debian-mirror-gitlab/lib/gitlab/auth/request_authenticator.rb

# frozen_string_literal: true

# Use for authentication only, in particular for Rack::Attack.
# Does not perform authorization of scopes, etc.
module Gitlab
  module Auth
    class RequestAuthenticator
      include AuthFinders

      attr_reader :request

      def initialize(request)
        @request = request
      end

      def user(request_formats)
        request_formats.each do |format|
          user = find_sessionless_user(format)

          return user if user
        end

        find_user_from_warden
      end

      def runner
        find_runner_from_token
      rescue Gitlab::Auth::AuthenticationError
        nil
      end

      def find_sessionless_user(request_format)
        find_user_from_web_access_token(request_format, scopes: [:api, :read_api]) ||
          find_user_from_feed_token(request_format) ||
          find_user_from_static_object_token(request_format) ||
          find_user_from_basic_auth_job ||
          find_user_from_job_token
      rescue Gitlab::Auth::AuthenticationError
        nil
      end

      def valid_access_token?(scopes: [])
        validate_access_token!(scopes: scopes)

        true
      rescue Gitlab::Auth::AuthenticationError
        false
      end

      private

      def access_token
        strong_memoize(:access_token) do
          super || find_personal_access_token_from_http_basic_auth
        end
      end

      def route_authentication_setting
        @route_authentication_setting ||= {
          job_token_allowed: api_request?,
          basic_auth_personal_access_token: api_request?
        }
      end
    end
  end
end
New upstream version 11.5.3+dfsg 2018-12-13 13:39:08 +05:30			`# frozen_string_literal: true`

New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`# Use for authentication only, in particular for Rack::Attack.`
			`# Does not perform authorization of scopes, etc.`
			`module Gitlab`
			`module Auth`
			`class RequestAuthenticator`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`include AuthFinders`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30
			`attr_reader :request`

			`def initialize(request)`
			`@request = request`
			`end`

New upstream version 11.3.11+dfsg 2018-11-29 20:51:05 +05:30			`def user(request_formats)`
			`request_formats.each do \|format\|`
			`user = find_sessionless_user(format)`

			`return user if user`
			`end`

			`find_user_from_warden`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`end`

New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`def runner`
			`find_runner_from_token`
			`rescue Gitlab::Auth::AuthenticationError`
			`nil`
			`end`

New upstream version 11.3.11+dfsg 2018-11-29 20:51:05 +05:30			`def find_sessionless_user(request_format)`
New upstream version 13.8.5+ds1 2021-03-08 18:12:59 +05:30			`find_user_from_web_access_token(request_format, scopes: [:api, :read_api]) \|\|`
New upstream version 12.3.8 2019-12-04 20:38:33 +05:30			`find_user_from_feed_token(request_format) \|\|`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`find_user_from_static_object_token(request_format) \|\|`
New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			`find_user_from_basic_auth_job \|\|`
			`find_user_from_job_token`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`rescue Gitlab::Auth::AuthenticationError`
			`nil`
			`end`
New upstream version 10.6.0+dfsg 2018-03-27 19:54:05 +05:30
			`def valid_access_token?(scopes: [])`
			`validate_access_token!(scopes: scopes)`

			`true`
			`rescue Gitlab::Auth::AuthenticationError`
			`false`
			`end`
New upstream version 12.8.6 2020-03-13 15:44:24 +05:30
			`private`

New upstream version 13.7.7 2021-02-22 17:27:13 +05:30			`def access_token`
			`strong_memoize(:access_token) do`
			`super \|\| find_personal_access_token_from_http_basic_auth`
			`end`
			`end`

New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			`def route_authentication_setting`
			`@route_authentication_setting \|\|= {`
New upstream version 13.7.7 2021-02-22 17:27:13 +05:30			`job_token_allowed: api_request?,`
			`basic_auth_personal_access_token: api_request?`
New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			`}`
			`end`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`end`
			`end`
			`end`