Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
2cb1d617
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
2cb1d617
编写于
10月 02, 2017
作者:
S
Shinya Maeda
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Use expires_in for access_token validation
上级
5663b480
变更
4
显示空白变更内容
内联
并排
Showing
4 changed file
with
36 addition
and
9 deletion
+36
-9
app/controllers/google_api/authorizations_controller.rb
app/controllers/google_api/authorizations_controller.rb
+7
-3
app/controllers/projects/clusters_controller.rb
app/controllers/projects/clusters_controller.rb
+11
-5
lib/google_api/auth.rb
lib/google_api/auth.rb
+2
-1
lib/google_api/cloud_platform/client.rb
lib/google_api/cloud_platform/client.rb
+16
-0
未找到文件。
app/controllers/google_api/authorizations_controller.rb
浏览文件 @
2cb1d617
module
GoogleApi
class
AuthorizationsController
<
ApplicationController
def
callback
session
[
GoogleApi
::
CloudPlatform
::
Client
.
session_key_for_token
]
=
GoogleApi
::
CloudPlatform
::
Client
.
new
(
nil
,
callback_google_api_authorizations_url
)
token
,
expires_at
=
GoogleApi
::
CloudPlatform
::
Client
.
new
(
nil
,
callback_google_api_authorizations_url
)
.
get_token
(
params
[
:code
])
session
[
GoogleApi
::
CloudPlatform
::
Client
.
session_key_for_token
]
=
token
session
[
GoogleApi
::
CloudPlatform
::
Client
.
session_key_for_expires_at
]
=
expires_at
.
to_s
if
params
[
:state
]
redirect_to
params
[
:state
]
else
...
...
app/controllers/projects/clusters_controller.rb
浏览文件 @
2cb1d617
...
...
@@ -6,12 +6,11 @@ class Projects::ClustersController < Projects::ApplicationController
def
login
begin
@authorize_url
=
GoogleApi
::
CloudPlatform
::
Client
.
new
(
nil
,
callback_google_api_authorizations_url
,
nil
,
callback_google_api_authorizations_url
,
state:
namespace_project_clusters_url
.
to_s
).
authorize_url
rescue
GoogleApi
::
Auth
::
ConfigMissingError
#
Show an alert message that gitlab.yml is not configured properly
#
no-op
end
end
...
...
@@ -83,12 +82,19 @@ class Projects::ClustersController < Projects::ApplicationController
end
def
authorize_google_api
unless
token_in_session
unless
GoogleApi
::
CloudPlatform
::
Client
.
new
(
token_in_session
,
nil
)
.
validate_token
(
expires_at_in_session
)
redirect_to
action:
'login'
end
end
def
token_in_session
@token_in_session
||=
session
[
GoogleApi
::
CloudPlatform
::
Client
.
session_key_for_token
]
@token_in_session
||=
session
[
GoogleApi
::
CloudPlatform
::
Client
.
session_key_for_token
]
end
def
expires_at_in_session
@expires_at_in_session
||=
session
[
GoogleApi
::
CloudPlatform
::
Client
.
session_key_for_expires_at
]
end
end
lib/google_api/auth.rb
浏览文件 @
2cb1d617
...
...
@@ -19,7 +19,8 @@ module GoogleApi
end
def
get_token
(
code
)
client
.
auth_code
.
get_token
(
code
,
redirect_uri:
redirect_uri
).
token
ret
=
client
.
auth_code
.
get_token
(
code
,
redirect_uri:
redirect_uri
)
return
ret
.
token
,
ret
.
expires_at
end
protected
...
...
lib/google_api/cloud_platform/client.rb
浏览文件 @
2cb1d617
...
...
@@ -9,12 +9,28 @@ module GoogleApi
def
session_key_for_token
:cloud_platform_access_token
end
def
session_key_for_expires_at
:cloud_platform_expires_at
end
end
def
scope
'https://www.googleapis.com/auth/cloud-platform'
end
def
validate_token
(
expires_at
)
return
false
unless
access_token
return
false
unless
expires_at
# Making sure that the token will have been still alive during the cluster creation.
unless
DateTime
.
strptime
(
expires_at
,
'%s'
).
to_time
>
Time
.
now
+
10
.
minutes
return
false
end
true
end
def
projects_zones_clusters_get
(
project_id
,
zone
,
cluster_id
)
service
=
Google
::
Apis
::
ContainerV1
::
ContainerService
.
new
service
.
authorization
=
access_token
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录