Skip to content

lib/authn/tokens/personal_access_token.rb self.prefix? throws a TypeError because personal_access_token_prefix application setting is not required and may be null

Workaround until a fix is available on 7th May Patch

Disable the prevent_token_prefixed_password_fallback_sessionless that would let existing operation continue as expected

gitlab-rails console
Feature.disable(:prevent_token_prefixed_password_fallback_sessionless)

After update to 17.11.0 last night, all git https operations were failing with a 500 error. The cause seems to be commit d6e67842, which assumed that the personal_access_token_prefix is not null, when it is not required (https://docs.gitlab.com/api/settings/#available-settings). I fixed the crash by manually putting in a prefix in the postgresql database, but I'm unsure if that will break existing tokens.

TypeError (no implicit conversion of nil into String):
  
lib/authn/tokens/personal_access_token.rb:7:in `start_with?'
lib/authn/tokens/personal_access_token.rb:7:in `prefix?'
lib/authn/agnostic_token_identifier.rb:30:in `block in token_type'
lib/authn/agnostic_token_identifier.rb:30:in `each'
lib/authn/agnostic_token_identifier.rb:30:in `find'
lib/authn/agnostic_token_identifier.rb:30:in `token_type'
lib/authn/agnostic_token_identifier.rb:26:in `token?'
lib/gitlab/auth.rb:232:in `user_with_password_for_git'
lib/gitlab/auth.rb:105:in `find_for_git_client'
app/controllers/repositories/git_http_client_controller.rb:131:in `handle_basic_authentication'
app/controllers/repositories/git_http_client_controller.rb:49:in `authenticate_user'
activesupport (7.0.8.7) lib/active_support/callbacks.rb:400:in `block in make_lambda'
activesupport (7.0.8.7) lib/active_support/callbacks.rb:199:in `block (2 levels) in halting'
actionpack (7.0.8.7) lib/abstract_controller/callbacks.rb:34:in `block (2 levels) in <module:Callbacks>'
activesupport (7.0.8.7) lib/active_support/callbacks.rb:200:in `block in halting'
activesupport (7.0.8.7) lib/active_support/callbacks.rb:595:in `block in invoke_before'
activesupport (7.0.8.7) lib/active_support/callbacks.rb:595:in `each'
activesupport (7.0.8.7) lib/active_support/callbacks.rb:595:in `invoke_before'
activesupport (7.0.8.7) lib/active_support/callbacks.rb:116:in `block in run_callbacks'
sentry-rails (5.22.1) lib/sentry/rails/controller_transaction.rb:34:in `block in sentry_around_action'
sentry-ruby (5.22.1) lib/sentry/hub.rb:108:in `with_child_span'
sentry-ruby (5.22.1) lib/sentry-ruby.rb:503:in `with_child_span'
sentry-rails (5.22.1) lib/sentry/rails/controller_transaction.rb:18:in `sentry_around_action'
activesupport (7.0.8.7) lib/active_support/callbacks.rb:127:in `block in run_callbacks'
activesupport (7.0.8.7) lib/active_support/callbacks.rb:138:in `run_callbacks'
actionpack (7.0.8.7) lib/abstract_controller/callbacks.rb:233:in `process_action'
actionpack (7.0.8.7) lib/action_controller/metal/rescue.rb:23:in `process_action'
actionpack (7.0.8.7) lib/action_controller/metal/instrumentation.rb:67:in `block in process_action'
activesupport (7.0.8.7) lib/active_support/notifications.rb:206:in `block in instrument'
activesupport (7.0.8.7) lib/active_support/notifications/instrumenter.rb:24:in `instrument'
activesupport (7.0.8.7) lib/active_support/notifications.rb:206:in `instrument'
actionpack (7.0.8.7) lib/action_controller/metal/instrumentation.rb:66:in `process_action'
actionpack (7.0.8.7) lib/action_controller/metal/params_wrapper.rb:259:in `process_action'
activerecord (7.0.8.7) lib/active_record/railties/controller_runtime.rb:27:in `process_action'
actionpack (7.0.8.7) lib/abstract_controller/base.rb:151:in `process'
actionview (7.0.8.7) lib/action_view/rendering.rb:39:in `process'
actionpack (7.0.8.7) lib/action_controller/metal.rb:188:in `dispatch'
actionpack (7.0.8.7) lib/action_controller/metal.rb:249:in `block in dispatch'
lib/gitlab/middleware/action_controller_static_context.rb:23:in `call'
actionpack (7.0.8.7) lib/action_controller/metal.rb:249:in `dispatch'
actionpack (7.0.8.7) lib/action_dispatch/routing/route_set.rb:49:in `dispatch'
actionpack (7.0.8.7) lib/action_dispatch/routing/route_set.rb:32:in `serve'
actionpack (7.0.8.7) lib/action_dispatch/journey/router.rb:50:in `block in serve'
actionpack (7.0.8.7) lib/action_dispatch/journey/router.rb:32:in `each'
actionpack (7.0.8.7) lib/action_dispatch/journey/router.rb:32:in `serve'
actionpack (7.0.8.7) lib/action_dispatch/routing/route_set.rb:852:in `call'
gitlab-experiment (0.9.1) lib/gitlab/experiment/middleware.rb:19:in `call'
omniauth (2.1.2) lib/omniauth/strategy.rb:202:in `call!'
omniauth (2.1.2) lib/omniauth/strategy.rb:169:in `call'
flipper (0.28.3) lib/flipper/middleware/memoizer.rb:72:in `memoized_call'
flipper (0.28.3) lib/flipper/middleware/memoizer.rb:37:in `call'
lib/gitlab/metrics/elasticsearch_rack_middleware.rb:16:in `call'
lib/gitlab/middleware/sidekiq_shard_awareness_validation.rb:20:in `block in call'
lib/gitlab/sidekiq_sharding/validator.rb:42:in `enabled'
lib/gitlab/middleware/sidekiq_shard_awareness_validation.rb:20:in `call'
lib/gitlab/middleware/memory_report.rb:13:in `call'
lib/gitlab/middleware/speedscope.rb:13:in `call'
lib/gitlab/database/load_balancing/rack_middleware.rb:23:in `call'
lib/gitlab/middleware/rails_queue_duration.rb:33:in `call'
lib/gitlab/etag_caching/middleware.rb:21:in `call'
lib/gitlab/metrics/rack_middleware.rb:16:in `block in call'
lib/gitlab/metrics/web_transaction.rb:46:in `run'
lib/gitlab/metrics/rack_middleware.rb:16:in `call'
lib/gitlab/middleware/go.rb:21:in `call'
lib/gitlab/middleware/query_analyzer.rb:11:in `block in call'
lib/gitlab/database/query_analyzer.rb:83:in `within'
lib/gitlab/middleware/query_analyzer.rb:11:in `call'
lib/ci/job_token/middleware.rb:11:in `call'
batch-loader (2.0.5) lib/batch_loader/middleware.rb:11:in `call'
rack-attack (6.7.0) lib/rack/attack.rb:103:in `call'
apollo_upload_server (2.1.6) lib/apollo_upload_server/middleware.rb:19:in `call'
lib/gitlab/middleware/multipart.rb:173:in `call'
rack-attack (6.7.0) lib/rack/attack.rb:127:in `call'
warden (1.2.9) lib/warden/manager.rb:36:in `block in call'
warden (1.2.9) lib/warden/manager.rb:34:in `catch'
warden (1.2.9) lib/warden/manager.rb:34:in `call'
rack-cors (2.0.2) lib/rack/cors.rb:102:in `call'
rack (2.2.13) lib/rack/tempfile_reaper.rb:15:in `call'
rack (2.2.13) lib/rack/etag.rb:27:in `call'
rack (2.2.13) lib/rack/conditional_get.rb:27:in `call'
rack (2.2.13) lib/rack/head.rb:12:in `call'
actionpack (7.0.8.7) lib/action_dispatch/http/permissions_policy.rb:38:in `call'
actionpack (7.0.8.7) lib/action_dispatch/http/content_security_policy.rb:39:in `call'
lib/gitlab/middleware/read_only/controller.rb:50:in `call'
lib/gitlab/middleware/read_only.rb:18:in `call'
lib/gitlab/middleware/unauthenticated_session_expiry.rb:18:in `call'
rack (2.2.13) lib/rack/session/abstract/id.rb:266:in `context'
rack (2.2.13) lib/rack/session/abstract/id.rb:260:in `call'
actionpack (7.0.8.7) lib/action_dispatch/middleware/cookies.rb:704:in `call'
lib/gitlab/middleware/same_site_cookies.rb:27:in `call'
actionpack (7.0.8.7) lib/action_dispatch/middleware/callbacks.rb:27:in `block in call'
activesupport (7.0.8.7) lib/active_support/callbacks.rb:99:in `run_callbacks'
actionpack (7.0.8.7) lib/action_dispatch/middleware/callbacks.rb:26:in `call'
sentry-rails (5.22.1) lib/sentry/rails/rescued_exception_interceptor.rb:14:in `call'
actionpack (7.0.8.7) lib/action_dispatch/middleware/debug_exceptions.rb:28:in `call'
lib/gitlab/middleware/path_traversal_check.rb:35:in `call'
lib/gitlab/middleware/handle_malformed_strings.rb:21:in `call'
sentry-ruby (5.22.1) lib/sentry/rack/capture_exceptions.rb:30:in `block (2 levels) in call'
sentry-ruby (5.22.1) lib/sentry/hub.rb:269:in `with_session_tracking'
sentry-ruby (5.22.1) lib/sentry-ruby.rb:416:in `with_session_tracking'
sentry-ruby (5.22.1) lib/sentry/rack/capture_exceptions.rb:21:in `block in call'
sentry-ruby (5.22.1) lib/sentry/hub.rb:59:in `with_scope'
sentry-ruby (5.22.1) lib/sentry-ruby.rb:396:in `with_scope'
sentry-ruby (5.22.1) lib/sentry/rack/capture_exceptions.rb:20:in `call'
actionpack (7.0.8.7) lib/action_dispatch/middleware/show_exceptions.rb:29:in `call'
lib/gitlab/middleware/basic_health_check.rb:25:in `call'
lograge (0.11.2) lib/lograge/rails_ext/rack/logger.rb:15:in `call_app'
railties (7.0.8.7) lib/rails/rack/logger.rb:25:in `block in call'
activesupport (7.0.8.7) lib/active_support/tagged_logging.rb:99:in `block in tagged'
activesupport (7.0.8.7) lib/active_support/tagged_logging.rb:37:in `tagged'
activesupport (7.0.8.7) lib/active_support/tagged_logging.rb:99:in `tagged'
railties (7.0.8.7) lib/rails/rack/logger.rb:25:in `call'
actionpack (7.0.8.7) lib/action_dispatch/middleware/remote_ip.rb:93:in `call'
lib/gitlab/middleware/handle_ip_spoof_attack_error.rb:25:in `call'
lib/gitlab/middleware/request_context.rb:15:in `call'
lib/gitlab/middleware/webhook_recursion_detection.rb:15:in `call'
request_store (1.7.0) lib/request_store/middleware.rb:19:in `call'
rack (2.2.13) lib/rack/method_override.rb:24:in `call'
rack (2.2.13) lib/rack/runtime.rb:22:in `call'
rack-timeout (0.7.0) lib/rack/timeout/core.rb:154:in `block in call'
rack-timeout (0.7.0) lib/rack/timeout/support/timeout.rb:19:in `timeout'
rack-timeout (0.7.0) lib/rack/timeout/core.rb:153:in `call'
config/initializers/fix_local_cache_middleware.rb:11:in `call'
lib/gitlab/middleware/compressed_json.rb:44:in `call'
actionpack (7.0.8.7) lib/action_dispatch/middleware/executor.rb:14:in `call'
lib/gitlab/middleware/rack_multipart_tempfile_factory.rb:19:in `call'
rack (2.2.13) lib/rack/sendfile.rb:110:in `call'
lib/gitlab/middleware/sidekiq_web_static.rb:20:in `call'
lib/gitlab/metrics/requests_rack_middleware.rb:83:in `call'
gitlab-labkit (0.37.0) lib/labkit/middleware/rack.rb:22:in `block in call'
gitlab-labkit (0.37.0) lib/labkit/context.rb:35:in `with_context'
gitlab-labkit (0.37.0) lib/labkit/middleware/rack.rb:21:in `call'
actionpack (7.0.8.7) lib/action_dispatch/middleware/request_id.rb:26:in `call'
actionpack (7.0.8.7) lib/action_dispatch/middleware/host_authorization.rb:131:in `call'
railties (7.0.8.7) lib/rails/engine.rb:530:in `call'
railties (7.0.8.7) lib/rails/railtie.rb:226:in `public_send'
railties (7.0.8.7) lib/rails/railtie.rb:226:in `method_missing'
lib/gitlab/middleware/release_env.rb:12:in `call'
rack (2.2.13) lib/rack/urlmap.rb:74:in `block in call'
rack (2.2.13) lib/rack/urlmap.rb:58:in `each'
rack (2.2.13) lib/rack/urlmap.rb:58:in `call'
puma (6.5.0) lib/puma/configuration.rb:279:in `call'
puma (6.5.0) lib/puma/request.rb:99:in `block in handle_request'
puma (6.5.0) lib/puma/thread_pool.rb:389:in `with_force_shutdown'
puma (6.5.0) lib/puma/request.rb:98:in `handle_request'
puma (6.5.0) lib/puma/server.rb:468:in `process_client'
puma (6.5.0) lib/puma/server.rb:249:in `block in run'
puma (6.5.0) lib/puma/thread_pool.rb:166:in `block in spawn_thread'
Edited by Adil Farrukh