Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Boxiang Sun
gitlab-ce
Commits
5f45ddc5
Commit
5f45ddc5
authored
Sep 15, 2016
by
Kamil Trzcinski
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fix specs after merging LFS changes
parent
83b643a0
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
36 additions
and
8 deletions
+36
-8
app/controllers/jwt_controller.rb
app/controllers/jwt_controller.rb
+12
-2
spec/lib/gitlab/auth_spec.rb
spec/lib/gitlab/auth_spec.rb
+3
-3
spec/requests/jwt_controller_spec.rb
spec/requests/jwt_controller_spec.rb
+21
-3
No files found.
app/controllers/jwt_controller.rb
View file @
5f45ddc5
...
@@ -13,7 +13,7 @@ class JwtController < ApplicationController
...
@@ -13,7 +13,7 @@ class JwtController < ApplicationController
@authentication_result
||=
Gitlab
::
Auth
::
Result
.
new
@authentication_result
||=
Gitlab
::
Auth
::
Result
.
new
result
=
service
.
new
(
@authentication_result
.
project
,
@authentication_result
.
use
r
,
auth_params
).
result
=
service
.
new
(
@authentication_result
.
project
,
@authentication_result
.
acto
r
,
auth_params
).
execute
(
capabilities:
@authentication_result
.
capabilities
)
execute
(
capabilities:
@authentication_result
.
capabilities
)
render
json:
result
,
status:
result
[
:http_status
]
render
json:
result
,
status:
result
[
:http_status
]
...
@@ -25,8 +25,18 @@ class JwtController < ApplicationController
...
@@ -25,8 +25,18 @@ class JwtController < ApplicationController
authenticate_with_http_basic
do
|
login
,
password
|
authenticate_with_http_basic
do
|
login
,
password
|
@authentication_result
=
Gitlab
::
Auth
.
find_for_git_client
(
login
,
password
,
project:
nil
,
ip:
request
.
ip
)
@authentication_result
=
Gitlab
::
Auth
.
find_for_git_client
(
login
,
password
,
project:
nil
,
ip:
request
.
ip
)
render_403
unless
@authentication_result
.
succeeded?
render_403
unless
@authentication_result
.
success?
&&
(
@authentication_result
.
actor
.
nil?
||
@authentication_result
.
actor
.
is_a?
(
User
))
end
end
rescue
Gitlab
::
Auth
::
MissingPersonalTokenError
render_missing_personal_token
end
def
render_missing_personal_token
render
plain:
"HTTP Basic: Access denied
\n
"
\
"You have 2FA enabled, please use a personal access token for Git over HTTP.
\n
"
\
"You can generate one at
#{
profile_personal_access_tokens_url
}
"
,
status:
401
end
end
def
auth_params
def
auth_params
...
...
spec/lib/gitlab/auth_spec.rb
View file @
5f45ddc5
...
@@ -65,7 +65,7 @@ describe Gitlab::Auth, lib: true do
...
@@ -65,7 +65,7 @@ describe Gitlab::Auth, lib: true do
token
=
Gitlab
::
LfsToken
.
new
(
user
).
generate
token
=
Gitlab
::
LfsToken
.
new
(
user
).
generate
expect
(
gl_auth
).
to
receive
(
:rate_limit!
).
with
(
ip
,
success:
true
,
login:
user
.
username
)
expect
(
gl_auth
).
to
receive
(
:rate_limit!
).
with
(
ip
,
success:
true
,
login:
user
.
username
)
expect
(
gl_auth
.
find_for_git_client
(
user
.
username
,
token
,
project:
nil
,
ip:
ip
)).
to
eq
(
Gitlab
::
Auth
::
Result
.
new
(
user
,
:lfs_token
))
expect
(
gl_auth
.
find_for_git_client
(
user
.
username
,
token
,
project:
nil
,
ip:
ip
)).
to
eq
(
Gitlab
::
Auth
::
Result
.
new
(
user
,
nil
,
:lfs_token
,
read_capabilities
))
end
end
it
'recognizes deploy key lfs tokens'
do
it
'recognizes deploy key lfs tokens'
do
...
@@ -74,7 +74,7 @@ describe Gitlab::Auth, lib: true do
...
