diff options
Diffstat (limited to 'lib/gitlab/api_authentication/token_locator.rb')
-rw-r--r-- | lib/gitlab/api_authentication/token_locator.rb | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/lib/gitlab/api_authentication/token_locator.rb b/lib/gitlab/api_authentication/token_locator.rb index 09039f3fc43..6ab37487822 100644 --- a/lib/gitlab/api_authentication/token_locator.rb +++ b/lib/gitlab/api_authentication/token_locator.rb @@ -10,7 +10,7 @@ module Gitlab attr_reader :location - validates :location, inclusion: { in: %i[http_basic_auth http_token] } + validates :location, inclusion: { in: %i[http_basic_auth http_token token_param] } def initialize(location) @location = location @@ -23,6 +23,8 @@ module Gitlab extract_from_http_basic_auth request when :http_token extract_from_http_token request + when :token_param + extract_from_token_param request end end @@ -41,6 +43,13 @@ module Gitlab UsernameAndPassword.new(nil, password) end + + def extract_from_token_param(request) + password = request.query_parameters['token'] + return unless password.present? + + UsernameAndPassword.new(nil, password) + end end end end |