diff options
author | Mayra Cabrera <mcabrera@gitlab.com> | 2018-04-03 16:34:56 -0500 |
---|---|---|
committer | Mayra Cabrera <mcabrera@gitlab.com> | 2018-04-06 21:20:16 -0500 |
commit | 7deab3172257bef7818ce834c1e0709432ddd5e0 (patch) | |
tree | f524ab35e59ac478572a444bea1f847accad410b /app/controllers/jwt_controller.rb | |
parent | 726f5bbf04b92357a11af34044a0720092797a71 (diff) | |
download | gitlab-ce-7deab3172257bef7818ce834c1e0709432ddd5e0.tar.gz |
Removes logic from Jwt and handle different scenarios on Gitlab::Auth
- When using 'read_repo' password and project are sent, so we used both
of them to fetch for the token
- When using 'read_registry' only the password is sent, so we only use
that for fetching the token
Diffstat (limited to 'app/controllers/jwt_controller.rb')
-rw-r--r-- | app/controllers/jwt_controller.rb | 7 |
1 files changed, 1 insertions, 6 deletions
diff --git a/app/controllers/jwt_controller.rb b/app/controllers/jwt_controller.rb index 76e7473e92c..0caa5f4f439 100644 --- a/app/controllers/jwt_controller.rb +++ b/app/controllers/jwt_controller.rb @@ -23,8 +23,7 @@ class JwtController < ApplicationController @authentication_result = Gitlab::Auth::Result.new(nil, nil, :none, Gitlab::Auth.read_authentication_abilities) authenticate_with_http_basic do |login, password| - project = find_project_related(password) - @authentication_result = Gitlab::Auth.find_for_git_client(login, password, project: project, ip: request.ip) + @authentication_result = Gitlab::Auth.find_for_git_client(login, password, project: nil, ip: request.ip) if @authentication_result.failed? || (@authentication_result.actor.present? && !user_or_deploy_token) @@ -59,10 +58,6 @@ class JwtController < ApplicationController params.permit(:service, :scope, :account, :client_id) end - def find_project_related(password) - DeployToken.active.find_by(token: password)&.project - end - def user_or_deploy_token @authentication_result.actor.is_a?(User) || @authentication_result.actor.is_a?(DeployToken) end |