diff options
Diffstat (limited to 'lib/api/personal_access_tokens/self_information.rb')
-rw-r--r-- | lib/api/personal_access_tokens/self_information.rb | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/lib/api/personal_access_tokens/self_information.rb b/lib/api/personal_access_tokens/self_information.rb new file mode 100644 index 00000000000..89850614f94 --- /dev/null +++ b/lib/api/personal_access_tokens/self_information.rb @@ -0,0 +1,30 @@ +# frozen_string_literal: true + +module API + class PersonalAccessTokens + class SelfInformation < ::API::Base + include APIGuard + + feature_category :authentication_and_authorization + + helpers ::API::Helpers::PersonalAccessTokensHelpers + + # As any token regardless of `scope` should be able to view/revoke itself + # all available scopes are allowed for this API class. + # Please be aware of the permissive scope when adding new endpoints to this class. + allow_access_with_scope(Gitlab::Auth.all_available_scopes) + + before { authenticate! } + + resource :personal_access_tokens do + get 'self' do + present access_token, with: Entities::PersonalAccessToken + end + + delete 'self' do + revoke_token(access_token) + end + end + end + end +end |