gitlab-org--gitlab-foss/app/models/personal_access_token.rb

# frozen_string_literal: true

class PersonalAccessToken < ApplicationRecord
  include Expirable
  include TokenAuthenticatable

  add_authentication_token_field :token, digest: true

  REDIS_EXPIRY_TIME = 3.minutes
  TOKEN_LENGTH = 20

  serialize :scopes, Array # rubocop:disable Cop/ActiveRecordSerialize

  belongs_to :user

  before_save :ensure_token

  scope :active, -> { where("revoked = false AND (expires_at >= NOW() OR expires_at IS NULL)") }
  scope :inactive, -> { where("revoked = true OR expires_at < NOW()") }
  scope :with_impersonation, -> { where(impersonation: true) }
  scope :without_impersonation, -> { where(impersonation: false) }

  validates :scopes, presence: true
  validate :validate_scopes

  after_initialize :set_default_scopes, if: :persisted?

  def revoke!
    update!(revoked: true)
  end

  def active?
    !revoked? && !expired?
  end

  def self.redis_getdel(user_id)
    Gitlab::Redis::SharedState.with do |redis|
      encrypted_token = redis.get(redis_shared_state_key(user_id))
      redis.del(redis_shared_state_key(user_id))
      begin
        Gitlab::CryptoHelper.aes256_gcm_decrypt(encrypted_token)
      rescue => ex
        logger.warn "Failed to decrypt PersonalAccessToken value stored in Redis for User ##{user_id}: #{ex.class}"
        encrypted_token
      end
    end
  end

  def self.redis_store!(user_id, token)
    encrypted_token = Gitlab::CryptoHelper.aes256_gcm_encrypt(token)

    Gitlab::Redis::SharedState.with do |redis|
      redis.set(redis_shared_state_key(user_id), encrypted_token, ex: REDIS_EXPIRY_TIME)
    end
  end

  protected

  def validate_scopes
    unless revoked || scopes.all? { |scope| Gitlab::Auth.all_available_scopes.include?(scope.to_sym) }
      errors.add :scopes, "can only contain available scopes"
    end
  end

  def set_default_scopes
    self.scopes = Gitlab::Auth::DEFAULT_SCOPES if self.scopes.empty?
  end

  def self.redis_shared_state_key(user_id)
    "gitlab:personal_access_token:#{user_id}"
  end
end
Enable frozen string in app/models/*.rb Partially addresses #47424. 2018-07-25 09:30:33 +00:00			`# frozen_string_literal: true`

Inherit from ApplicationRecord instead of ActiveRecord::Base 2019-03-28 13:17:42 +00:00			`class PersonalAccessToken < ApplicationRecord`
manage personal_access_tokens through api 2016-12-27 16:26:57 +00:00			`include Expirable`
Address @DouweM's feedback on !3749. - Use `TokenAuthenticatable` to generate the personal access token - Remove a check for `authenticity_token` in application controller; this should've been `authentication_token`, maybe, and doesn't make any sense now. - Have the datepicker appear inline 2016-04-25 09:00:59 +00:00			`include TokenAuthenticatable`
Remove undigested token column from personal_access_tokens table Token column are no longer used as token values are stored digested in token_digest. 2019-02-20 11:39:37 +00:00
			`add_authentication_token_field :token, digest: true`
Address @DouweM's feedback on !3749. - Use `TokenAuthenticatable` to generate the personal access token - Remove a check for `authenticity_token` in application controller; this should've been `authentication_token`, maybe, and doesn't make any sense now. - Have the datepicker appear inline 2016-04-25 09:00:59 +00:00
Fix new personal access token showing up in a flash message 2017-12-04 04:01:18 +00:00			`REDIS_EXPIRY_TIME = 3.minutes`
OAuth2 support for GitLab personal access tokens PATs are accepted using the OAuth2 compliant header "Authorization: Bearer {token}" in order to allow for OAuth requests while 2FA is enabled. 2019-07-22 08:50:25 +00:00			`TOKEN_LENGTH = 20`
Fix new personal access token showing up in a flash message 2017-12-04 04:01:18 +00:00
Rename ActiverecordSerialize cop This cop has been renamed to ActiveRecordSerialize to match the way "ActiveRecord" is usually written. 2017-07-03 14:01:41 +00:00			`serialize :scopes, Array # rubocop:disable Cop/ActiveRecordSerialize`
Add a `scopes` column to the `personal_access_tokens` table 2016-11-22 08:53:53 +00:00
Allow creating Personal Access Tokens through the website. 2016-04-15 07:36:44 +00:00			`belongs_to :user`

applies relevant changes to the code and code structure 2017-02-23 17:47:06 +00:00			`before_save :ensure_token`

