Commit 58e7dc3c authored by Alain Takoudjou's avatar Alain Takoudjou

fixup! fixup NXD blob/auth: Teach it to handle HTTP Basic Auth too

parent fb86140c
// API calls related to authentication // API calls related to authentication
package api package api
//"gitlab.com/gitlab-org/gitlab-workhorse/internal/badgateway"
import ( import (
"gitlab.com/gitlab-org/gitlab-workhorse/internal/badgateway"
"gitlab.com/gitlab-org/gitlab-workhorse/internal/helper" "gitlab.com/gitlab-org/gitlab-workhorse/internal/helper"
proxypkg "gitlab.com/gitlab-org/gitlab-workhorse/internal/proxy" proxypkg "gitlab.com/gitlab-org/gitlab-workhorse/internal/proxy"
"gitlab.com/gitlab-org/gitlab-workhorse/internal/senddata" "gitlab.com/gitlab-org/gitlab-workhorse/internal/senddata"
"gitlab.com/gitlab-org/gitlab-workhorse/internal/sendfile" "gitlab.com/gitlab-org/gitlab-workhorse/internal/sendfile"
"gitlab.com/gitlab-org/gitaly/proto/go/gitalypb"
"fmt" "fmt"
"net/http" "net/http"
"net/http/httptest" "net/http/httptest"
...@@ -249,7 +250,8 @@ func (aok *testDownloadOkViaSendArchive) Inject(w http.ResponseWriter, r *http.R ...@@ -249,7 +250,8 @@ func (aok *testDownloadOkViaSendArchive) Inject(w http.ResponseWriter, r *http.R
// if we ever get to this point - auth handler approved // if we ever get to this point - auth handler approved
// access and thus it is ok to download // access and thus it is ok to download
aok.authReply.RepoPath = param.RepoPath //aok.authReply.RepoPath = param.RepoPath
aok.authReply.Repository = gitalypb.Repository{RelativePath: param.RepoPath}
} }
// Ask auth backend about whether download is ok for a project. // Ask auth backend about whether download is ok for a project.
...@@ -303,7 +305,7 @@ func (a *API) verifyDownloadAccess(project string, user *url.Userinfo, query str ...@@ -303,7 +305,7 @@ func (a *API) verifyDownloadAccess(project string, user *url.Userinfo, query str
sendfile.SendFile(proxypkg.NewProxy( sendfile.SendFile(proxypkg.NewProxy(
a.URL, a.URL,
a.Version, a.Version,
a.Client.Transport.(*badgateway.RoundTripper), a.Client.Transport.(http.RoundTripper),
)), )),
aok, aok,
) )
...@@ -315,7 +317,8 @@ func (a *API) verifyDownloadAccess(project string, user *url.Userinfo, query str ...@@ -315,7 +317,8 @@ func (a *API) verifyDownloadAccess(project string, user *url.Userinfo, query str
// The reason we want to do this second try is that HTTP auth is // The reason we want to do this second try is that HTTP auth is
// handled by upstream auth backend for git requests only, and we might // handled by upstream auth backend for git requests only, and we might
// want to use e.g. https://gitlab-ci-token:token@/.../raw/... // want to use e.g. https://gitlab-ci-token:token@/.../raw/...
if authReply.RepoPath != "" || query != "" || len(header) != 0 { //if authReply.RepoPath != "" || query != "" || len(header) != 0 {
if authReply.Repository.RelativePath != "" || query != "" || len(header) != 0 {
return authReply return authReply
} }
if user == nil { if user == nil {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment