diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-09-19 01:45:44 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-09-19 01:45:44 +0000 |
commit | 85dc423f7090da0a52c73eb66faf22ddb20efff9 (patch) | |
tree | 9160f299afd8c80c038f08e1545be119f5e3f1e1 /app/controllers/oauth | |
parent | 15c2c8c66dbe422588e5411eee7e68f1fa440bb8 (diff) | |
download | gitlab-ce-85dc423f7090da0a52c73eb66faf22ddb20efff9.tar.gz |
Add latest changes from gitlab-org/gitlab@13-4-stable-ee
Diffstat (limited to 'app/controllers/oauth')
-rw-r--r-- | app/controllers/oauth/jira/authorizations_controller.rb | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/app/controllers/oauth/jira/authorizations_controller.rb b/app/controllers/oauth/jira/authorizations_controller.rb new file mode 100644 index 00000000000..f552b0dc10c --- /dev/null +++ b/app/controllers/oauth/jira/authorizations_controller.rb @@ -0,0 +1,49 @@ +# frozen_string_literal: true + +# This controller's role is to mimic and rewire the GitLab OAuth +# flow routes for Jira DVCS integration. +# See https://gitlab.com/gitlab-org/gitlab/issues/2381 +# +class Oauth::Jira::AuthorizationsController < ApplicationController + skip_before_action :authenticate_user! + skip_before_action :verify_authenticity_token + + # 1. Rewire Jira OAuth initial request to our stablished OAuth authorization URL. + def new + session[:redirect_uri] = params['redirect_uri'] + + redirect_to oauth_authorization_path(client_id: params['client_id'], + response_type: 'code', + scope: params['scope'], + redirect_uri: oauth_jira_callback_url) + end + + # 2. Handle the callback call as we were a Github Enterprise instance client. + def callback + # Handling URI query params concatenation. + redirect_uri = URI.parse(session['redirect_uri']) + new_query = URI.decode_www_form(String(redirect_uri.query)) << ['code', params[:code]] + redirect_uri.query = URI.encode_www_form(new_query) + + redirect_to redirect_uri.to_s + end + + # 3. Rewire and adjust access_token request accordingly. + def access_token + # We have to modify request.parameters because Doorkeeper::Server reads params from there + request.parameters[:redirect_uri] = oauth_jira_callback_url + + strategy = Doorkeeper::Server.new(self).token_request('authorization_code') + response = strategy.authorize + + if response.status == :ok + access_token, scope, token_type = response.body.values_at('access_token', 'scope', 'token_type') + + render body: "access_token=#{access_token}&scope=#{scope}&token_type=#{token_type}" + else + render status: response.status, body: response.body + end + rescue Doorkeeper::Errors::DoorkeeperError => e + render status: :unauthorized, body: e.type + end +end |