Class: Gitlab::APIAuthentication::TokenResolver
- Inherits:
-
Object
- Object
- Gitlab::APIAuthentication::TokenResolver
- Includes:
- ActiveModel::Validations
- Defined in:
- lib/gitlab/api_authentication/token_resolver.rb
Constant Summary collapse
- UsernameAndPassword =
::Gitlab::APIAuthentication::TokenLocator::UsernameAndPassword
Instance Attribute Summary collapse
-
#token_type ⇒ Object
readonly
Returns the value of attribute token_type.
Instance Method Summary collapse
-
#initialize(token_type) ⇒ TokenResolver
constructor
A new instance of TokenResolver.
-
#resolve(raw) ⇒ Object
Existing behavior is known to be inconsistent across authentication methods with regards to whether to silently ignore present but invalid credentials or to raise an error/respond with 401.
Constructor Details
#initialize(token_type) ⇒ TokenResolver
Returns a new instance of TokenResolver.
26 27 28 29 |
# File 'lib/gitlab/api_authentication/token_resolver.rb', line 26 def initialize(token_type) @token_type = token_type validate! end |
Instance Attribute Details
#token_type ⇒ Object (readonly)
Returns the value of attribute token_type.
8 9 10 |
# File 'lib/gitlab/api_authentication/token_resolver.rb', line 8 def token_type @token_type end |
Instance Method Details
#resolve(raw) ⇒ Object
Existing behavior is known to be inconsistent across authentication methods with regards to whether to silently ignore present but invalid credentials or to raise an error/respond with 401.
If a token can be located from the provided credentials, but the token or credentials are in some way invalid, this implementation opts to raise an error.
For example, if the raw credentials include a username and password, and a token is resolved from the password, but the username does not match the token, an error will be raised.
45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 |
# File 'lib/gitlab/api_authentication/token_resolver.rb', line 45 def resolve(raw) case @token_type when :personal_access_token resolve_personal_access_token raw when :job_token resolve_job_token raw when :deploy_token resolve_deploy_token raw when :personal_access_token_with_username resolve_personal_access_token_with_username raw when :job_token_with_username resolve_job_token_with_username raw when :deploy_token_with_username resolve_deploy_token_with_username raw when :personal_access_token_from_jwt resolve_personal_access_token_from_jwt raw when :deploy_token_from_jwt resolve_deploy_token_from_jwt raw when :job_token_from_jwt resolve_job_token_from_jwt raw end end |