Commit 101427e3 authored by Alain Takoudjou's avatar Alain Takoudjou

fixup! fixup NXD blob/auth: Teach it to handle HTTP Basic Auth too

parent f3fa8a42
// API calls related to authentication
package api
//"gitlab.com/gitlab-org/gitlab-workhorse/internal/badgateway"
import (
"gitlab.com/gitlab-org/gitlab-workhorse/internal/badgateway"
"gitlab.com/gitlab-org/gitlab-workhorse/internal/helper"
proxypkg "gitlab.com/gitlab-org/gitlab-workhorse/internal/proxy"
"gitlab.com/gitlab-org/gitlab-workhorse/internal/senddata"
"gitlab.com/gitlab-org/gitlab-workhorse/internal/sendfile"
"gitlab.com/gitlab-org/gitaly-proto/go/gitalypb"
"fmt"
"net/http"
"net/http/httptest"
......@@ -249,7 +250,8 @@ func (aok *testDownloadOkViaSendArchive) Inject(w http.ResponseWriter, r *http.R
// if we ever get to this point - auth handler approved
// access and thus it is ok to download
aok.authReply.RepoPath = param.RepoPath
//aok.authReply.RepoPath = param.RepoPath
aok.authReply.Repository = gitalypb.Repository{RelativePath: param.RepoPath}
}
// Ask auth backend about whether download is ok for a project.
......@@ -303,7 +305,7 @@ func (a *API) verifyDownloadAccess(project string, user *url.Userinfo, query str
sendfile.SendFile(proxypkg.NewProxy(
a.URL,
a.Version,
a.Client.Transport.(*badgateway.RoundTripper),
a.Client.Transport.(http.RoundTripper),
)),
aok,
)
......@@ -315,7 +317,8 @@ func (a *API) verifyDownloadAccess(project string, user *url.Userinfo, query str
// The reason we want to do this second try is that HTTP auth is
// handled by upstream auth backend for git requests only, and we might
// want to use e.g. https://gitlab-ci-token:token@/.../raw/...
if authReply.RepoPath != "" || query != "" || len(header) != 0 {
//if authReply.RepoPath != "" || query != "" || len(header) != 0 {
if authReply.Repository.RelativePath != "" || query != "" || len(header) != 0 {
return authReply
}
if user == nil {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment