Class: Gitlab::Auth::RequestAuthenticator
- Inherits:
-
Object
- Object
- Gitlab::Auth::RequestAuthenticator
show all
- Includes:
- AuthFinders
- Defined in:
- lib/gitlab/auth/request_authenticator.rb
Constant Summary
Constants included
from AuthFinders
AuthFinders::DEPLOY_TOKEN_HEADER, AuthFinders::HEADER_TOKEN_KEYS, AuthFinders::JOB_TOKEN_HEADER, AuthFinders::JOB_TOKEN_PARAM, AuthFinders::MAX_JOB_TOKEN_SIZE_BYTES, AuthFinders::PARAM_TOKEN_KEYS, AuthFinders::PRIVATE_TOKEN_HEADER, AuthFinders::PRIVATE_TOKEN_PARAM, AuthFinders::RUNNER_JOB_TOKEN_PARAM, AuthFinders::RUNNER_TOKEN_PARAM
Instance Attribute Summary collapse
Attributes included from AuthFinders
#current_token
Instance Method Summary
collapse
#authentication_token_present?, #cluster_agent_token_from_authorization_token, #deploy_token_from_request, #find_job_from_job_token, #find_runner_from_token, #find_user_from_access_token, #find_user_from_basic_auth_password, #find_user_from_bearer_token, #find_user_from_feed_token, #find_user_from_job_token, #find_user_from_lfs_token, #find_user_from_personal_access_token, #find_user_from_static_object_token, #find_user_from_warden, #find_user_from_web_access_token, path_dependent_feed_token_regex, #validate_and_save_access_token!
#load_balancer_stick_request
Constructor Details
Returns a new instance of RequestAuthenticator.
12
13
14
|
# File 'lib/gitlab/auth/request_authenticator.rb', line 12
def initialize(request)
@request = request
end
|
Instance Attribute Details
#request ⇒ Object
Returns the value of attribute request.
10
11
12
|
# File 'lib/gitlab/auth/request_authenticator.rb', line 10
def request
@request
end
|
Instance Method Details
#can_sign_in_bot?(user) ⇒ Boolean
55
56
57
58
|
# File 'lib/gitlab/auth/request_authenticator.rb', line 55
def can_sign_in_bot?(user)
(user&.project_bot? || user&.service_account?) && (api_request? || archive_request?)
end
|
#current_token_scopes ⇒ Object
70
71
72
|
# File 'lib/gitlab/auth/request_authenticator.rb', line 70
def current_token_scopes
access_token&.scopes.to_a
end
|
#find_authenticated_requester(request_formats) ⇒ Object
16
17
18
|
# File 'lib/gitlab/auth/request_authenticator.rb', line 16
def find_authenticated_requester(request_formats)
deploy_token_from_request || user(request_formats)
end
|
#find_sessionless_user(request_format) ⇒ Object
42
43
44
45
46
47
48
49
50
51
52
53
|
# File 'lib/gitlab/auth/request_authenticator.rb', line 42
def find_sessionless_user(request_format)
case request_format
when :graphql_api
find_user_for_graphql_api_request
when :api, :git, :rss, :ics, :blob, :download, :archive, nil
find_user_from_any_authentication_method(request_format)
else
raise ArgumentError, "Unknown request format"
end
rescue Gitlab::Auth::AuthenticationError
nil
end
|
#job_from_token ⇒ Object
36
37
38
39
40
|
# File 'lib/gitlab/auth/request_authenticator.rb', line 36
def job_from_token
find_job_from_job_token
rescue Gitlab::Auth::AuthenticationError
nil
end
|
#runner ⇒ Object
30
31
32
33
34
|
# File 'lib/gitlab/auth/request_authenticator.rb', line 30
def runner
find_runner_from_token
rescue Gitlab::Auth::AuthenticationError
nil
end
|
#user(request_formats) ⇒ Object
20
21
22
23
24
25
26
27
28
|
# File 'lib/gitlab/auth/request_authenticator.rb', line 20
def user(request_formats)
request_formats.each do |format|
user = find_sessionless_user(format)
return user if user
end
find_user_from_warden
end
|
#valid_access_token?(scopes: []) ⇒ Boolean
60
61
62
63
64
65
66
67
68
|
# File 'lib/gitlab/auth/request_authenticator.rb', line 60
def valid_access_token?(scopes: [])
validate_and_save_access_token!(scopes: scopes, save_auth_context: false)
true
rescue Gitlab::Auth::AuthenticationError
false
end
|