Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
5fc310b4
Commit
5fc310b4
authored
Apr 21, 2016
by
Kamil Trzcinski
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Missing parameters of docker payload
parent
8aac802e
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
21 additions
and
2 deletions
+21
-2
lib/api/auth.rb
lib/api/auth.rb
+21
-2
No files found.
lib/api/auth.rb
View file @
5fc310b4
...
@@ -113,6 +113,7 @@ module API
...
@@ -113,6 +113,7 @@ module API
end
end
def
docker_payload
def
docker_payload
issued_at
=
Time
.
now
{
{
access:
[
access:
[
type:
@type
,
type:
@type
,
...
@@ -121,8 +122,14 @@ module API
...
@@ -121,8 +122,14 @@ module API
],
],
iss:
Gitlab
.
config
.
registry
.
issuer
,
iss:
Gitlab
.
config
.
registry
.
issuer
,
aud:
"docker"
,
aud:
"docker"
,
sub:
@user
.
try
(
:username
),
aud:
@service
,
iat:
issued_at
,
nbf:
issued_at
-
5
.
seconds
,
exp:
issued_at
+
60
.
minutes
,
jti:
SecureRandom
.
uuid
,
exp:
Time
.
now
.
to_i
+
3600
exp:
Time
.
now
.
to_i
+
3600
}
}
.
compact
end
end
def
private_key
def
private_key
...
@@ -130,7 +137,10 @@ module API
...
@@ -130,7 +137,10 @@ module API
end
end
def
encode
(
payload
)
def
encode
(
payload
)
JWT
.
encode
(
payload
,
private_key
,
'RS256'
)
headers
=
{
kid:
kid
(
private_key
)
}
JWT
.
encode
(
payload
,
private_key
,
'RS256'
,
headers
)
end
end
def
authorize_actions!
(
actions
)
def
authorize_actions!
(
actions
)
...
@@ -150,6 +160,15 @@ module API
...
@@ -150,6 +160,15 @@ module API
end
end
end
end
def
kid
(
private_key
)
sha256
=
Digest
::
SHA256
.
new
sha256
.
update
(
private_key
.
public_key
.
to_der
)
payload
=
StringIO
.
new
(
sha256
.
digest
).
read
(
30
)
Base32
.
encode
(
payload
).
split
(
""
).
each_slice
(
4
).
each_with_object
([])
do
|
slice
,
mem
|
mem
<<
slice
.
join
end
.
join
(
":"
)
end
class
BasicRequest
<
Rack
::
Auth
::
AbstractRequest
class
BasicRequest
<
Rack
::
Auth
::
AbstractRequest
def
basic?
def
basic?
"basic"
==
scheme
"basic"
==
scheme
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment