debian-mirror-gitlab/app/controllers/concerns/import/github_oauth.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

101 lines
2.4 KiB
Ruby
Raw Normal View History

2022-11-25 23:54:43 +05:30
# frozen_string_literal: true
module Import
module GithubOauth
extend ActiveSupport::Concern
OAuthConfigMissingError = Class.new(StandardError)
included do
rescue_from OAuthConfigMissingError, with: :missing_oauth_config
end
private
def provider_auth
return if session[access_token_key].present?
go_to_provider_for_permissions unless ci_cd_only?
end
def ci_cd_only?
%w[1 true].include?(params[:ci_cd_only])
end
def go_to_provider_for_permissions
redirect_to authorize_url
end
def oauth_client
raise OAuthConfigMissingError unless oauth_config
oauth_client_from_config
end
def oauth_client_from_config
@oauth_client_from_config ||= ::OAuth2::Client.new(
oauth_config.app_id,
oauth_config.app_secret,
oauth_options.merge(ssl: { verify: oauth_config['verify_ssl'] })
)
end
def oauth_config
@oauth_config ||= Gitlab::Auth::OAuth::Provider.config_for('github')
end
def oauth_options
return unless oauth_config
oauth_config.dig('args', 'client_options').deep_symbolize_keys
end
def authorize_url
state = SecureRandom.base64(64)
session[auth_state_key] = state
if Feature.enabled?(:remove_legacy_github_client)
oauth_client.auth_code.authorize_url(
redirect_uri: callback_import_url,
scope: 'repo, user, user:email',
state: state
)
else
client.authorize_url(callback_import_url, state)
end
end
def get_token(code)
if Feature.enabled?(:remove_legacy_github_client)
oauth_client.auth_code.get_token(code).token
else
client.get_token(code)
end
end
def missing_oauth_config
session[access_token_key] = nil
message = _('Missing OAuth configuration for GitHub.')
respond_to do |format|
format.json do
render json: { errors: message }, status: :unauthorized
end
format.any do
redirect_to new_import_url,
alert: message
end
end
end
def callback_import_url
public_send("users_import_#{provider_name}_callback_url", extra_import_params.merge({ namespace_id: params[:namespace_id] })) # rubocop:disable GitlabSecurity/PublicSend
end
def extra_import_params
{}
end
end
end