Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lib/gitlab/kas.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/gitlab/kas.rb')
-rw-r--r--lib/gitlab/kas.rb20
1 files changed, 19 insertions, 1 deletions
diff --git a/lib/gitlab/kas.rb b/lib/gitlab/kas.rb
index a1e290a54e6..255d8802c1c 100644
--- a/lib/gitlab/kas.rb
+++ b/lib/gitlab/kas.rb
@@ -5,13 +5,14 @@ module Gitlab
INTERNAL_API_REQUEST_HEADER = 'Gitlab-Kas-Api-Request'
VERSION_FILE = 'GITLAB_KAS_VERSION'
JWT_ISSUER = 'gitlab-kas'
+ JWT_AUDIENCE = 'gitlab'
K8S_PROXY_PATH = 'k8s-proxy'
include JwtAuthenticatable
class << self
def verify_api_request(request_headers)
- decode_jwt(request_headers[INTERNAL_API_REQUEST_HEADER], issuer: JWT_ISSUER)
+ decode_jwt(request_headers[INTERNAL_API_REQUEST_HEADER], issuer: JWT_ISSUER, audience: JWT_AUDIENCE)
rescue JWT::DecodeError
nil
end
@@ -54,6 +55,13 @@ module Gitlab
uri.to_s
end
+ def tunnel_ws_url
+ return tunnel_url if ws?
+ return tunnel_url.sub('https', 'wss') if ssl?
+
+ tunnel_url.sub('http', 'ws')
+ end
+
# Return GitLab KAS internal_url
#
# @return [String] internal_url
@@ -67,6 +75,16 @@ module Gitlab
def enabled?
!!Gitlab.config['gitlab_kas']&.fetch('enabled', false)
end
+
+ private
+
+ def ssl?
+ URI(tunnel_url).scheme === 'https'
+ end
+
+ def ws?
+ URI(tunnel_url).scheme.start_with?('ws')
+ end
end
end
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-15 02:51:22 +0300