debian-mirror-gitlab/lib/gitlab/external_authorization/client.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

71 lines
1.8 KiB
Ruby
Raw Normal View History

2019-07-07 11:18:12 +05:30
# frozen_string_literal: true
Excon.defaults[:ssl_verify_peer] = false
module Gitlab
module ExternalAuthorization
class Client
include ExternalAuthorization::Config
REQUEST_HEADERS = {
'Content-Type' => 'application/json',
'Accept' => 'application/json'
}.freeze
def initialize(user, label)
2021-04-29 21:17:54 +05:30
@user = user
@label = label
2019-07-07 11:18:12 +05:30
end
def request_access
2020-10-24 23:57:45 +05:30
response = Gitlab::HTTP.post(
2019-07-07 11:18:12 +05:30
service_url,
post_params
)
::Gitlab::ExternalAuthorization::Response.new(response)
2020-10-24 23:57:45 +05:30
rescue *Gitlab::HTTP::HTTP_ERRORS => e
2021-06-08 01:23:25 +05:30
raise ::Gitlab::ExternalAuthorization::RequestFailed, e
2019-07-07 11:18:12 +05:30
end
private
2020-10-24 23:57:45 +05:30
def allow_local_requests?
Gitlab::CurrentSettings.allow_local_requests_from_system_hooks?
end
2019-07-07 11:18:12 +05:30
def post_params
params = { headers: REQUEST_HEADERS,
body: body.to_json,
connect_timeout: timeout,
read_timeout: timeout,
2020-10-24 23:57:45 +05:30
write_timeout: timeout,
allow_local_requests: allow_local_requests? }
2019-07-07 11:18:12 +05:30
if has_tls?
params[:client_cert_data] = client_cert
params[:client_key_data] = client_key
params[:client_key_pass] = client_key_pass
end
params
end
def body
@body ||= begin
2021-04-29 21:17:54 +05:30
body = {
user_identifier: @user.email,
project_classification_label: @label,
identities: @user.identities.map { |identity| { provider: identity.provider, extern_uid: identity.extern_uid } }
}
2019-07-07 11:18:12 +05:30
2021-04-29 21:17:54 +05:30
if @user.ldap_identity
body[:user_ldap_dn] = @user.ldap_identity.extern_uid
end
2019-07-07 11:18:12 +05:30
2021-04-29 21:17:54 +05:30
body
end
2019-07-07 11:18:12 +05:30
end
end
end
end