Fix valid_authenticity_token? check for Rails 7.1

Summary

The valid_authenticity_token method in lib/gitlab/kas/user_access.rb is causing CSRF token mismatch errors after the Rails 7.1 upgrade. This affects requests between GitLab and the Kubernetes Agent Server (KAS), particularly when accessing Kubernetes resources from the Environments page.

Steps to reproduce

Prerequisites:

• NGINX, loopback interface, and HTTPS set up on your GDK
• Docker instance
• KAS enabled on GDK (steps 1-2 from the guide).

1. Visit the Project -> Operate -> Kubernetes clusters page and create an agent following the instructions from the modal.

   • Select the "Connect a cluster" button
   • The modal should pop up
   • In the modal, select "Name of the agent"
   • Create a new agent by typing the name of your choice
   • Select "Create and register"
   • Select the button and click "Register" in the next view.
   • Save the token to use it in the next point.

2. Add the following configuration inside your project in .gitlab/agents/<your-agent-name>/config.yaml for the user_access agent:

   user_access:
     access_as: 
       agent: {}
     projects:
     - id: <your-group>/<your-project-to-share-agent-with>

3. Note that the shared agents should be connected to the cluster in order to appear in the list. Please follow points 3-8 from the guide and then the Deploy the GitLab Agent (agentk) with k3d section to create a local cluster and connect your agent with the cluster.

4. Visit Project -> Operate -> Environments

5. Create/Edit an environment using the UI

6. Select an agent from the dropdown in the Environments settings page and save the change.

7. Visit the Environments page and visit the environment details page for the environment that has an associated agent.

8. Verify that the Kubernetes dashboard shows Unauthrized error

Example Project

https://gitlab.com/gitlab-org/ci-cd/deploy-stage/demos/podtato-head-delivery/-/environments/17224640 https://gitlab.com/timofurrer/playground/-/environments/27512575

What is the current bug behavior?

The unauthorized error is shown on the Kubernetes dashboard:

What is the expected correct behavior?

Relevant logs and/or screenshots

Related to !162394 (merged)

Output of checks

This bug happens on GitLab.com

Results of GitLab environment info

Expand for output related to GitLab environment info

(For installations with omnibus-gitlab package run and paste the output of:
`sudo gitlab-rake gitlab:env:info`)

(For installations from source run and paste the output of:
`sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)

Results of GitLab application Check

Expand for output related to the GitLab application check

(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true)
(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true)
(we will only investigate if the tests are passing)

Possible fixes