Commit f1896575 authored by Francisco Lopez's avatar Francisco Lopez

Added some more comments

parent 2d5397d9
...@@ -139,13 +139,14 @@ module API ...@@ -139,13 +139,14 @@ module API
# Exceptions # Exceptions
# #
MissingTokenError = Class.new(StandardError) AuthenticationException = Class.new(StandardError)
TokenNotFoundError = Class.new(StandardError) MissingTokenError = Class.new(AuthenticationException)
ExpiredError = Class.new(StandardError) TokenNotFoundError = Class.new(AuthenticationException)
RevokedError = Class.new(StandardError) ExpiredError = Class.new(AuthenticationException)
UnauthorizedError = Class.new(StandardError) RevokedError = Class.new(AuthenticationException)
UnauthorizedError = Class.new(AuthenticationException)
class InsufficientScopeError < StandardError
class InsufficientScopeError < AuthenticationException
attr_reader :scopes attr_reader :scopes
def initialize(scopes) def initialize(scopes)
@scopes = scopes.map { |s| s.try(:name) || s } @scopes = scopes.map { |s| s.try(:name) || s }
......
...@@ -17,7 +17,7 @@ module Gitlab ...@@ -17,7 +17,7 @@ module Gitlab
def find_sessionless_user def find_sessionless_user
find_user_from_access_token || find_user_from_rss_token find_user_from_access_token || find_user_from_rss_token
rescue StandardError rescue API::APIGuard::AuthenticationException
nil nil
end end
end end
......
...@@ -47,13 +47,11 @@ module Gitlab ...@@ -47,13 +47,11 @@ module Gitlab
@access_token = find_oauth_access_token || find_personal_access_token @access_token = find_oauth_access_token || find_personal_access_token
end end
def private_token def find_personal_access_token
current_request.params[PRIVATE_TOKEN_PARAM].presence || token =
current_request.params[PRIVATE_TOKEN_PARAM].presence ||
current_request.env[PRIVATE_TOKEN_HEADER].presence current_request.env[PRIVATE_TOKEN_HEADER].presence
end
def find_personal_access_token
token = private_token
return unless token return unless token
# Expiration, revocation and scopes are verified in `validate_access_token!` # Expiration, revocation and scopes are verified in `validate_access_token!`
...@@ -66,7 +64,7 @@ module Gitlab ...@@ -66,7 +64,7 @@ module Gitlab
# Expiration, revocation and scopes are verified in `validate_access_token!` # Expiration, revocation and scopes are verified in `validate_access_token!`
oauth_token = OauthAccessToken.by_token(token) oauth_token = OauthAccessToken.by_token(token)
raise(API::APIGuard::UnauthorizedError) unless oauth_token raise API::APIGuard::UnauthorizedError unless oauth_token
oauth_token.revoke_previous_refresh_token! oauth_token.revoke_previous_refresh_token!
oauth_token oauth_token
......
...@@ -58,7 +58,7 @@ describe Gitlab::Auth::RequestAuthenticator do ...@@ -58,7 +58,7 @@ describe Gitlab::Auth::RequestAuthenticator do
expect(subject.find_sessionless_user).to be_blank expect(subject.find_sessionless_user).to be_blank
end end
it 'rescue StandardError exceptions' do it 'rescue API::APIGuard::AuthenticationException exceptions' do
allow_any_instance_of(described_class).to receive(:find_user_from_access_token).and_raise(API::APIGuard::UnauthorizedError) allow_any_instance_of(described_class).to receive(:find_user_from_access_token).and_raise(API::APIGuard::UnauthorizedError)
expect(subject.find_sessionless_user).to be_blank expect(subject.find_sessionless_user).to be_blank
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment