blob: c1433f05db2c42ea131f65081369519166b78049 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
# frozen_string_literal: true
module Gitlab
module Auth
module Otp
module Strategies
class FortiAuthenticator < Base
def validate(otp_code)
body = { username: user.username,
token_code: otp_code }
response = Gitlab::HTTP.post(
auth_url,
headers: { 'Content-Type': 'application/json' },
body: body.to_json,
basic_auth: api_credentials)
# Successful authentication results in HTTP 200: OK
# https://docs.fortinet.com/document/fortiauthenticator/6.2.0/rest-api-solution-guide/704555/authentication-auth
response.ok? ? success : error_from_response(response)
rescue StandardError => ex
Gitlab::AppLogger.error(ex)
error(ex.message)
end
private
def auth_url
host = ::Gitlab.config.forti_authenticator.host
port = ::Gitlab.config.forti_authenticator.port
path = 'api/v1/auth/'
"https://#{host}:#{port}/#{path}"
end
def api_credentials
{ username: ::Gitlab.config.forti_authenticator.username,
password: ::Gitlab.config.forti_authenticator.access_token }
end
end
end
end
end
end
|