chef_api_access.rb

require 'chef'
require 'chef/node'
require 'chef/rest'

# A registration for your API access
api_user = "monkey"
# A password for the API access
api_pass = "pants"
# A validation token, if you use them
validation_token = nil
# The chef server URL
chef_server_url = "http://chefserver.example.com"
# The chef sever openid URL
chef_server_openid = "http://chefserver.example.com:4001"
# The name of the node to work on
node_name = "yournode"

rest = Chef::REST.new('http://chefserver.example.com')

## Basically, all this tear up stuff should be replaced with
## two method calls when CHEF-66 gets closed.

# First, we're going to create a false registration for 
# API access
Chef::Log.debug("Registering #{api_user} for an openid") 
registration = nil
begin
  registration = rest.get_rest("registrations/#{api_user}")
rescue Net::HTTPServerException => e
  unless e.message =~ /^404/
    raise e
  end
end
unless registration
  rest.post_rest(
    "registrations", 
    { 
      :id => api_user, 
      :password => api_pass, 
      :validation_token => validation_token 
    }
  )
end

# Then we authenticate
response = rest.post_rest('openid/consumer/start', { 
  "openid_identifier" => "#{chef_server_openid}/openid/server/node/#{api_user}",
  "submit" => "Verify"
})
rest.post_rest(
  "#{chef_server_openid}#{response["action"]}",
  { "password" => api_pass }
)

# Now you can do whatever you want, assuming you are validated
node = rest.get_rest("nodes/#{node_name}")
node[:signal] = "noise"

# Save it
rest.put_rest("nodes/#{node_name}", node)