diff options
| author | Kamil Trzciński <ayufan@ayufan.eu> | 2019-08-23 17:53:14 +0000 |
|---|---|---|
| committer | Kamil Trzciński <ayufan@ayufan.eu> | 2019-08-23 17:53:14 +0000 |
| commit | 24ff249ded4bc2098e590d1f3605a3ebe3954723 (patch) | |
| tree | 5fbcde7db83607abc630fe5c8de967dac15d5735 | |
| parent | 20d38feda1b7085a2d1246a960ab575cd545da8f (diff) | |
| parent | e00b07b978a9fb4f368f69aab99cfd105ab5b6b3 (diff) | |
| download | gitlab-ce-24ff249ded4bc2098e590d1f3605a3ebe3954723.tar.gz | |
Merge branch 'ce-jej/fix-sso-enforced-docker-registry-auth' into 'master'
[CE backport] Enforced SSO shouldn't break container registry authentication
See merge request gitlab-org/gitlab-ce!32110
| -rw-r--r-- | app/controllers/jwt_controller.rb | 1 | ||||
| -rw-r--r-- | spec/requests/jwt_controller_spec.rb | 8 |
2 files changed, 9 insertions, 0 deletions
diff --git a/app/controllers/jwt_controller.rb b/app/controllers/jwt_controller.rb index 5ecf4f114cf..da39d64c93d 100644 --- a/app/controllers/jwt_controller.rb +++ b/app/controllers/jwt_controller.rb @@ -1,6 +1,7 @@ # frozen_string_literal: true class JwtController < ApplicationController + skip_around_action :set_session_storage skip_before_action :authenticate_user! skip_before_action :verify_authenticity_token before_action :authenticate_project_or_user diff --git a/spec/requests/jwt_controller_spec.rb b/spec/requests/jwt_controller_spec.rb index bba473f1c20..8b2c698fee1 100644 --- a/spec/requests/jwt_controller_spec.rb +++ b/spec/requests/jwt_controller_spec.rb @@ -108,6 +108,14 @@ describe JwtController do end end end + + it 'does not cause session based checks to be activated' do + expect(Gitlab::Session).not_to receive(:with_session) + + get '/jwt/auth', params: parameters, headers: headers + + expect(response).to have_gitlab_http_status(200) + end end context 'using invalid login' do |