Skip to content

G
gitlab-ce
Commit 627a9a9c authored by Gabriel Mazetto's avatar Gabriel Mazetto
Browse files
Options

Codestyle changes

parent 862e70ea
Hide whitespace changes
Inline Side-by-side
Showing with 8 additions and 12 deletions
app/controllers/sessions_controller.rb
View file @ 627a9a9c
...@@ -115,7 +115,7 @@ class SessionsController < Devise::SessionsController ...@@ -115,7 +115,7 @@ class SessionsController < Devise::SessionsController
return if signed_in? || !Gitlab::Geo.secondary? return if signed_in? || !Gitlab::Geo.secondary?
oauth = Gitlab::Geo::OauthSession.new oauth = Gitlab::Geo::OauthSession.new
# share full url with primary node by shared session # share full url with primary node by oauth state
user_return_to = URI.join(root_url, session[:user_return_to].to_s).to_s user_return_to = URI.join(root_url, session[:user_return_to].to_s).to_s
oauth.return_to = @redirect_to || user_return_to oauth.return_to = @redirect_to || user_return_to
......
app/models/geo_node.rb
View file @ 627a9a9c
...@@ -71,7 +71,7 @@ class GeoNode < ActiveRecord::Base ...@@ -71,7 +71,7 @@ class GeoNode < ActiveRecord::Base
def oauth_logout_url(access_token) def oauth_logout_url(access_token)
logout_uri = URI.join(uri, "#{uri.path}/", 'oauth/geo/logout') logout_uri = URI.join(uri, "#{uri.path}/", 'oauth/geo/logout')
logout_uri.query="state=#{access_token}" logout_uri.query = "state=#{access_token}"
logout_uri.to_s logout_uri.to_s
end end
......
lib/gitlab/geo/oauth_session.rb
View file @ 627a9a9c
...@@ -19,7 +19,7 @@ module Gitlab ...@@ -19,7 +19,7 @@ module Gitlab
return unless return_to return unless return_to
hmac = generate_oauth_hmac(oauth_salt, return_to) hmac = generate_oauth_hmac(oauth_salt, return_to)
"#{oauth_salt}:#{hmac}:#{return_to}" self.state = "#{oauth_salt}:#{hmac}:#{return_to}"
end end
def generate_logout_state def generate_logout_state
...@@ -27,7 +27,7 @@ module Gitlab ...@@ -27,7 +27,7 @@ module Gitlab
cipher = logout_token_cipher(oauth_salt, :encrypt) cipher = logout_token_cipher(oauth_salt, :encrypt)
encrypted = cipher.update(access_token) + cipher.final encrypted = cipher.update(access_token) + cipher.final
"#{oauth_salt}:#{Base64.urlsafe_encode64(encrypted)}" self.state = "#{oauth_salt}:#{Base64.urlsafe_encode64(encrypted)}"
end end
def extract_logout_token def extract_logout_token
...@@ -61,7 +61,7 @@ module Gitlab ...@@ -61,7 +61,7 @@ module Gitlab
def generate_oauth_hmac(salt, return_to) def generate_oauth_hmac(salt, return_to)
return false unless return_to return false unless return_to
digest = OpenSSL::Digest.new('sha256') digest = OpenSSL::Digest.new('sha256')
key = Gitlab::Application.secrets.secret_key_base + salt key = Gitlab::Application.secrets.secret_key_base + salt
OpenSSL::HMAC.hexdigest(digest, key, return_to) OpenSSL::HMAC.hexdigest(digest, key, return_to)
......
spec/lib/gitlab/geo/oauth_session_spec.rb
View file @ 627a9a9c
...@@ -37,8 +37,7 @@ describe Gitlab::Geo::OauthSession do ...@@ -37,8 +37,7 @@ describe Gitlab::Geo::OauthSession do
describe '#generate_oauth_state' do describe '#generate_oauth_state' do
it 'returns nil when return_to is not present' do it 'returns nil when return_to is not present' do
state = subject.generate_oauth_state expect(subject.generate_oauth_state).to be_nil
expect(state).to be_nil
end end
context 'when return_to is present' do context 'when return_to is present' do
...@@ -62,14 +61,12 @@ describe Gitlab::Geo::OauthSession do ...@@ -62,14 +61,12 @@ describe Gitlab::Geo::OauthSession do
end end
describe '#generate_logout_state' do describe '#generate_logout_state' do
subject { described_class.new(access_token: access_token) }
it 'returns nil when access_token is not defined' do it 'returns nil when access_token is not defined' do
expect(described_class.new.generate_logout_state).to be_nil expect(described_class.new.generate_logout_state).to be_nil
end end
it 'returns a string with salt and encrypted access token colon separated' do it 'returns a string with salt and encrypted access token colon separated' do
state = subject.generate_logout_state state = described_class.new(access_token: access_token).generate_logout_state
expect(state).to be_a String expect(state).to be_a String
expect(state).not_to be_blank expect(state).not_to be_blank
...@@ -87,8 +84,7 @@ describe Gitlab::Geo::OauthSession do ...@@ -87,8 +84,7 @@ describe Gitlab::Geo::OauthSession do
end end
it 'encrypted access token is recoverable' do it 'encrypted access token is recoverable' do
state = subject.generate_logout_state subject.generate_logout_state
subject.state = state
access_token = subject.extract_logout_token access_token = subject.extract_logout_token
expect(access_token).to eq access_token expect(access_token).to eq access_token
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7