Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
137a8016
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
137a8016
编写于
9月 26, 2016
作者:
K
Kamil Trzcinski
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Be nice to Docker Clients talking to JWT/auth
上级
3820ca58
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
28 addition
and
9 deletion
+28
-9
CHANGELOG
CHANGELOG
+1
-0
app/controllers/jwt_controller.rb
app/controllers/jwt_controller.rb
+16
-5
app/services/auth/container_registry_authentication_service.rb
...ervices/auth/container_registry_authentication_service.rb
+9
-2
spec/requests/jwt_controller_spec.rb
spec/requests/jwt_controller_spec.rb
+2
-2
未找到文件。
CHANGELOG
浏览文件 @
137a8016
...
...
@@ -12,6 +12,7 @@ v 8.12.2 (unreleased)
- Fix List-Unsubscribe header in emails
- Fix an issue with the "Commits" section of the cycle analytics summary. !6513
- Fix errors importing project feature and milestone models using GitLab project import
- Make JWT messages Docker-compatible
v 8.12.1
- Fix a memory leak in HTML::Pipeline::SanitizationFilter::WHITELIST
...
...
app/controllers/jwt_controller.rb
浏览文件 @
137a8016
...
...
@@ -25,7 +25,7 @@ class JwtController < ApplicationController
authenticate_with_http_basic
do
|
login
,
password
|
@authentication_result
=
Gitlab
::
Auth
.
find_for_git_client
(
login
,
password
,
project:
nil
,
ip:
request
.
ip
)
render_
403
unless
@authentication_result
.
success?
&&
render_
unauthorized
unless
@authentication_result
.
success?
&&
(
@authentication_result
.
actor
.
nil?
||
@authentication_result
.
actor
.
is_a?
(
User
))
end
rescue
Gitlab
::
Auth
::
MissingPersonalTokenError
...
...
@@ -33,10 +33,21 @@ class JwtController < ApplicationController
end
def
render_missing_personal_token
render
plain:
"HTTP Basic: Access denied
\n
"
\
"You have 2FA enabled, please use a personal access token for Git over HTTP.
\n
"
\
"You can generate one at
#{
profile_personal_access_tokens_url
}
"
,
status:
401
render
json:
{
errors:
[
{
code:
'UNAUTHORIZED'
,
message:
"HTTP Basic: Access denied
\n
"
\
"You have 2FA enabled, please use a personal access token for Git over HTTP.
\n
"
\
"You can generate one at
#{
profile_personal_access_tokens_url
}
"
}
]
},
status:
401
end
def
render_unauthorized
render
json:
{
errors:
[
{
code:
'UNAUTHORIZED'
,
message:
'HTTP Basic: Access denied'
}
]
},
status:
401
end
def
auth_params
...
...
app/services/auth/container_registry_authentication_service.rb
浏览文件 @
137a8016
...
...
@@ -7,10 +7,10 @@ module Auth
def
execute
(
authentication_abilities
:)
@authentication_abilities
=
authentication_abilities
return
error
(
'
not found'
,
404
)
unless
registry
.
enabled
return
error
(
'
UNAVAILABLE'
,
status:
404
,
message:
'registry not enabled'
)
unless
registry
.
enabled
unless
current_user
||
project
return
error
(
'
forbidden'
,
403
)
unless
scope
return
error
(
'
DENIED'
,
status:
403
,
message:
'access forbidden'
)
unless
scope
end
{
token:
authorized_token
(
scope
).
encoded
}
...
...
@@ -111,5 +111,12 @@ module Auth
@authentication_abilities
.
include?
(
:create_container_image
)
&&
can?
(
current_user
,
:create_container_image
,
requested_project
)
end
def
error
(
code
,
status
:,
message:
''
)
{
errors:
[{
code:
code
,
message:
message
}],
http_status:
status
}
end
end
end
spec/requests/jwt_controller_spec.rb
浏览文件 @
137a8016
...
...
@@ -39,7 +39,7 @@ describe JwtController do
subject!
{
get
'/jwt/auth'
,
parameters
,
headers
}
it
{
expect
(
response
).
to
have_http_status
(
40
3
)
}
it
{
expect
(
response
).
to
have_http_status
(
40
1
)
}
end
end
...
...
@@ -77,7 +77,7 @@ describe JwtController do
subject!
{
get
'/jwt/auth'
,
parameters
,
headers
}
it
{
expect
(
response
).
to
have_http_status
(
40
3
)
}
it
{
expect
(
response
).
to
have_http_status
(
40
1
)
}
end
end
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录