Module: API::APIGuard::HelperMethods

Includes:
Gitlab::Auth::AuthFinders
Defined in:
lib/api/api_guard.rb

Overview

Helper Methods for Grape Endpoint

Constant Summary

Constants included from Gitlab::Auth::AuthFinders

Gitlab::Auth::AuthFinders::DEPLOY_TOKEN_HEADER, Gitlab::Auth::AuthFinders::HEADER_TOKEN_KEYS, Gitlab::Auth::AuthFinders::JOB_TOKEN_HEADER, Gitlab::Auth::AuthFinders::JOB_TOKEN_PARAM, Gitlab::Auth::AuthFinders::PARAM_TOKEN_KEYS, Gitlab::Auth::AuthFinders::PRIVATE_TOKEN_HEADER, Gitlab::Auth::AuthFinders::PRIVATE_TOKEN_PARAM, Gitlab::Auth::AuthFinders::RUNNER_JOB_TOKEN_PARAM, Gitlab::Auth::AuthFinders::RUNNER_TOKEN_PARAM

Instance Attribute Summary

Attributes included from Gitlab::Auth::AuthFinders

#current_token

Instance Method Summary collapse

Methods included from Gitlab::Auth::AuthFinders

#authentication_token_present?, #cluster_agent_token_from_authorization_token, #deploy_token_from_request, #find_job_from_job_token, #find_runner_from_token, #find_user_from_access_token, #find_user_from_basic_auth_password, #find_user_from_bearer_token, #find_user_from_feed_token, #find_user_from_job_token, #find_user_from_lfs_token, #find_user_from_personal_access_token, #find_user_from_static_object_token, #find_user_from_warden, #find_user_from_web_access_token, path_dependent_feed_token_regex, #validate_and_save_access_token!

Methods included from Gitlab::RackLoadBalancingHelpers

#load_balancer_stick_request

Instance Method Details

#access_tokenObject 



51
52
53
54
55
 
# File 'lib/api/api_guard.rb', line 51

def access_token
  strong_memoize(:api_guard_access_token) do
    super || find_personal_access_token_from_http_basic_auth
  end
end

#find_current_user!Object 



57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
 
# File 'lib/api/api_guard.rb', line 57

def find_current_user!
  user = find_user_from_sources
  return unless user

  Gitlab::Auth::CurrentUserMode.bypass_session!(user.id) if bypass_session_for_admin_mode?(user)

  unless api_access_allowed?(user)
    forbidden!(api_access_denied_message(user))
  end

  check_language_server_client!(user)
  check_dpop!(user)

  user
end

#find_user_from_sourcesObject 



73
74
75
76
77
78
79
80
81
82
83
84
85
 
# File 'lib/api/api_guard.rb', line 73

def find_user_from_sources
  strong_memoize(:find_user_from_sources) do
    if try(:namespace_inheritable, :authentication)
      user_from_namespace_inheritable ||
        user_from_warden
    else
      deploy_token_from_request ||
        find_user_from_bearer_token ||
        find_user_from_job_token ||
        user_from_warden
    end
  end
end