)))
+            except SSLValidationError as e:
+                raise AnsibleError("Error validating the server's certificate for %s: %s" % (term, to_native(e)))
+            except ConnectionError as e:
+                raise AnsibleError("Error connecting to %s: %s" % (term, to_native(e)))
+
+            if self.get_option('split_lines'):
+                for line in response.read().splitlines():
+                    ret.append(to_text(line))
+            else:
+                ret.append(to_text(response.read()))
+        return ret