From 471a643a60a17ea9048615a2ac2d295e0682edd4 Mon Sep 17 00:00:00 2001 From: Nihad Abbasov Date: Sun, 11 May 2014 23:25:40 +0500 Subject: [PATCH] pass private token using HTTP headers --- lib/gitlab/request.rb | 22 ++++++++++------------ spec/spec_helper.rb | 16 ++++++++-------- 2 files changed, 18 insertions(+), 20 deletions(-) diff --git a/lib/gitlab/request.rb b/lib/gitlab/request.rb index e87fec90d..31ec98bbc 100644 --- a/lib/gitlab/request.rb +++ b/lib/gitlab/request.rb @@ -34,22 +34,22 @@ def self.decode(response) end def get(path, options={}) - set_private_token_param(options) + set_private_token_header(options) validate self.class.get(path, options) end def post(path, options={}) - set_private_token_param(options, path) + set_private_token_header(options, path) validate self.class.post(path, options) end def put(path, options={}) - set_private_token_param(options) + set_private_token_header(options) validate self.class.put(path, options) end def delete(path, options={}) - set_private_token_param(options) + set_private_token_header(options) validate self.class.delete(path, options) end @@ -84,15 +84,13 @@ def set_request_defaults(endpoint, private_token, sudo=nil) private - # Sets a private_token parameter for requests. + # Sets a PRIVATE-TOKEN header for requests. # @raise [Error::MissingCredentials] if private_token not set. - def set_private_token_param(options, path=nil) - # session doesn't require private_token param - return if path == '/session' - - raise Error::MissingCredentials.new("Please set a private_token for user") unless @private_token - private_token_param = {:private_token => @private_token} - options[:query] = options[:query] ? options[:query].merge(private_token_param) : private_token_param + def set_private_token_header(options, path=nil) + unless path == '/session' + raise Error::MissingCredentials.new("Please set a private_token for user") unless @private_token + options[:headers] = {'PRIVATE-TOKEN' => @private_token} + end end def error_message(response) diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 9935f205d..2cb11d5f0 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -17,47 +17,47 @@ def load_fixture(name) # GET def stub_get(path, fixture) stub_request(:get, "#{Gitlab.endpoint}#{path}"). - with(:query => {:private_token => Gitlab.private_token}). + with(:headers => {'PRIVATE-TOKEN' => Gitlab.private_token}). to_return(:body => load_fixture(fixture)) end def a_get(path) a_request(:get, "#{Gitlab.endpoint}#{path}"). - with(:query => {:private_token => Gitlab.private_token}) + with(:headers => {'PRIVATE-TOKEN' => Gitlab.private_token}) end # POST def stub_post(path, fixture, status_code=200) stub_request(:post, "#{Gitlab.endpoint}#{path}"). - with(:query => {:private_token => Gitlab.private_token}). + with(:headers => {'PRIVATE-TOKEN' => Gitlab.private_token}). to_return(:body => load_fixture(fixture), :status => status_code) end def a_post(path) a_request(:post, "#{Gitlab.endpoint}#{path}"). - with(:query => {:private_token => Gitlab.private_token}) + with(:headers => {'PRIVATE-TOKEN' => Gitlab.private_token}) end # PUT def stub_put(path, fixture) stub_request(:put, "#{Gitlab.endpoint}#{path}"). - with(:query => {:private_token => Gitlab.private_token}). + with(:headers => {'PRIVATE-TOKEN' => Gitlab.private_token}). to_return(:body => load_fixture(fixture)) end def a_put(path) a_request(:put, "#{Gitlab.endpoint}#{path}"). - with(:query => {:private_token => Gitlab.private_token}) + with(:headers => {'PRIVATE-TOKEN' => Gitlab.private_token}) end # DELETE def stub_delete(path, fixture) stub_request(:delete, "#{Gitlab.endpoint}#{path}"). - with(:query => {:private_token => Gitlab.private_token}). + with(:headers => {'PRIVATE-TOKEN' => Gitlab.private_token}). to_return(:body => load_fixture(fixture)) end def a_delete(path) a_request(:delete, "#{Gitlab.endpoint}#{path}"). - with(:query => {:private_token => Gitlab.private_token}) + with(:headers => {'PRIVATE-TOKEN' => Gitlab.private_token}) end