diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-02-18 03:08:54 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-02-18 03:08:54 +0000 |
commit | 5ee120f46740efac7b8a460d7a92e4da82f4fb0b (patch) | |
tree | b44d3bef04e9db472913289e6b53e58a14cb3e61 /config | |
parent | 72721699f11187199e89631ce0b5e3d2f7c167e9 (diff) | |
download | gitlab-ce-5ee120f46740efac7b8a460d7a92e4da82f4fb0b.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'config')
-rw-r--r-- | config/initializers/doorkeeper.rb | 50 | ||||
-rw-r--r-- | config/routes.rb | 3 |
2 files changed, 2 insertions, 51 deletions
diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb index 7e787c35982..4158bfec216 100644 --- a/config/initializers/doorkeeper.rb +++ b/config/initializers/doorkeeper.rb @@ -113,53 +113,3 @@ Doorkeeper.configure do base_controller '::Gitlab::BaseDoorkeeperController' end - -# Monkey patch to avoid creating new applications if the scope of the -# app created does not match the complete list of scopes of the configured app. -# It also prevents the OAuth authorize application window to appear every time. - -# Remove after we upgrade the doorkeeper gem from version 4.x -if Doorkeeper.gem_version > Gem::Version.new('5.0.0') - raise "Doorkeeper was upgraded, please remove the monkey patch in #{__FILE__}" -end - -module Doorkeeper - module AccessTokenMixin - module ClassMethods - def matching_token_for(application, resource_owner_or_id, scopes) - resource_owner_id = - if resource_owner_or_id.respond_to?(:to_key) - resource_owner_or_id.id - else - resource_owner_or_id - end - - tokens = authorized_tokens_for(application.try(:id), resource_owner_id) - tokens.detect do |token| - scopes_match?(token.scopes, scopes, application.try(:scopes)) - end - end - - def scopes_match?(token_scopes, param_scopes, app_scopes) - return true if token_scopes.empty? && param_scopes.empty? - - (token_scopes.sort == param_scopes.sort) && - Doorkeeper::OAuth::Helpers::ScopeChecker.valid?( - param_scopes.to_s, - Doorkeeper.configuration.scopes, - app_scopes) - end - - def authorized_tokens_for(application_id, resource_owner_id) - ordered_by(:created_at, :desc) - .where(application_id: application_id, - resource_owner_id: resource_owner_id, - revoked_at: nil) - end - - def last_authorized_token_for(application_id, resource_owner_id) - authorized_tokens_for(application_id, resource_owner_id).first - end - end - end -end diff --git a/config/routes.rb b/config/routes.rb index be0ef0106f4..16b15e5300a 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -24,7 +24,8 @@ Rails.application.routes.draw do use_doorkeeper do controllers applications: 'oauth/applications', authorized_applications: 'oauth/authorized_applications', - authorizations: 'oauth/authorizations' + authorizations: 'oauth/authorizations', + token_info: 'oauth/token_info' end # This prefixless path is required because Jira gets confused if we set it up with a path |