2022-10-11 01:57:18 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
module API
|
|
|
|
class PersonalAccessTokens
|
2022-11-25 23:54:43 +05:30
|
|
|
class SelfInformation < ::API::Base
|
2022-10-11 01:57:18 +05:30
|
|
|
include APIGuard
|
|
|
|
|
|
|
|
feature_category :authentication_and_authorization
|
|
|
|
|
|
|
|
helpers ::API::Helpers::PersonalAccessTokensHelpers
|
|
|
|
|
2022-11-25 23:54:43 +05:30
|
|
|
# As any token regardless of `scope` should be able to view/revoke itself
|
|
|
|
# all available scopes are allowed for this API class.
|
2022-10-11 01:57:18 +05:30
|
|
|
# Please be aware of the permissive scope when adding new endpoints to this class.
|
|
|
|
allow_access_with_scope(Gitlab::Auth.all_available_scopes)
|
|
|
|
|
|
|
|
before { authenticate! }
|
|
|
|
|
|
|
|
resource :personal_access_tokens do
|
2022-11-25 23:54:43 +05:30
|
|
|
get 'self' do
|
|
|
|
present access_token, with: Entities::PersonalAccessToken
|
|
|
|
end
|
|
|
|
|
2022-10-11 01:57:18 +05:30
|
|
|
delete 'self' do
|
|
|
|
revoke_token(access_token)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|