Revert "LfsToken uses JSONWebToken::HMACToken by default"

This reverts commit 22954f220231281360377922b709efb904559949
author: 🤖 GitLab Bot 🤖 <gitlab-bot@gitlab.com> 2018-12-05 10:03:28 +0300
committer: 🤖 GitLab Bot 🤖 <gitlab-bot@gitlab.com> 2018-12-05 10:03:28 +0300
commit: 00acef434031b5dc0bf39576a9e83802c7806842 (patch)
tree: 2cdc969cd6ee72f65bb7e6ee32841fad246ee2d0 /lib/gitlab/auth.rb
parent: dcc395b4730eb5a1f0fc3314195dcf46a4a8e093 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb
index 7aa02009aa0..6eb5f9e2300 100644
--- a/lib/gitlab/auth.rb
+++ b/lib/gitlab/auth.rb
@@ -199,7 +199,7 @@ module Gitlab
       end
       # rubocop: enable CodeReuse/ActiveRecord
 
-      def lfs_token_check(login, encoded_token, project)
+      def lfs_token_check(login, password, project)
         deploy_key_matches = login.match(/\Alfs\+deploy-key-(\d+)\z/)
 
         actor =
@@ -222,7 +222,7 @@ module Gitlab
             read_authentication_abilities
           end
 
-        if token_handler.token_valid?(encoded_token)
+        if Devise.secure_compare(token_handler.token, password)
           Gitlab::Auth::Result.new(actor, nil, token_handler.type, authentication_abilities)
         end
       end
author	🤖 GitLab Bot 🤖 <gitlab-bot@gitlab.com>	2018-12-05 10:03:28 +0300
committer	🤖 GitLab Bot 🤖 <gitlab-bot@gitlab.com>	2018-12-05 10:03:28 +0300
commit	00acef434031b5dc0bf39576a9e83802c7806842 (patch)
tree	2cdc969cd6ee72f65bb7e6ee32841fad246ee2d0 /lib/gitlab/auth.rb
parent	dcc395b4730eb5a1f0fc3314195dcf46a4a8e093 (diff)