Check gitlab username in verification
This commit is contained in:
parent
98acfa2e33
commit
8e1cd73f39
@ -264,18 +264,27 @@ export class AuthService {
|
|||||||
return user;
|
return user;
|
||||||
}
|
}
|
||||||
|
|
||||||
async isGitlabATValid(user: User): Promise<boolean> {
|
async getGitlabUserInfo(
|
||||||
|
req: Request,
|
||||||
|
user: User
|
||||||
|
): Promise<GitlabUserResponse | null> {
|
||||||
try {
|
try {
|
||||||
await axios.get(`${GITLAB_API_URL}/oauth/token/info`, {
|
const userInfoResp = await axios.get(
|
||||||
|
`${GITLAB_API_URL}/api/v4/user`,
|
||||||
|
{
|
||||||
headers: { Authorization: `Bearer ${user.gitlabAT}` }
|
headers: { Authorization: `Bearer ${user.gitlabAT}` }
|
||||||
});
|
}
|
||||||
return true;
|
);
|
||||||
|
return userInfoResp.data;
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
return false;
|
return null;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
async tryRefreshGitlabTokens(req: Request, user: User): Promise<boolean> {
|
async tryRefreshGitlabTokens(
|
||||||
|
req: Request,
|
||||||
|
user: User
|
||||||
|
): Promise<User | null> {
|
||||||
const params = new URLSearchParams();
|
const params = new URLSearchParams();
|
||||||
params.append('redirect_uri', this.getGitlabRedirectUrl(req));
|
params.append('redirect_uri', this.getGitlabRedirectUrl(req));
|
||||||
params.append('client_id', GITLAB_ID);
|
params.append('client_id', GITLAB_ID);
|
||||||
@ -288,16 +297,20 @@ export class AuthService {
|
|||||||
{}
|
{}
|
||||||
);
|
);
|
||||||
const data: GitlabTokenResponse = resp.data;
|
const data: GitlabTokenResponse = resp.data;
|
||||||
await this.setGitlabTokens(user, data);
|
return this.setGitlabTokens(user, data);
|
||||||
return true;
|
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
return false;
|
return null;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
async verifyGitlabUser(req: Request, user: User): Promise<boolean> {
|
async verifyGitlabUser(req: Request, user: User): Promise<boolean> {
|
||||||
if (await this.isGitlabATValid(user)) return true;
|
let info = await this.getGitlabUserInfo(req, user);
|
||||||
return await this.tryRefreshGitlabTokens(req, user);
|
if (!info) {
|
||||||
|
user = await this.tryRefreshGitlabTokens(req, user);
|
||||||
|
if (!user) return false;
|
||||||
|
info = await this.getGitlabUserInfo(req, user);
|
||||||
|
}
|
||||||
|
return info && info.username == user.name;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user