diff options
author | GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com> | 2022-05-02 21:12:53 +0000 |
---|---|---|
committer | GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com> | 2022-05-02 21:12:53 +0000 |
commit | 2bdcc43491635132fdab4e4eadb7e62b731140ea (patch) | |
tree | b61b0ceb52da5d5ea36c13370fb87f09c7db6ffe /lib/api/helpers/packages/conan/api_helpers.rb | |
parent | 7bc34aad19503153d8d9b849006e59b43a1eda5b (diff) | |
parent | 1390b6e51192c50ebf55378fc183cbd4ddf94ab0 (diff) | |
download | gitlab-ce-14-8-stable.tar.gz |
Merge remote-tracking branch 'dev/14-8-stable' into 14-8-stable14-8-stable
Diffstat (limited to 'lib/api/helpers/packages/conan/api_helpers.rb')
-rw-r--r-- | lib/api/helpers/packages/conan/api_helpers.rb | 26 |
1 files changed, 22 insertions, 4 deletions
diff --git a/lib/api/helpers/packages/conan/api_helpers.rb b/lib/api/helpers/packages/conan/api_helpers.rb index e92547890e8..994d3c4c473 100644 --- a/lib/api/helpers/packages/conan/api_helpers.rb +++ b/lib/api/helpers/packages/conan/api_helpers.rb @@ -153,7 +153,7 @@ module API def token strong_memoize(:token) do token = nil - token = ::Gitlab::ConanToken.from_personal_access_token(access_token) if access_token + token = ::Gitlab::ConanToken.from_personal_access_token(find_personal_access_token.user_id, access_token_from_request) if find_personal_access_token token = ::Gitlab::ConanToken.from_deploy_token(deploy_token_from_request) if deploy_token_from_request token = ::Gitlab::ConanToken.from_job(find_job_from_token) if find_job_from_token token @@ -224,9 +224,27 @@ module API forbidden! end + # We override this method from auth_finders because we need to + # extract the token from the Conan JWT which is specific to the Conan API def find_personal_access_token - find_personal_access_token_from_conan_jwt || - find_personal_access_token_from_http_basic_auth + strong_memoize(:find_personal_access_token) do + PersonalAccessToken.find_by_token(access_token_from_request) + end + end + + def access_token_from_request + strong_memoize(:access_token_from_request) do + find_personal_access_token_from_conan_jwt || + find_password_from_basic_auth + end + end + + def find_password_from_basic_auth + return unless route_authentication_setting[:basic_auth_personal_access_token] + return unless has_basic_credentials?(current_request) + + _username, password = user_name_and_password(current_request) + password end def find_user_from_job_token @@ -256,7 +274,7 @@ module API return unless token - PersonalAccessToken.find_by_id_and_user_id(token.access_token_id, token.user_id) + token.access_token_id end def find_deploy_token_from_conan_jwt |