Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
01b4bea0
Commit
01b4bea0
authored
Aug 21, 2015
by
Douwe Maan
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Satisfy Rubocop
parent
6ff10340
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
15 additions
and
12 deletions
+15
-12
lib/gitlab/backend/grack_auth.rb
lib/gitlab/backend/grack_auth.rb
+15
-12
No files found.
lib/gitlab/backend/grack_auth.rb
View file @
01b4bea0
...
...
@@ -26,12 +26,13 @@ module Grack
auth!
if
project
&&
authorized_request?
response
=
if
ENV
[
'GITLAB_GRACK_AUTH_ONLY'
]
==
'1'
# Tell gitlab-git-http-server the request is OK, and what the GL_ID is
render_grack_auth_ok
else
@app
.
call
(
env
)
end
response
=
if
ENV
[
'GITLAB_GRACK_AUTH_ONLY'
]
==
'1'
# Tell gitlab-git-http-server the request is OK, and what the GL_ID is
render_grack_auth_ok
else
@app
.
call
(
env
)
end
apply_negotiate_final_leg
(
response
)
elsif
@user
.
nil?
&&
!
@gitlab_ci
unauthorized
...
...
@@ -74,7 +75,8 @@ module Grack
# the response even if it's not a 401 status
status
,
headers
,
body
=
response
headers
[
'WWW-Authenticate'
]
=
spnego_challenge
return
[
status
,
headers
,
body
]
[
status
,
headers
,
body
]
end
def
valid_auth_method?
...
...
@@ -253,11 +255,12 @@ module Grack
gss
=
GSSAPI
::
Simple
.
new
(
nil
,
nil
,
Gitlab
.
config
.
kerberos
.
keytab
)
# the GSSAPI::Simple constructor transforms a nil service name into a default value, so
# pass service name to acquire_credentials explicitly to support the special meaning of nil
gss_service_name
=
if
Gitlab
.
config
.
kerberos
.
service_principal_name
.
present?
gss
.
import_name
(
Gitlab
.
config
.
kerberos
.
service_principal_name
)
else
nil
# accept any valid service principal name from keytab
end
gss_service_name
=
if
Gitlab
.
config
.
kerberos
.
service_principal_name
.
present?
gss
.
import_name
(
Gitlab
.
config
.
kerberos
.
service_principal_name
)
else
nil
# accept any valid service principal name from keytab
end
gss
.
acquire_credentials
(
gss_service_name
)
# grab credentials from keytab
# Decode token
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment