Class: Mattermost::Session

Inherits:
Object
  • Object
show all
Includes:
Doorkeeper::Helpers::Controller
Defined in:
lib/mattermost/session.rb

Overview

This class' prime objective is to obtain a session token on a Mattermost instance with SSO configured where this GitLab instance is the provider.

The process depends on OAuth, but skips a step in the authentication cycle. For example, usually a user would click the 'login in GitLab' button on Mattermost, which would yield a 302 status code and redirects you to GitLab to approve the use of your account on Mattermost. Which would trigger a callback so Mattermost knows this request is approved and gets the required data to create the user account etc.

This class however skips the button click, and also the approval phase to speed up the process and keep it without manual action and get a session going.

Defined Under Namespace

Classes: Request

Constant Summary collapse

LEASE_TIMEOUT =
60

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(current_user) ⇒ Session

Returns a new instance of Session.


37
38
39
40
# File 'lib/mattermost/session.rb', line 37

def initialize(current_user)
  @current_resource_owner = current_user
  @base_uri = Settings.mattermost.host
end

Instance Attribute Details

#base_uriObject

Returns the value of attribute base_uri.


35
36
37
# File 'lib/mattermost/session.rb', line 35

def base_uri
  @base_uri
end

#current_resource_ownerObject

Returns the value of attribute current_resource_owner.


35
36
37
# File 'lib/mattermost/session.rb', line 35

def current_resource_owner
  @current_resource_owner
end

#tokenObject

Returns the value of attribute token.


35
36
37
# File 'lib/mattermost/session.rb', line 35

def token
  @token
end

Instance Method Details

#authorizationObject


63
64
65
# File 'lib/mattermost/session.rb', line 63

def authorization
  @authorization ||= strategy.request
end

#delete(path, options = {}) ⇒ Object


91
92
93
94
95
# File 'lib/mattermost/session.rb', line 91

def delete(path, options = {})
  handle_exceptions do
    Gitlab::HTTP.delete(path, build_options(options))
  end
end

#get(path, options = {}) ⇒ Object


79
80
81
82
83
# File 'lib/mattermost/session.rb', line 79

def get(path, options = {})
  handle_exceptions do
    Gitlab::HTTP.get(path, build_options(options))
  end
end

#paramsObject


75
76
77
# File 'lib/mattermost/session.rb', line 75

def params
  Rack::Utils.parse_query(oauth_uri.query).symbolize_keys
end

#post(path, options = {}) ⇒ Object


85
86
87
88
89
# File 'lib/mattermost/session.rb', line 85

def post(path, options = {})
  handle_exceptions do
    Gitlab::HTTP.post(path, build_options(options))
  end
end

#pre_authObject

Next methods are needed for Doorkeeper


58
59
60
61
# File 'lib/mattermost/session.rb', line 58

def pre_auth
  @pre_auth ||= Doorkeeper::OAuth::PreAuthorization.new(
    Doorkeeper.configuration, params)
end

#requestObject


71
72
73
# File 'lib/mattermost/session.rb', line 71

def request
  @request ||= Request.new(parameters: params)
end

#strategyObject


67
68
69
# File 'lib/mattermost/session.rb', line 67

def strategy
  @strategy ||= server.authorization_request(pre_auth.response_type)
end

#with_sessionObject


42
43
44
45
46
47
48
49
50
51
52
53
54
55
# File 'lib/mattermost/session.rb', line 42

def with_session
  with_lease do
    create

    begin
      yield self
    rescue Errno::ECONNREFUSED => e
      Gitlab::AppLogger.error(e.message + "\n" + e.backtrace.join("\n"))
      raise ::Mattermost::NoSessionError
    ensure
      destroy
    end
  end
end