diff options
Diffstat (limited to 'lib/api/helpers.rb')
| -rw-r--r-- | lib/api/helpers.rb | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index 8a21d44b4bf..5c93021688b 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -212,13 +212,18 @@ module API authenticate! unless %w[GET HEAD].include?(route.request_method) end - def authenticate_by_gitlab_shell_token! + def secret_token_param input = params['secret_token'] input ||= Base64.decode64(headers[GITLAB_SHARED_SECRET_HEADER]) if headers.key?(GITLAB_SHARED_SECRET_HEADER) - input&.chomp! + end + + def authenticate_by_gitlab_shell_token! + unauthorized! unless Devise.secure_compare(shell_secret_token, secret_token_param) + end - unauthorized! unless Devise.secure_compare(secret_token, input) + def authenticate_by_gitlab_pages_token! + unauthorized! unless Devise.secure_compare(Gitlab.pages.token, secret_token_param) end def authenticated_with_full_private_access! @@ -501,7 +506,7 @@ module API @sudo_identifier ||= params[SUDO_PARAM] || env[SUDO_HEADER] end - def secret_token + def shell_secret_token Gitlab::Shell.secret_token end |