Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
2a360d94
Commit
2a360d94
authored
Apr 04, 2022
by
Paul Gascou-Vaillancourt
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Accept allow listed sessions
Allows ArkoseLabs sessions that have the allowlisted telltale to sign-in.
parent
0ca1e792
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
18 additions
and
1 deletion
+18
-1
ee/app/services/arkose/user_verification_service.rb
ee/app/services/arkose/user_verification_service.rb
+7
-1
ee/spec/services/arkose/user_verification_service_spec.rb
ee/spec/services/arkose/user_verification_service_spec.rb
+11
-0
No files found.
ee/app/services/arkose/user_verification_service.rb
View file @
2a360d94
...
...
@@ -4,6 +4,7 @@ module Arkose
attr_reader
:url
,
:session_token
,
:userid
VERIFY_URL
=
'http://verify-api.arkoselabs.com/api/v4/verify'
ALLOWLIST_TELLTALE
=
'gitlab1-whitelist-qa-team'
def
initialize
(
session_token
:,
userid
:)
@session_token
=
session_token
...
...
@@ -16,7 +17,7 @@ module Arkose
return
false
if
invalid_token
(
response
)
challenge_solved?
(
response
)
&&
low_risk?
(
response
)
challenge_solved?
(
response
)
&&
(
low_risk?
(
response
)
||
allowlisted?
(
response
)
)
rescue
StandardError
=>
error
payload
=
{
session_token:
session_token
,
log_data:
userid
}
Gitlab
::
ExceptionLogFormatter
.
format!
(
error
,
payload
)
...
...
@@ -57,5 +58,10 @@ module Arkose
risk_band
=
response
.
parsed_response
&
.
dig
(
'session_risk'
,
'risk_band'
)
risk_band
.
present?
?
risk_band
!=
'High'
:
true
end
def
allowlisted?
(
response
)
telltale_list
=
response
.
parsed_response
&
.
dig
(
'session_details'
,
'telltale_list'
)
||
[]
telltale_list
.
include?
(
ALLOWLIST_TELLTALE
)
end
end
end
ee/spec/services/arkose/user_verification_service_spec.rb
View file @
2a360d94
...
...
@@ -36,6 +36,17 @@ RSpec.describe Arkose::UserVerificationService do
allow
(
Gitlab
::
HTTP
).
to
receive
(
:perform_request
).
and_return
(
response
)
expect
(
subject
).
to
be_falsey
end
context
'when the session is allowlisted'
do
before
do
arkose_ec_response
[
'session_details'
][
'telltale_list'
].
push
(
Arkose
::
UserVerificationService
::
ALLOWLIST_TELLTALE
)
end
it
'returns true'
do
allow
(
Gitlab
::
HTTP
).
to
receive
(
:perform_request
).
and_return
(
response
)
expect
(
subject
).
to
be_truthy
end
end
end
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment