From 7deab3172257bef7818ce834c1e0709432ddd5e0 Mon Sep 17 00:00:00 2001
From: Mayra Cabrera <mcabrera@gitlab.com>
Date: Tue, 3 Apr 2018 16:34:56 -0500
Subject: Removes logic from Jwt and handle different scenarios on Gitlab::Auth

- When using 'read_repo' password and project are sent, so we used both
  of them to fetch for the token
- When using 'read_registry' only the password is sent, so we only use
  that for fetching the token
---
 app/controllers/jwt_controller.rb | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

(limited to 'app/controllers/jwt_controller.rb')

diff --git a/app/controllers/jwt_controller.rb b/app/controllers/jwt_controller.rb
index 76e7473e92c..0caa5f4f439 100644
--- a/app/controllers/jwt_controller.rb
+++ b/app/controllers/jwt_controller.rb
@@ -23,8 +23,7 @@ class JwtController < ApplicationController
     @authentication_result = Gitlab::Auth::Result.new(nil, nil, :none, Gitlab::Auth.read_authentication_abilities)
 
     authenticate_with_http_basic do |login, password|
-      project = find_project_related(password)
-      @authentication_result = Gitlab::Auth.find_for_git_client(login, password, project: project, ip: request.ip)
+      @authentication_result = Gitlab::Auth.find_for_git_client(login, password, project: nil, ip: request.ip)
 
       if @authentication_result.failed? ||
           (@authentication_result.actor.present? && !user_or_deploy_token)
@@ -59,10 +58,6 @@ class JwtController < ApplicationController
     params.permit(:service, :scope, :account, :client_id)
   end
 
-  def find_project_related(password)
-    DeployToken.active.find_by(token: password)&.project
-  end
-
   def user_or_deploy_token
     @authentication_result.actor.is_a?(User) || @authentication_result.actor.is_a?(DeployToken)
   end
-- 
cgit v1.2.3