Support multiple scopes when using authing container registry scopes

author: Kamil Trzciński <ayufan@ayufan.eu> 2018-07-13 19:45:07 +0200
committer: Kamil Trzciński <ayufan@ayufan.eu> 2018-08-01 13:03:16 +0200
commit: 34ec29b9566900308989e15865e6df1059bd9b46 (patch)
tree: f743f6d9f1b637ab6bad9463e1fe08abb7c7676f /app/controllers/jwt_controller.rb
parent: 3d2dad449da2915b2c431bf32548e03b08fcbe40 (diff)
download: gitlab-ce-34ec29b9566900308989e15865e6df1059bd9b46.tar.gz
1 files changed, 17 insertions, 1 deletions
diff --git a/app/controllers/jwt_controller.rb b/app/controllers/jwt_controller.rb
index 3cb9e46b548..d172aee5436 100644
--- a/app/controllers/jwt_controller.rb
+++ b/app/controllers/jwt_controller.rb
@@ -54,6 +54,22 @@ class JwtController < ApplicationController
   end
 
   def auth_params
-    params.permit(:service, :scope, :account, :client_id)
+    params.permit(:service, :account, :client_id)
+          .merge(additional_params)
+  end
+
+  def additional_params
+    { scopes: scopes_param }.compact
+  end
+
+  # We have to parse scope here, because Docker Client does not send an array of scopes,
+  # but rather a flat list and we loose second scope when being processed by Rails:
+  # scope=scopeA&scope=scopeB
+  #
+  # This method makes to always return an array of scopes
+  def scopes_param
+    return unless params[:scope].present?
+
+    Array(Rack::Utils.parse_query(request.query_string)['scope'])
   end
 end
author	Kamil Trzciński <ayufan@ayufan.eu>	2018-07-13 19:45:07 +0200
committer	Kamil Trzciński <ayufan@ayufan.eu>	2018-08-01 13:03:16 +0200
commit	34ec29b9566900308989e15865e6df1059bd9b46 (patch)
tree	f743f6d9f1b637ab6bad9463e1fe08abb7c7676f /app/controllers/jwt_controller.rb
parent	3d2dad449da2915b2c431bf32548e03b08fcbe40 (diff)
download	gitlab-ce-34ec29b9566900308989e15865e6df1059bd9b46.tar.gz