Remove duplicated auth method in package code

removes #find_personal_access_token_from_http_basic_auth which already exists in auth_finders.rb

Remove duplicated auth method in package code
removes #find_personal_access_token_from_http_basic_auth which already exists in auth_finders.rb
424a2e9f · Giorgenes Gelatti · bbd574e3 · 424a2e9f · 424a2e9f · 424a2e9f
Commit 424a2e9f authored Aug 17, 2020 by Giorgenes Gelatti
6 changed files
--- a/lib/api/composer_packages.rb
+++ b/lib/api/composer_packages.rb
@@ -59,7 +59,7 @@ module API
      desc 'Composer packages endpoint at group level'
-      route_setting :authentication, job_token_allowed: true
+      route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
      get ':id/-/packages/composer/packages' do
        presenter.root
@@ -71,7 +71,7 @@ module API
        requires :sha, type: String, desc: 'Shasum of current json'
      end
-      route_setting :authentication, job_token_allowed: true
+      route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
      get ':id/-/packages/composer/p/:sha' do
        presenter.provider
@@ -83,7 +83,7 @@ module API
        requires :package_name, type: String, file_path: true, desc: 'The Composer package name'
      end
-      route_setting :authentication, job_token_allowed: true
+      route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
      get ':id/-/packages/composer/*package_name', requirements: COMPOSER_ENDPOINT_REQUIREMENTS, file_path: true do
        not_found! if packages.empty?
@@ -104,7 +104,7 @@ module API
      desc 'Composer packages endpoint for registering packages'
      namespace ':id/packages/composer' do
-        route_setting :authentication, job_token_allowed: true
+        route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
        params do
          optional :branch, type: String, desc: 'The name of the branch'

