Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
0ca8db25
Commit
0ca8db25
authored
Apr 19, 2016
by
Kamil Trzcinski
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Try to fix auth service
parent
03b3fe13
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
17 additions
and
17 deletions
+17
-17
lib/api/auth.rb
lib/api/auth.rb
+17
-17
No files found.
lib/api/auth.rb
View file @
0ca8db25
...
...
@@ -3,12 +3,12 @@ module API
class
Auth
<
Grape
::
API
namespace
'auth'
do
get
'token'
do
required_attributes!
[
:s
cope
,
:s
ervice
]
keys
=
attributes_for_keys
[
:scope
,
:service
]
required_attributes!
[
:service
]
keys
=
attributes_for_keys
[
:
offline_token
,
:
scope
,
:service
]
case
keys
[
:service
]
when
'docker'
docker_token_auth
(
keys
[
:scope
])
docker_token_auth
(
keys
[
:scope
]
,
keys
[
:offline_token
]
)
else
not_found!
end
...
...
@@ -16,19 +16,23 @@ module API
end
helpers
do
def
docker_token_auth
(
scope
)
@type
,
@path
,
actions
=
scope
.
split
(
':'
,
3
)
bad_request!
(
"invalid type:
#{
type
}
"
)
unless
type
==
'repository'
def
docker_token_auth
(
scope
,
offline_token
)
auth!
@actions
=
actions
.
split
(
','
)
bad_request!
(
'missing actions'
)
if
@actions
.
empty?
if
offline_token
forbidden!
unless
@user
elsif
scope
@type
,
@path
,
actions
=
scope
.
split
(
':'
,
3
)
bad_request!
(
"invalid type:
#{
@type
}
"
)
unless
@type
==
'repository'
@project
=
Project
.
find_with_namespace
(
path
)
not_found!
(
'Project'
)
unless
@project
@actions
=
actions
.
split
(
','
)
bad_request!
(
'missing actions'
)
if
@actions
.
empty?
auth!
@project
=
Project
.
find_with_namespace
(
@path
)
not_found!
(
'Project'
)
unless
@project
authorize_actions!
(
@actions
)
authorize_actions!
(
@actions
)
end
{
token:
encode
(
docker_payload
)
}
end
...
...
@@ -50,7 +54,7 @@ module API
@user
=
authenticate_user
(
login
,
password
)
if
@user
request
.
env
[
'REMOTE_USER'
]
=
@
auth
.
username
request
.
env
[
'REMOTE_USER'
]
=
@
user
.
username
end
end
...
...
@@ -71,10 +75,6 @@ module API
def
authenticate_user
(
login
,
password
)
user
=
Gitlab
::
Auth
.
new
.
find
(
login
,
password
)
unless
user
user
=
oauth_access_token_check
(
login
,
password
)
end
# If the user authenticated successfully, we reset the auth failure count
# from Rack::Attack for that IP. A client may attempt to authenticate
# with a username and blank password first, and only after it receives
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment