Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lib/gitlab/api_authentication/token_locator.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/gitlab/api_authentication/token_locator.rb')
-rw-r--r--lib/gitlab/api_authentication/token_locator.rb44
1 files changed, 32 insertions, 12 deletions
diff --git a/lib/gitlab/api_authentication/token_locator.rb b/lib/gitlab/api_authentication/token_locator.rb
index df342905d2e..5656ea0d120 100644
--- a/lib/gitlab/api_authentication/token_locator.rb
+++ b/lib/gitlab/api_authentication/token_locator.rb
@@ -8,22 +8,23 @@ module Gitlab
include ActiveModel::Validations
include ActionController::HttpAuthentication::Basic
+ VALID_LOCATIONS = %i[
+ http_basic_auth
+ http_token
+ http_bearer_token
+ http_deploy_token_header
+ http_job_token_header
+ http_private_token_header
+ http_header
+ token_param
+ ].freeze
+
attr_reader :location
- validates :location, inclusion: {
- in: %i[
- http_basic_auth
- http_token
- http_bearer_token
- http_deploy_token_header
- http_job_token_header
- http_private_token_header
- token_param
- ]
- }
+ validates :location, inclusion: { in: VALID_LOCATIONS }
def initialize(location)
- @location = location
+ @location = extract_location(location)
validate!
end
@@ -41,6 +42,8 @@ module Gitlab
extract_from_http_job_token_header request
when :http_private_token_header
extract_from_http_private_token_header request
+ when :http_header
+ extract_from_http_header request
when :token_param
extract_from_token_param request
end
@@ -48,6 +51,16 @@ module Gitlab
private
+ def extract_location(location)
+ case location
+ when Symbol
+ location
+ when Hash
+ result, @token_identifier = location.detect { |k, _v| VALID_LOCATIONS.include?(k) }
+ result
+ end
+ end
+
def extract_from_http_basic_auth(request)
username, password = user_name_and_password(request)
return unless username.present? && password.present?
@@ -96,6 +109,13 @@ module Gitlab
UsernameAndPassword.new(nil, password)
end
+
+ def extract_from_http_header(request)
+ password = request.headers[@token_identifier]
+ return unless password.present?
+
+ UsernameAndPassword.new(nil, password)
+ end
end
end
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-15 13:41:50 +0300