--- a/lib/api/conan_packages.rb
+++ b/lib/api/conan_packages.rb
@@ -38,7 +38,9 @@ module API
      desc 'Ping the Conan API' do
        detail 'This feature was introduced in GitLab 12.2'
      end
-      route_setting :authentication, job_token_allowed: true
+      route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
      get 'ping' do
        header 'X-Conan-Server-Capabilities', [].join(',')
      end
@@ -46,10 +48,13 @@ module API
      desc 'Search for packages' do
        detail 'This feature was introduced in GitLab 12.4'
      end
      params do
        requires :q, type: String, desc: 'Search query'
      end
-      route_setting :authentication, job_token_allowed: true
+      route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
      get 'conans/search' do
        service = ::Packages::Conan::SearchService.new(current_user, query: params[:q]).execute
        service.payload
@@ -61,7 +66,9 @@ module API
        desc 'Authenticate user against conan CLI' do
          detail 'This feature was introduced in GitLab 12.2'
        end
-        route_setting :authentication, job_token_allowed: true
+        route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
        get 'authenticate' do
          unauthorized! unless token
@@ -71,7 +78,9 @@ module API
        desc 'Check for valid user credentials per conan CLI' do
          detail 'This feature was introduced in GitLab 12.4'
        end
-        route_setting :authentication, job_token_allowed: true
+        route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
        get 'check_credentials' do
          authenticate!
          :ok
@@ -93,10 +102,13 @@ module API
        desc 'Package Snapshot' do
          detail 'This feature was introduced in GitLab 12.5'
        end
        params do
          requires :conan_package_reference, type: String, desc: 'Conan package ID'
        end
-        route_setting :authentication, job_token_allowed: true
+        route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
        get 'packages/:conan_package_reference' do
          authorize!(:read_package, project)
@@ -113,7 +125,9 @@ module API
        desc 'Recipe Snapshot' do
          detail 'This feature was introduced in GitLab 12.5'
        end
-        route_setting :authentication, job_token_allowed: true
+        route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
        get do
          authorize!(:read_package, project)
@@ -133,7 +147,9 @@ module API
        params do
          requires :conan_package_reference, type: String, desc: 'Conan package ID'
        end
-        route_setting :authentication, job_token_allowed: true
+        route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
        get 'packages/:conan_package_reference/digest' do
          present_package_download_urls
        end
@@ -141,7 +157,9 @@ module API
        desc 'Recipe Digest' do
          detail 'This feature was introduced in GitLab 12.5'
        end
-        route_setting :authentication, job_token_allowed: true
+        route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
        get 'digest' do
          present_recipe_download_urls
        end
@@ -155,10 +173,13 @@ module API
        desc 'Package Download Urls' do
          detail 'This feature was introduced in GitLab 12.5'
        end
        params do
          requires :conan_package_reference, type: String, desc: 'Conan package ID'
        end
-        route_setting :authentication, job_token_allowed: true
+        route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
        get 'packages/:conan_package_reference/download_urls' do
          present_package_download_urls
        end
@@ -166,7 +187,9 @@ module API
        desc 'Recipe Download Urls' do
          detail 'This feature was introduced in GitLab 12.5'
        end
-        route_setting :authentication, job_token_allowed: true
+        route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
        get 'download_urls' do
          present_recipe_download_urls
        end
@@ -181,10 +204,13 @@ module API
        desc 'Package Upload Urls' do
          detail 'This feature was introduced in GitLab 12.4'
        end
        params do
          requires :conan_package_reference, type: String, desc: 'Conan package ID'
        end
-        route_setting :authentication, job_token_allowed: true
+        route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
        post 'packages/:conan_package_reference/upload_urls' do
          authorize!(:read_package, project)
@@ -197,7 +223,9 @@ module API
        desc 'Recipe Upload Urls' do
          detail 'This feature was introduced in GitLab 12.4'
        end
-        route_setting :authentication, job_token_allowed: true
+        route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
        post 'upload_urls' do
          authorize!(:read_package, project)
@@ -210,7 +238,9 @@ module API
        desc 'Delete Package' do
          detail 'This feature was introduced in GitLab 12.5'
        end
-        route_setting :authentication, job_token_allowed: true
+        route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
        delete do
          authorize!(:destroy_package, project)
@@ -239,7 +269,9 @@ module API
          desc 'Download recipe files' do
            detail 'This feature was introduced in GitLab 12.6'
          end
-          route_setting :authentication, job_token_allowed: true
+          route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
          get do
            download_package_file(:recipe_file)
          end
@@ -247,10 +279,13 @@ module API
          desc 'Upload recipe package files' do
            detail 'This feature was introduced in GitLab 12.6'
          end
          params do
            use :workhorse_upload_params
          end
-          route_setting :authentication, job_token_allowed: true
+          route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
          put do
            upload_package_file(:recipe_file)
          end
@@ -258,7 +293,9 @@ module API
          desc 'Workhorse authorize the conan recipe file' do
            detail 'This feature was introduced in GitLab 12.6'
          end
-          route_setting :authentication, job_token_allowed: true
+          route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
          put 'authorize' do
            authorize_workhorse!(subject: project)
          end
@@ -273,7 +310,9 @@ module API
          desc 'Download package files' do
            detail 'This feature was introduced in GitLab 12.5'
          end
-          route_setting :authentication, job_token_allowed: true
+          route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
          get do
            download_package_file(:package_file)
          end
@@ -281,7 +320,9 @@ module API
          desc 'Workhorse authorize the conan package file' do
            detail 'This feature was introduced in GitLab 12.6'
          end
-          route_setting :authentication, job_token_allowed: true
+          route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
          put 'authorize' do
            authorize_workhorse!(subject: project)
          end
@@ -289,10 +330,13 @@ module API
          desc 'Upload package files' do
            detail 'This feature was introduced in GitLab 12.6'
          end
          params do
            use :workhorse_upload_params
          end
-          route_setting :authentication, job_token_allowed: true
+          route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
          put do
            upload_package_file(:package_file)
          end

--- a/lib/api/helpers/packages_manager_clients_helpers.rb
+++ b/lib/api/helpers/packages_manager_clients_helpers.rb
@@ -16,16 +16,6 @@ module API
        optional 'file.sha256', type: String, desc: 'SHA256 checksum of the file (generated by Workhorse)'
      end
-      def find_personal_access_token_from_http_basic_auth
-        return unless headers
-        token = decode_token
-        return unless token
-        PersonalAccessToken.find_by_token(token)
-      end
      def find_job_from_http_basic_auth
        return unless headers

--- a/lib/api/nuget_packages.rb
+++ b/lib/api/nuget_packages.rb
@@ -55,7 +55,7 @@ module API
      requires :id, type: String, desc: 'The ID of a project', regexp: POSITIVE_INTEGER_REGEX
    end
-    route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth
+    route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth, basic_auth_personal_access_token: true
    resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
      before do
@@ -68,7 +68,7 @@ module API
          detail 'This feature was introduced in GitLab 12.6'
        end
-        route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth
+        route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth, basic_auth_personal_access_token: true
        get 'index', format: :json do
          authorize_read_package!(authorized_user_project)
@@ -88,7 +88,7 @@ module API
          requires :package, type: ::API::Validations::Types::WorkhorseFile, desc: 'The package file to be published (generated by Multipart middleware)'
        end
-        route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth
+        route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth, basic_auth_personal_access_token: true
        put do
          authorize_upload!(authorized_user_project)
@@ -115,7 +115,7 @@ module API
          forbidden!
        end
-        route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth
+        route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth, basic_auth_personal_access_token: true
        put 'authorize' do
          authorize_workhorse!(subject: authorized_user_project, has_length: false)
@@ -134,7 +134,7 @@ module API
            detail 'This feature was introduced in GitLab 12.8'
          end
-          route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth
+          route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth, basic_auth_personal_access_token: true
          get 'index', format: :json do
            present ::Packages::Nuget::PackagesMetadataPresenter.new(find_packages),
@@ -148,7 +148,7 @@ module API
            requires :package_version, type: String, desc: 'The NuGet package version', regexp: API::NO_SLASH_URL_PART_REGEX
          end
-          route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth
+          route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth, basic_auth_personal_access_token: true
          get '*package_version', format: :json do
            present ::Packages::Nuget::PackageMetadataPresenter.new(find_package),
@@ -169,7 +169,7 @@ module API
            detail 'This feature was introduced in GitLab 12.8'
          end
-          route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth
+          route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth, basic_auth_personal_access_token: true
          get 'index', format: :json do
            present ::Packages::Nuget::PackagesVersionsPresenter.new(find_packages),
@@ -184,7 +184,7 @@ module API
            requires :package_filename, type: String, desc: 'The NuGet package filename', regexp: API::NO_SLASH_URL_PART_REGEX
          end
-          route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth
+          route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth, basic_auth_personal_access_token: true
          get '*package_version/*package_filename', format: :nupkg do
            filename = "#{params[:package_filename]}.#{params[:format]}"
@@ -216,7 +216,7 @@ module API
            detail 'This feature was introduced in GitLab 12.8'
          end
-          route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth
+          route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth, basic_auth_personal_access_token: true
          get format: :json do
            search_options = {

--- a/lib/api/pypi_packages.rb
+++ b/lib/api/pypi_packages.rb
@@ -64,7 +64,7 @@ module API
          requires :sha256, type: String, desc: 'The PyPi package sha256 check sum'
        end
-        route_setting :authentication, deploy_token_allowed: true
+        route_setting :authentication, deploy_token_allowed: true, basic_auth_personal_access_token: true
        get 'files/:sha256/*file_identifier' do
          project = unauthorized_user_project!
@@ -87,7 +87,7 @@ module API
        # An Api entry point but returns an HTML file instead of JSON.
        # PyPi simple API returns the package descriptor as a simple HTML file.
-        route_setting :authentication, deploy_token_allowed: true
+        route_setting :authentication, deploy_token_allowed: true, basic_auth_personal_access_token: true
        get 'simple/*package_name', format: :txt do
          authorize_read_package!(authorized_user_project)
@@ -117,7 +117,7 @@ module API
          optional :sha256_digest, type: String
        end
-        route_setting :authentication, deploy_token_allowed: true
+        route_setting :authentication, deploy_token_allowed: true, basic_auth_personal_access_token: true
        post do
          authorize_upload!(authorized_user_project)
@@ -134,7 +134,7 @@ module API
          forbidden!
        end
-        route_setting :authentication, deploy_token_allowed: true
+        route_setting :authentication, deploy_token_allowed: true, basic_auth_personal_access_token: true
        post 'authorize' do
          authorize_workhorse!(subject: authorized_user_project, has_length: false)
        end

--- a/spec/lib/api/helpers/packages_manager_clients_helpers_spec.rb
+++ b/spec/lib/api/helpers/packages_manager_clients_helpers_spec.rb
@@ -8,40 +8,6 @@ RSpec.describe API::Helpers::PackagesManagerClientsHelpers do
  let_it_be(:helper) { Class.new.include(described_class).new }
  let(:password) { personal_access_token.token }
-  describe '#find_personal_access_token_from_http_basic_auth' do
-    let(:headers) { { Authorization: basic_http_auth(username, password) } }
-    subject { helper.find_personal_access_token_from_http_basic_auth }
-    before do
-      allow(helper).to receive(:headers).and_return(headers&.with_indifferent_access)
-    end
-    context 'with a valid Authorization header' do
-      it { is_expected.to eq personal_access_token }
-    end
-    context 'with an invalid Authorization header' do
-      where(:headers) do
-        [
-          [{ Authorization: 'Invalid' }],
-          [{}],
-          [nil]
-        ]
-      end
-      with_them do
-        it { is_expected.to be nil }
-      end
-    end
-    context 'with an unknown Authorization header' do
-      let(:password) { 'Unknown' }
-      it { is_expected.to be nil }
-    end
-  end
  describe '#find_job_from_http_basic_auth' do
    let_it_be(:user) { personal_access_token.user }