diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-02-18 06:08:54 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-02-18 06:08:54 +0300 |
| commit | 5ee120f46740efac7b8a460d7a92e4da82f4fb0b (patch) | |
| tree | b44d3bef04e9db472913289e6b53e58a14cb3e61 /config/initializers/doorkeeper.rb | |
| parent | 72721699f11187199e89631ce0b5e3d2f7c167e9 (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'config/initializers/doorkeeper.rb')
| -rw-r--r-- | config/initializers/doorkeeper.rb | 50 |
1 files changed, 0 insertions, 50 deletions
diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb index 7e787c35982..4158bfec216 100644 --- a/config/initializers/doorkeeper.rb +++ b/config/initializers/doorkeeper.rb @@ -113,53 +113,3 @@ Doorkeeper.configure do base_controller '::Gitlab::BaseDoorkeeperController' end - -# Monkey patch to avoid creating new applications if the scope of the -# app created does not match the complete list of scopes of the configured app. -# It also prevents the OAuth authorize application window to appear every time. - -# Remove after we upgrade the doorkeeper gem from version 4.x -if Doorkeeper.gem_version > Gem::Version.new('5.0.0') - raise "Doorkeeper was upgraded, please remove the monkey patch in #{__FILE__}" -end - -module Doorkeeper - module AccessTokenMixin - module ClassMethods - def matching_token_for(application, resource_owner_or_id, scopes) - resource_owner_id = - if resource_owner_or_id.respond_to?(:to_key) - resource_owner_or_id.id - else - resource_owner_or_id - end - - tokens = authorized_tokens_for(application.try(:id), resource_owner_id) - tokens.detect do |token| - scopes_match?(token.scopes, scopes, application.try(:scopes)) - end - end - - def scopes_match?(token_scopes, param_scopes, app_scopes) - return true if token_scopes.empty? && param_scopes.empty? - - (token_scopes.sort == param_scopes.sort) && - Doorkeeper::OAuth::Helpers::ScopeChecker.valid?( - param_scopes.to_s, - Doorkeeper.configuration.scopes, - app_scopes) - end - - def authorized_tokens_for(application_id, resource_owner_id) - ordered_by(:created_at, :desc) - .where(application_id: application_id, - resource_owner_id: resource_owner_id, - revoked_at: nil) - end - - def last_authorized_token_for(application_id, resource_owner_id) - authorized_tokens_for(application_id, resource_owner_id).first - end - end - end -end |