Skip to content
Snippets Groups Projects

Deploy token access for the dependency proxy

Merged Steve Abrams requested to merge 280586-dependency-proxy-deploy-tokens into master
10 files
+ 32
14
Compare changes
  • Side-by-side
  • Inline
Files
10
@@ -4,6 +4,8 @@ module DependencyProxy
module Auth
extend ActiveSupport::Concern
EMPTY_AUTH_RESULT = Gitlab::Auth::Result.new(nil, nil, nil, nil)
included do
attr_reader :authentication_result
@@ -24,7 +26,7 @@ def authenticate_user_from_jwt_token!
if Feature.enabled?(:dependency_proxy_deploy_tokens)
authenticate_with_http_token do |token, _|
@authentication_result = Gitlab::Auth::Result.new(nil, nil, nil, nil) # rubocop:disable Gitlab/ModuleWithInstanceVariables
@authentication_result = EMPTY_AUTH_RESULT # rubocop:disable Gitlab/ModuleWithInstanceVariables
found_user = user_from_token(token)
sign_in(found_user) if found_user.is_a?(User)
@@ -59,10 +61,14 @@ def user_from_token(token)
if token_payload['user_id']
token_user = User.find(token_payload['user_id'])
return unless token_user
@authentication_result = Gitlab::Auth::Result.new(token_user, nil, :user, []) # rubocop:disable Gitlab/ModuleWithInstanceVariables
return token_user
elsif token_payload['deploy_token']
deploy_token = DeployToken.active.find_by_token(token_payload['deploy_token'])
return unless deploy_token
@authentication_result = Gitlab::Auth::Result.new(deploy_token, nil, :deploy_token, []) # rubocop:disable Gitlab/ModuleWithInstanceVariables
return deploy_token
end
Loading