refactors finder and correlated code 2017-02-27 18:56:54 +00:00			`scope :active, -> { where("revoked = false AND (expires_at >= NOW() OR expires_at IS NULL)") }`
Make fixes based on @vsizov's comments on MR !3749 2016-04-22 08:33:11 +00:00			`scope :inactive, -> { where("revoked = true OR expires_at < NOW()") }`
refactors finder and correlated code 2017-02-27 18:56:54 +00:00			`scope :with_impersonation, -> { where(impersonation: true) }`
			`scope :without_impersonation, -> { where(impersonation: false) }`
Allow revoking personal access tokens. 2016-04-15 15:24:20 +00:00
Require explicit scopes on personal access tokens Gitlab::Auth and API::APIGuard already check for at least one valid scope on personal access tokens, so if the scopes are empty the token will always fail validation. 2017-02-06 15:39:35 +00:00			`validates :scopes, presence: true`
Create read_registry scope with JWT auth This is the first commit doing mainly 3 things: 1. create a new scope and allow users to use it 2. Have the JWTController respond correctly on this 3. Updates documentation to suggest usage of PATs There is one gotcha, there will be no support for impersonation tokens, as this seems not needed. Fixes gitlab-org/gitlab-ce#19219 2017-05-31 13:55:12 +00:00			`validate :validate_scopes`
Only use API scopes for personal access tokens 2017-01-31 10:21:29 +00:00
Set default scope on PATs that don't have one set to allow them to be revoked 2017-10-03 14:57:31 +00:00			`after_initialize :set_default_scopes, if: :persisted?`

Allow revoking personal access tokens. 2016-04-15 15:24:20 +00:00			`def revoke!`
Create read_registry scope with JWT auth This is the first commit doing mainly 3 things: 1. create a new scope and allow users to use it 2. Have the JWTController respond correctly on this 3. Updates documentation to suggest usage of PATs There is one gotcha, there will be no support for impersonation tokens, as this seems not needed. Fixes gitlab-org/gitlab-ce#19219 2017-05-31 13:55:12 +00:00			`update!(revoked: true)`
Allow revoking personal access tokens. 2016-04-15 15:24:20 +00:00			`end`
manage personal_access_tokens through api 2016-12-27 16:26:57 +00:00
			`def active?`
			`!revoked? && !expired?`
			`end`
Merge branch 'siemens/gitlab-ce-feature/openid-connect' 2017-03-07 16:16:08 +00:00
Fix new personal access token showing up in a flash message 2017-12-04 04:01:18 +00:00			`def self.redis_getdel(user_id)`
			`Gitlab::Redis::SharedState.with do \|redis\|`
[master] Persist only SHA digest of PersonalAccessToken#token 2018-10-29 16:06:45 +00:00			`encrypted_token = redis.get(redis_shared_state_key(user_id))`
Fix new personal access token showing up in a flash message 2017-12-04 04:01:18 +00:00			`redis.del(redis_shared_state_key(user_id))`
[master] Persist only SHA digest of PersonalAccessToken#token 2018-10-29 16:06:45 +00:00			`begin`
			`Gitlab::CryptoHelper.aes256_gcm_decrypt(encrypted_token)`
			`rescue => ex`
			`logger.warn "Failed to decrypt PersonalAccessToken value stored in Redis for User ##{user_id}: #{ex.class}"`
			`encrypted_token`
			`end`
Fix new personal access token showing up in a flash message 2017-12-04 04:01:18 +00:00			`end`
			`end`

			`def self.redis_store!(user_id, token)`
[master] Persist only SHA digest of PersonalAccessToken#token 2018-10-29 16:06:45 +00:00			`encrypted_token = Gitlab::CryptoHelper.aes256_gcm_encrypt(token)`

Fix new personal access token showing up in a flash message 2017-12-04 04:01:18 +00:00			`Gitlab::Redis::SharedState.with do \|redis\|`
[master] Persist only SHA digest of PersonalAccessToken#token 2018-10-29 16:06:45 +00:00			`redis.set(redis_shared_state_key(user_id), encrypted_token, ex: REDIS_EXPIRY_TIME)`
Fix new personal access token showing up in a flash message 2017-12-04 04:01:18 +00:00			`end`
			`end`

Only use API scopes for personal access tokens 2017-01-31 10:21:29 +00:00			`protected`

Create read_registry scope with JWT auth This is the first commit doing mainly 3 things: 1. create a new scope and allow users to use it 2. Have the JWTController respond correctly on this 3. Updates documentation to suggest usage of PATs There is one gotcha, there will be no support for impersonation tokens, as this seems not needed. Fixes gitlab-org/gitlab-ce#19219 2017-05-31 13:55:12 +00:00			`def validate_scopes`
Added write_repository scope for personal access token 2019-04-15 13:05:55 +00:00			`unless revoked \|\| scopes.all? { \|scope\| Gitlab::Auth.all_available_scopes.include?(scope.to_sym) }`
Create read_registry scope with JWT auth This is the first commit doing mainly 3 things: 1. create a new scope and allow users to use it 2. Have the JWTController respond correctly on this 3. Updates documentation to suggest usage of PATs There is one gotcha, there will be no support for impersonation tokens, as this seems not needed. Fixes gitlab-org/gitlab-ce#19219 2017-05-31 13:55:12 +00:00			`errors.add :scopes, "can only contain available scopes"`
Only use API scopes for personal access tokens 2017-01-31 10:21:29 +00:00			`end`
			`end`
Set default scope on PATs that don't have one set to allow them to be revoked 2017-10-03 14:57:31 +00:00
			`def set_default_scopes`
			`self.scopes = Gitlab::Auth::DEFAULT_SCOPES if self.scopes.empty?`
			`end`
Fix new personal access token showing up in a flash message 2017-12-04 04:01:18 +00:00
			`def self.redis_shared_state_key(user_id)`
			`"gitlab:personal_access_token:#{user_id}"`
			`end`
Allow creating Personal Access Tokens through the website. 2016-04-15 07:36:44 +00:00			`end`