WIP: TokenAuthenticable allows comparison and non-unique tokens (for saml discovery token)
What
- TokenAuthenticatable allows non-unique tokens
- TokenAuthenticatable provides comparison method
- TokenAuthenticatable supports configurable length
Why
- For https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/5782 we're adding
saml_discovery_token
but don't need it to be unique. Without this change it will scan the table for an existing token, which is not necessary and would require an index. - That MR also needs to compare tokens, but the
ensure_token
method usually used for lookup could raise an error while attempting save. - Allow for more friendly URLs, as customers are often configuring this on different machines and my have to type this token manually. Length is less of an issue here, because the discovery token only works combined with group name meaning token enumeration isn't a threat.
Related
Discussion thread at https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/5782#note_74527445.
Does this MR meet the acceptance criteria?
-
Tests added for this feature/bug -
Conforms to the merge request performance guidelines