From 7bbc9509dc0567d2a2d8314e99179aaad33ba361 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Tue, 18 Oct 2022 09:11:01 +0000
Subject: Add latest changes from gitlab-org/gitlab@master

---
 lib/api/helpers.rb | 21 +++++----------------
 1 file changed, 5 insertions(+), 16 deletions(-)

(limited to 'lib/api/helpers.rb')

diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index bf1da849cf1..0eb4fbb196c 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -287,22 +287,11 @@ module API
     end
 
     def authenticate_by_gitlab_shell_token!
-      if Feature.enabled?(:gitlab_shell_jwt_token)
-        begin
-          payload, _ = JSONWebToken::HMACToken.decode(headers[GITLAB_SHELL_API_HEADER], secret_token)
-          unauthorized! unless payload['iss'] == GITLAB_SHELL_JWT_ISSUER
-        rescue JWT::DecodeError, JWT::ExpiredSignature, JWT::ImmatureSignature => ex
-          Gitlab::ErrorTracking.track_exception(ex)
-          unauthorized!
-        end
-      else
-        input = params['secret_token']
-        input ||= Base64.decode64(headers[GITLAB_SHARED_SECRET_HEADER]) if headers.key?(GITLAB_SHARED_SECRET_HEADER)
-
-        input&.chomp!
-
-        unauthorized! unless Devise.secure_compare(secret_token, input)
-      end
+      payload, _ = JSONWebToken::HMACToken.decode(headers[GITLAB_SHELL_API_HEADER], secret_token)
+      unauthorized! unless payload['iss'] == GITLAB_SHELL_JWT_ISSUER
+    rescue JWT::DecodeError, JWT::ExpiredSignature, JWT::ImmatureSignature => ex
+      Gitlab::ErrorTracking.track_exception(ex)
+      unauthorized!
     end
 
     def authenticated_with_can_read_all_resources!
-- 
cgit v1.2.3