diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-18 13:34:06 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-18 13:34:06 +0300 |
commit | 859a6fb938bb9ee2a317c46dfa4fcc1af49608f0 (patch) | |
tree | d7f2700abe6b4ffcb2dcfc80631b2d87d0609239 /lib/gitlab/auth | |
parent | 446d496a6d000c73a304be52587cd9bbc7493136 (diff) |
Add latest changes from gitlab-org/gitlab@13-9-stable-eev13.9.0-rc42
Diffstat (limited to 'lib/gitlab/auth')
-rw-r--r-- | lib/gitlab/auth/otp/session_enforcer.rb | 36 | ||||
-rw-r--r-- | lib/gitlab/auth/u2f_webauthn_converter.rb | 38 |
2 files changed, 38 insertions, 36 deletions
diff --git a/lib/gitlab/auth/otp/session_enforcer.rb b/lib/gitlab/auth/otp/session_enforcer.rb deleted file mode 100644 index 8cc280756cc..00000000000 --- a/lib/gitlab/auth/otp/session_enforcer.rb +++ /dev/null @@ -1,36 +0,0 @@ -# frozen_string_literal: true - -module Gitlab - module Auth - module Otp - class SessionEnforcer - OTP_SESSIONS_NAMESPACE = 'session:otp' - DEFAULT_EXPIRATION = 15.minutes.to_i - - def initialize(key) - @key = key - end - - def update_session - Gitlab::Redis::SharedState.with do |redis| - redis.setex(key_name, DEFAULT_EXPIRATION, true) - end - end - - def access_restricted? - Gitlab::Redis::SharedState.with do |redis| - !redis.get(key_name) - end - end - - private - - attr_reader :key - - def key_name - @key_name ||= "#{OTP_SESSIONS_NAMESPACE}:#{key.id}" - end - end - end - end -end diff --git a/lib/gitlab/auth/u2f_webauthn_converter.rb b/lib/gitlab/auth/u2f_webauthn_converter.rb new file mode 100644 index 00000000000..f85b2248aeb --- /dev/null +++ b/lib/gitlab/auth/u2f_webauthn_converter.rb @@ -0,0 +1,38 @@ +# frozen_string_literal: true + +module Gitlab + module Auth + class U2fWebauthnConverter + def initialize(u2f_registration) + @u2f_registration = u2f_registration + end + + def convert + now = Time.current + + converted_credential = WebAuthn::U2fMigrator.new( + app_id: Gitlab.config.gitlab.url, + certificate: u2f_registration.certificate, + key_handle: u2f_registration.key_handle, + public_key: u2f_registration.public_key, + counter: u2f_registration.counter + ).credential + + { + credential_xid: Base64.strict_encode64(converted_credential.id), + public_key: Base64.strict_encode64(converted_credential.public_key), + counter: u2f_registration.counter || 0, + name: u2f_registration.name || '', + user_id: u2f_registration.user_id, + u2f_registration_id: u2f_registration.id, + created_at: now, + updated_at: now + } + end + + private + + attr_reader :u2f_registration + end + end +end |