diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-08-28 21:20:15 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-08-28 21:20:15 +0000 |
commit | 92d5172ad42ebc62eb78cac21b1e236ad6ace580 (patch) | |
tree | ca89437d4725caeb4e27682522061d3bab7e05b0 /lib/gitlab/auth | |
parent | f4a969f7f495978a7e656c69c929c9fdac111cff (diff) | |
download | gitlab-ce-92d5172ad42ebc62eb78cac21b1e236ad6ace580.tar.gz |
Add latest changes from gitlab-org/security/gitlab@13-3-stable-ee
Diffstat (limited to 'lib/gitlab/auth')
-rw-r--r-- | lib/gitlab/auth/auth_finders.rb | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/lib/gitlab/auth/auth_finders.rb b/lib/gitlab/auth/auth_finders.rb index f3d0c053880..ccf52bae9a5 100644 --- a/lib/gitlab/auth/auth_finders.rb +++ b/lib/gitlab/auth/auth_finders.rb @@ -69,9 +69,7 @@ module Gitlab current_request.env[JOB_TOKEN_HEADER].presence return unless token - job = ::Ci::Build.find_by_token(token) - raise UnauthorizedError unless job - + job = find_valid_running_job_by_token!(token) @current_authenticated_job = job # rubocop:disable Gitlab/ModuleWithInstanceVariables job.user @@ -84,9 +82,7 @@ module Gitlab return unless login.present? && password.present? return unless ::Gitlab::Auth::CI_JOB_USER == login - job = ::Ci::Build.find_by_token(password) - raise UnauthorizedError unless job - + job = find_valid_running_job_by_token!(password) job.user end @@ -179,7 +175,7 @@ module Gitlab token = parsed_oauth_token return unless token - job = ::Ci::Build.find_by_token(token) + job = ::Ci::AuthJobFinder.new(token: token).execute return unless job @current_authenticated_job = job # rubocop:disable Gitlab/ModuleWithInstanceVariables @@ -304,6 +300,12 @@ module Gitlab def blob_request? current_request.path.include?('/raw/') end + + def find_valid_running_job_by_token!(token) + ::Ci::AuthJobFinder.new(token: token).execute.tap do |job| + raise UnauthorizedError unless job + end + end end end end |