Class: Mattermost::Session

Inherits:
Object
  • Object
show all
Includes:
Doorkeeper::Helpers::Controller
Defined in:
lib/mattermost/session.rb

Overview

This class’ prime objective is to obtain a session token on a Mattermost instance with SSO configured where this GitLab instance is the provider.

The process depends on OAuth, but skips a step in the authentication cycle. For example, usually a user would click the ‘login in GitLab’ button on Mattermost, which would yield a 302 status code and redirects you to GitLab to approve the use of your account on Mattermost. Which would trigger a callback so Mattermost knows this request is approved and gets the required data to create the user account etc.

This class however skips the button click, and also the approval phase to speed up the process and keep it without manual action and get a session going.

Defined Under Namespace

Classes: Request

Constant Summary collapse

LEASE_TIMEOUT = 
60

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(current_user) ⇒ Session

Returns a new instance of Session.



36
37
38
39
 
# File 'lib/mattermost/session.rb', line 36

def initialize(current_user)
  @current_resource_owner = current_user
  @base_uri = Settings.mattermost.host
end

Instance Attribute Details

#base_uriObject

Returns the value of attribute base_uri.



34
35
36
 
# File 'lib/mattermost/session.rb', line 34

def base_uri
  @base_uri
end

#current_resource_ownerObject

Returns the value of attribute current_resource_owner.



34
35
36
 
# File 'lib/mattermost/session.rb', line 34

def current_resource_owner
  @current_resource_owner
end

#tokenObject

Returns the value of attribute token.



34
35
36
 
# File 'lib/mattermost/session.rb', line 34

def token
  @token
end

Instance Method Details

#authorizationObject 



62
63
64
 
# File 'lib/mattermost/session.rb', line 62

def authorization
  @authorization ||= strategy.request
end

#delete(path, options = {}) ⇒ Object 



91
92
93
94
95
 
# File 'lib/mattermost/session.rb', line 91

def delete(path, options = {})
  handle_exceptions do
    Integrations::Clients::HTTP.delete(path, build_options(options))
  end
end

#get(path, options = {}) ⇒ Object 



79
80
81
82
83
 
# File 'lib/mattermost/session.rb', line 79

def get(path, options = {})
  handle_exceptions do
    Integrations::Clients::HTTP.get(path, build_options(options))
  end
end

#paramsObject 



74
75
76
77
 
# File 'lib/mattermost/session.rb', line 74

def params
  { organization_id: @current_resource_owner.organization.id }
    .merge(Rack::Utils.parse_query(oauth_uri.query).symbolize_keys)
end

#post(path, options = {}) ⇒ Object 



85
86
87
88
89
 
# File 'lib/mattermost/session.rb', line 85

def post(path, options = {})
  handle_exceptions do
    Integrations::Clients::HTTP.post(path, build_options(options))
  end
end

#pre_authObject

Next methods are needed for Doorkeeper



57
58
59
60
 
# File 'lib/mattermost/session.rb', line 57

def pre_auth
  @pre_auth ||= Doorkeeper::OAuth::PreAuthorization.new(
    Doorkeeper.configuration, params)
end

#requestObject 



70
71
72
 
# File 'lib/mattermost/session.rb', line 70

def request
  @request ||= Request.new(parameters: params)
end

#strategyObject 



66
67
68
 
# File 'lib/mattermost/session.rb', line 66

def strategy
  @strategy ||= server.authorization_request(pre_auth.response_type)
end

#with_sessionObject 



41
42
43
44
45
46
47
48
49
50
51
52
53
54
 
# File 'lib/mattermost/session.rb', line 41

def with_session
  with_lease do
    create

    begin
      yield self
    rescue Errno::ECONNREFUSED => e
      Gitlab::AppLogger.error(e.message + "\n" + e.backtrace.join("\n"))
      raise ::Mattermost::NoSessionError
    ensure
      destroy
    end
  end
end