From cf6a35f09a3f38b124bd0e6013950f21b5bb1851 Mon Sep 17 00:00:00 2001
From: Kamil Trzcinski <ayufan@ayufan.eu>
Date: Tue, 20 Sep 2016 17:07:34 +0200
Subject: [PATCH] Improve JwtController implementation

---
 app/controllers/jwt_controller.rb                         | 6 +++---
 .../auth/container_registry_authentication_service.rb     | 2 +-
 lib/ci/mask_secret.rb                                     | 3 ++-
 spec/lib/ci/mask_secret_spec.rb                           | 8 +++++---
 4 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/app/controllers/jwt_controller.rb b/app/controllers/jwt_controller.rb
index 06d96774754..34d5d99558e 100644
--- a/app/controllers/jwt_controller.rb
+++ b/app/controllers/jwt_controller.rb
@@ -11,10 +11,8 @@ class JwtController < ApplicationController
     service = SERVICES[params[:service]]
     return head :not_found unless service
 
-    @authentication_result ||= Gitlab::Auth::Result.new
-
     result = service.new(@authentication_result.project, @authentication_result.actor, auth_params).
-      execute(authentication_abilities: @authentication_result.authentication_abilities)
+      execute(authentication_abilities: @authentication_result.authentication_abilities || [])
 
     render json: result, status: result[:http_status]
   end
@@ -22,6 +20,8 @@ class JwtController < ApplicationController
   private
 
   def authenticate_project_or_user
+    @authentication_result = Gitlab::Auth::Result.new
+
     authenticate_with_http_basic do |login, password|
       @authentication_result = Gitlab::Auth.find_for_git_client(login, password, project: nil, ip: request.ip)
 
diff --git a/app/services/auth/container_registry_authentication_service.rb b/app/services/auth/container_registry_authentication_service.rb
index 98da6563947..38ac6631228 100644
--- a/app/services/auth/container_registry_authentication_service.rb
+++ b/app/services/auth/container_registry_authentication_service.rb
@@ -5,7 +5,7 @@ module Auth
     AUDIENCE = 'container_registry'
 
     def execute(authentication_abilities:)
-      @authentication_abilities = authentication_abilities || []
+      @authentication_abilities = authentication_abilities
 
       return error('not found', 404) unless registry.enabled
 
diff --git a/lib/ci/mask_secret.rb b/lib/ci/mask_secret.rb
index 3388a642eb4..997377abc55 100644
--- a/lib/ci/mask_secret.rb
+++ b/lib/ci/mask_secret.rb
@@ -1,9 +1,10 @@
 module Ci::MaskSecret
   class << self
     def mask!(value, token)
-      return unless value.present? && token.present?
+      return value unless value.present? && token.present?
 
       value.gsub!(token, 'x' * token.length)
+      value
     end
   end
 end
diff --git a/spec/lib/ci/mask_secret_spec.rb b/spec/lib/ci/mask_secret_spec.rb
index a6938533138..3101bed20fb 100644
--- a/spec/lib/ci/mask_secret_spec.rb
+++ b/spec/lib/ci/mask_secret_spec.rb
@@ -16,10 +16,12 @@ describe Ci::MaskSecret, lib: true do
       expect(mask('token', 'not')).to eq('token')
     end
 
+    it 'does support null token' do
+      expect(mask('token', nil)).to eq('token')
+    end
+
     def mask(value, token)
-      value = value.dup
-      subject.mask!(value, token)
-      value
+      subject.mask!(value.dup, token)
     end
   end
 end
-- 
GitLab