blob: 08dde98e96528deeca8d570c098a0cccb6cebcf3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
# frozen_string_literal: true
module Gitlab
module Kas
INTERNAL_API_REQUEST_HEADER = 'Gitlab-Kas-Api-Request'
JWT_ISSUER = 'gitlab-kas'
include JwtAuthenticatable
class << self
def verify_api_request(request_headers)
decode_jwt_for_issuer(JWT_ISSUER, request_headers[INTERNAL_API_REQUEST_HEADER])
rescue JWT::DecodeError
nil
end
def secret_path
Gitlab.config.gitlab_kas.secret_file
end
def ensure_secret!
return if File.exist?(secret_path)
write_secret
end
end
end
end
|