@@ -74,7 +74,7 @@ describe Gitlab::Auth, lib: true do
token
=
Gitlab
::
LfsToken
.
new
(
key
).
generate
token
=
Gitlab
::
LfsToken
.
new
(
key
).
generate
expect
(
gl_auth
).
to
receive
(
:rate_limit!
).
with
(
ip
,
success:
true
,
login:
"lfs+deploy-key-
#{
key
.
id
}
"
)
expect
(
gl_auth
).
to
receive
(
:rate_limit!
).
with
(
ip
,
success:
true
,
login:
"lfs+deploy-key-
#{
key
.
id
}
"
)
expect
(
gl_auth
.
find_for_git_client
(
"lfs+deploy-key-
#{
key
.
id
}
"
,
token
,
project:
nil
,
ip:
ip
)).
to
eq
(
Gitlab
::
Auth
::
Result
.
new
(
key
,
:lfs_deploy_token
))
expect
(
gl_auth
.
find_for_git_client
(
"lfs+deploy-key-
#{
key
.
id
}
"
,
token
,
project:
nil
,
ip:
ip
)).
to
eq
(
Gitlab
::
Auth
::
Result
.
new
(
key
,
nil
,
:lfs_deploy_token
,
read_capabilities
))
end
end
it
'recognizes OAuth tokens'
do
it
'recognizes OAuth tokens'
do
...
@@ -91,7 +91,7 @@ describe Gitlab::Auth, lib: true do
...
@@ -91,7 +91,7 @@ describe Gitlab::Auth, lib: true do
login
=
'foo'
login
=
'foo'
ip
=
'ip'
ip
=
'ip'
expect
(
gl_auth
).
to
receive
(
:rate_limit!
).
with
(
ip
,
success:
nil
,
login:
login
)
expect
(
gl_auth
).
to
receive
(
:rate_limit!
).
with
(
ip
,
success:
false
,
login:
login
)
expect
(
gl_auth
.
find_for_git_client
(
login
,
'bar'
,
project:
nil
,
ip:
ip
)).
to
eq
(
Gitlab
::
Auth
::
Result
.
new
)
expect
(
gl_auth
.
find_for_git_client
(
login
,
'bar'
,
project:
nil
,
ip:
ip
)).
to
eq
(
Gitlab
::
Auth
::
Result
.
new
)
end
end
end
end
...
...
spec/requests/jwt_controller_spec.rb
View file @
5f45ddc5
...
@@ -45,13 +45,31 @@ describe JwtController do
...
@@ -45,13 +45,31 @@ describe JwtController do
context
'using User login'
do
context
'using User login'
do
let
(
:user
)
{
create
(
:user
)
}
let
(
:user
)
{
create
(
:user
)
}
let
(
:headers
)
{
{
authorization:
credentials
(
'user'
,
'password'
)
}
}
let
(
:headers
)
{
{
authorization:
credentials
(
user
.
username
,
user
.
password
)
}
}
before
{
expect
(
Gitlab
::
Auth
).
to
receive
(
:find_with_user_password
).
with
(
'user'
,
'password'
).
and_return
(
user
)
}
subject!
{
get
'/jwt/auth'
,
parameters
,
headers
}
subject!
{
get
'/jwt/auth'
,
parameters
,
headers
}
it
{
expect
(
service_class
).
to
have_received
(
:new
).
with
(
nil
,
user
,
parameters
)
}
it
{
expect
(
service_class
).
to
have_received
(
:new
).
with
(
nil
,
user
,
parameters
)
}
context
'when user has 2FA enabled'
do
let
(
:user
)
{
create
(
:user
,
:two_factor
)
}
context
'without personal token'
do
it
'rejects the authorization attempt'
do
expect
(
response
).
to
have_http_status
(
401
)
expect
(
response
.
body
).
to
include
(
'You have 2FA enabled, please use a personal access token for Git over HTTP'
)
end
end
context
'with personal token'
do
let
(
:access_token
)
{
create
(
:personal_access_token
,
user:
user
)
}
let
(
:headers
)
{
{
authorization:
credentials
(
user
.
username
,
access_token
.
token
)
}
}
it
'rejects the authorization attempt'
do
expect
(
response
).
to
have_http_status
(
200
)
end
end
end
end
end
context
'using invalid login'
do
context
'using invalid login'
do
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment