X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/2a7126df16df11e02fa7a0a2069fc46a900c4153..36f984286e2b15a337bb3a591681946e5153333a:/app/controllers/application_controller.rb?ds=inline diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index c6223fb9d..4b36607bb 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -86,10 +86,6 @@ class ApplicationController < ActionController::Base @oauth_token = current_user.oauth_token(Settings.oauth_application) if current_user && Settings.key?(:oauth_application) end - def require_oauth_10a_support - report_error t("application.oauth_10a_disabled", :link => t("application.auth_disabled_link")), :forbidden unless Settings.oauth_10a_support - end - ## # require the user to have cookies enabled in their browser def require_cookies @@ -297,7 +293,7 @@ class ApplicationController < ActionController::Base end def deny_access(_exception) - if doorkeeper_token || current_token + if doorkeeper_token set_locale report_error t("oauth.permissions.missing"), :forbidden elsif current_user @@ -327,23 +323,6 @@ class ApplicationController < ActionController::Base end end - # extract authorisation credentials from headers, returns user = nil if none - def auth_data - if request.env.key? "X-HTTP_AUTHORIZATION" # where mod_rewrite might have put it - authdata = request.env["X-HTTP_AUTHORIZATION"].to_s.split - elsif request.env.key? "REDIRECT_X_HTTP_AUTHORIZATION" # mod_fcgi - authdata = request.env["REDIRECT_X_HTTP_AUTHORIZATION"].to_s.split - elsif request.env.key? "HTTP_AUTHORIZATION" # regular location - authdata = request.env["HTTP_AUTHORIZATION"].to_s.split - end - # only basic authentication supported - user, pass = Base64.decode64(authdata[1]).split(":", 2) if authdata && authdata[0] == "Basic" - [user, pass] - end - - # override to stop oauth plugin sending errors - def invalid_oauth_response; end - # clean any referer parameter def safe_referer(referer) begin @@ -366,7 +345,7 @@ class ApplicationController < ActionController::Base end def scope_enabled?(scope) - doorkeeper_token&.includes_scope?(scope) || current_token&.includes_scope?(scope) + doorkeeper_token&.includes_scope?(scope) end helper_method :scope_enabled?