2018-12-05 23:21:45 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
module GoogleApi
|
|
|
|
class AuthorizationsController < ApplicationController
|
2019-03-13 22:55:13 +05:30
|
|
|
include Gitlab::Utils::StrongMemoize
|
|
|
|
|
|
|
|
before_action :validate_session_key!
|
|
|
|
|
2021-01-03 14:25:43 +05:30
|
|
|
feature_category :kubernetes_management
|
2022-07-16 23:28:13 +05:30
|
|
|
urgency :low
|
2021-01-03 14:25:43 +05:30
|
|
|
|
2022-01-26 12:08:38 +05:30
|
|
|
##
|
|
|
|
# handle the response from google after the user
|
|
|
|
# goes through authentication and authorization process
|
2018-03-17 18:26:18 +05:30
|
|
|
def callback
|
2022-01-26 12:08:38 +05:30
|
|
|
redirect_uri = redirect_uri_from_session
|
|
|
|
##
|
|
|
|
# when the user declines authorizations
|
|
|
|
# `error` param is returned
|
|
|
|
if params[:error]
|
|
|
|
flash[:alert] = _('Google Cloud authorizations required')
|
|
|
|
redirect_uri = session[:error_uri]
|
|
|
|
##
|
|
|
|
# on success, the `code` param is returned
|
|
|
|
elsif params[:code]
|
|
|
|
token, expires_at = GoogleApi::CloudPlatform::Client
|
|
|
|
.new(nil, callback_google_api_auth_url)
|
|
|
|
.get_token(params[:code])
|
|
|
|
|
|
|
|
session[GoogleApi::CloudPlatform::Client.session_key_for_token] = token
|
|
|
|
session[GoogleApi::CloudPlatform::Client.session_key_for_expires_at] = expires_at.to_s
|
|
|
|
redirect_uri = redirect_uri_from_session
|
|
|
|
end
|
|
|
|
##
|
|
|
|
# or google may just timeout
|
2020-05-24 23:13:21 +05:30
|
|
|
rescue ::Faraday::TimeoutError, ::Faraday::ConnectionFailed
|
|
|
|
flash[:alert] = _('Timeout connecting to the Google API. Please try again.')
|
2022-01-26 12:08:38 +05:30
|
|
|
##
|
|
|
|
# regardless, we redirect the user appropriately
|
2020-05-24 23:13:21 +05:30
|
|
|
ensure
|
2022-01-26 12:08:38 +05:30
|
|
|
redirect_to redirect_uri
|
2018-03-17 18:26:18 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
2019-03-13 22:55:13 +05:30
|
|
|
def validate_session_key!
|
|
|
|
access_denied! unless redirect_uri_from_session.present?
|
|
|
|
end
|
|
|
|
|
|
|
|
def redirect_uri_from_session
|
|
|
|
strong_memoize(:redirect_uri_from_session) do
|
|
|
|
if params[:state].present?
|
|
|
|
session[session_key_for_redirect_uri(params[:state])]
|
|
|
|
else
|
|
|
|
nil
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def session_key_for_redirect_uri(state)
|
|
|
|
GoogleApi::CloudPlatform::Client.session_key_for_redirect_uri(state)
|
2018-03-17 18:26:18 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|