Commit 1cfa3c76 authored by Ash McKenzie's avatar Ash McKenzie

Include expires_in for LFS authentication payload

When using git-lfs with SSH we weren't passing in
the expires_header header which is allows large
transfers to succeed in the event the current
default of 30 mins expires.

https://github.com/git-lfs/git-lfs/blob/master/docs/api/server-discovery.md#ssh
parent 6dab9ce3
---
title: Provide expires_in in LFS authentication payload
merge_request: 25082
author:
type: fixed
...@@ -117,7 +117,7 @@ module API ...@@ -117,7 +117,7 @@ module API
raise ActiveRecord::RecordNotFound.new("No key_id or user_id passed!") raise ActiveRecord::RecordNotFound.new("No key_id or user_id passed!")
end end
Gitlab::LfsToken.new(actor).for_gitlab_shell(project.http_url_to_repo) Gitlab::LfsToken.new(actor).authentication_payload(project.http_url_to_repo)
end end
# rubocop: enable CodeReuse/ActiveRecord # rubocop: enable CodeReuse/ActiveRecord
......
...@@ -47,11 +47,12 @@ module Gitlab ...@@ -47,11 +47,12 @@ module Gitlab
user? ? :lfs_token : :lfs_deploy_token user? ? :lfs_token : :lfs_deploy_token
end end
def for_gitlab_shell(repository_http_path) def authentication_payload(repository_http_path)
{ {
username: actor_name, username: actor_name,
lfs_token: token, lfs_token: token,
repository_http_path: repository_http_path repository_http_path: repository_http_path,
expires_in: DEFAULT_EXPIRE_TIME
} }
end end
......
...@@ -227,17 +227,17 @@ describe Gitlab::LfsToken, :clean_gitlab_redis_shared_state do ...@@ -227,17 +227,17 @@ describe Gitlab::LfsToken, :clean_gitlab_redis_shared_state do
end end
end end
describe '#for_gitlab_shell' do describe '#authentication_payload' do
let(:actor) { create(:user) } it 'returns a Hash designed for gitlab-shell' do
let(:lfs_token) { described_class.new(actor) } actor = create(:user)
let(:repo_http_path) { 'http://localhost/user/repo.git' } lfs_token = described_class.new(actor)
repo_http_path = 'http://localhost/user/repo.git'
it 'returns a Hash desgined for gitlab-shell' do authentication_payload = lfs_token.authentication_payload(repo_http_path)
hash = lfs_token.for_gitlab_shell(repo_http_path)
expect(authentication_payload[:username]).to eq(actor.username)
expect(hash[:username]).to eq(actor.username) expect(authentication_payload[:repository_http_path]).to eq(repo_http_path)
expect(hash[:repository_http_path]).to eq(repo_http_path) expect(authentication_payload[:lfs_token]).to be_a String
expect(hash[:lfs_token]).to be_a String expect(authentication_payload[:expires_in]).to eq(described_class::DEFAULT_EXPIRE_TIME)
end end
end end
end end
...@@ -167,6 +167,7 @@ describe API::Internal do ...@@ -167,6 +167,7 @@ describe API::Internal do
expect(response).to have_gitlab_http_status(200) expect(response).to have_gitlab_http_status(200)
expect(json_response['username']).to eq(user.username) expect(json_response['username']).to eq(user.username)
expect(json_response['repository_http_path']).to eq(project.http_url_to_repo) expect(json_response['repository_http_path']).to eq(project.http_url_to_repo)
expect(json_response['expires_in']).to eq(Gitlab::LfsToken::DEFAULT_EXPIRE_TIME)
expect(Gitlab::LfsToken.new(key).token_valid?(json_response['lfs_token'])).to be_truthy expect(Gitlab::LfsToken.new(key).token_valid?(json_response['lfs_token'])).to be_truthy
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment