2017-10-13 20:05:18 -04:00
|
|
|
# Use for authentication only, in particular for Rack::Attack.
|
|
|
|
|
# Does not perform authorization of scopes, etc.
|
|
|
|
|
module Gitlab
|
|
|
|
|
module Auth
|
|
|
|
|
class RequestAuthenticator
|
2017-11-07 04:52:05 -05:00
|
|
|
include UserAuthFinders
|
|
|
|
|
|
|
|
|
|
attr_reader :request
|
|
|
|
|
|
2017-10-13 20:05:18 -04:00
|
|
|
def initialize(request)
|
2017-11-08 13:41:07 -05:00
|
|
|
@request = request
|
2017-10-13 20:05:18 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def user
|
2017-11-07 13:17:41 -05:00
|
|
|
find_sessionless_user || find_user_from_warden
|
2017-10-13 20:05:18 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def find_sessionless_user
|
2018-05-31 10:01:04 -04:00
|
|
|
find_user_from_access_token || find_user_from_feed_token
|
2017-11-17 07:33:21 -05:00
|
|
|
rescue Gitlab::Auth::AuthenticationError
|
2017-11-08 13:41:07 -05:00
|
|
|
nil
|
2017-10-13 20:05:18 -04:00
|
|
|
end
|
2018-02-23 05:33:46 -05:00
|
|
|
|
|
|
|
|
def valid_access_token?(scopes: [])
|
|
|
|
|
validate_access_token!(scopes: scopes)
|
|
|
|
|
|
|
|
|
|
true
|
|
|
|
|
rescue Gitlab::Auth::AuthenticationError
|
|
|
|
|
false
|
|
|
|
|
end
|
2017-10-13 20:05:18 -04:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
