1.86.0 1.87.0
...@@ -26,8 +26,8 @@ gem 'marginalia', '~> 1.8.0' ...@@ -26,8 +26,8 @@ gem 'marginalia', '~> 1.8.0'
# Authentication libraries # Authentication libraries
gem 'devise', '~> 4.6' gem 'devise', '~> 4.6'
gem 'doorkeeper', '~> 4.4.3' gem 'doorkeeper', '~> 5.0.2'
gem 'doorkeeper-openid_connect', '~> 1.5' gem 'doorkeeper-openid_connect', '~> 1.6.3'
gem 'omniauth', '~> 1.8' gem 'omniauth', '~> 1.8'
gem 'omniauth-auth0', '~> 2.0.0' gem 'omniauth-auth0', '~> 2.0.0'
gem 'omniauth-azure-oauth2', '~> 0.0.9' gem 'omniauth-azure-oauth2', '~> 0.0.9'
... ...
......
...@@ -243,10 +243,10 @@ GEM ...@@ -243,10 +243,10 @@ GEM
docile (1.3.1) docile (1.3.1)
domain_name (0.5.20180417) domain_name (0.5.20180417)
unf (>= 0.0.5, < 1.0.0) unf (>= 0.0.5, < 1.0.0)
doorkeeper (4.4.3) doorkeeper (5.0.2)
railties (>= 4.2) railties (>= 4.2)
doorkeeper-openid_connect (1.5.0) doorkeeper-openid_connect (1.6.3)
doorkeeper (~> 4.3) doorkeeper (>= 5.0, < 5.2)
json-jwt (~> 1.6) json-jwt (~> 1.6)
ed25519 (1.2.4) ed25519 (1.2.4)
elasticsearch (6.8.0) elasticsearch (6.8.0)
...@@ -1197,8 +1197,8 @@ DEPENDENCIES ...@@ -1197,8 +1197,8 @@ DEPENDENCIES
diff_match_patch (~> 0.1.0) diff_match_patch (~> 0.1.0)
diffy (~> 3.1.0) diffy (~> 3.1.0)
discordrb-webhooks-blackst0ne (~> 3.3) discordrb-webhooks-blackst0ne (~> 3.3)
doorkeeper (~> 4.4.3) doorkeeper (~> 5.0.2)
doorkeeper-openid_connect (~> 1.5) doorkeeper-openid_connect (~> 1.6.3)
ed25519 (~> 1.2) ed25519 (~> 1.2)
elasticsearch-api (~> 6.8) elasticsearch-api (~> 6.8)
elasticsearch-model (~> 6.1) elasticsearch-model (~> 6.1)
... ...
......
...@@ -14,6 +14,7 @@ import { ...@@ -14,6 +14,7 @@ import {
lineWidths, lineWidths,
symbolSizes, symbolSizes,
dateFormats, dateFormats,
chartColorValues,
} from '../../constants'; } from '../../constants';
import { makeDataSeries } from '~/helpers/monitor_helper'; import { makeDataSeries } from '~/helpers/monitor_helper';
import { graphDataValidatorForValues } from '../../utils'; import { graphDataValidatorForValues } from '../../utils';
...@@ -124,7 +125,7 @@ export default { ...@@ -124,7 +125,7 @@ export default {
// Transforms & supplements query data to render appropriate labels & styles // Transforms & supplements query data to render appropriate labels & styles
// Input: [{ queryAttributes1 }, { queryAttributes2 }] // Input: [{ queryAttributes1 }, { queryAttributes2 }]
// Output: [{ seriesAttributes1 }, { seriesAttributes2 }] // Output: [{ seriesAttributes1 }, { seriesAttributes2 }]
return this.graphData.metrics.reduce((acc, query) => { return this.graphData.metrics.reduce((acc, query, i) => {
const { appearance } = query; const { appearance } = query;
const lineType = const lineType =
appearance && appearance.line && appearance.line.type appearance && appearance.line && appearance.line.type
...@@ -145,7 +146,7 @@ export default { ...@@ -145,7 +146,7 @@ export default {
lineStyle: { lineStyle: {
type: lineType, type: lineType,
width: lineWidth, width: lineWidth,
color: this.primaryColor, color: chartColorValues[i % chartColorValues.length],
}, },
showSymbol: false, showSymbol: false,
areaStyle: this.graphData.type === 'area-chart' ? areaStyle : undefined, areaStyle: this.graphData.type === 'area-chart' ? areaStyle : undefined,
... ...
......
...@@ -70,6 +70,13 @@ export const colorValues = { ...@@ -70,6 +70,13 @@ export const colorValues = {
anomalyAreaColor: '#1f78d1', anomalyAreaColor: '#1f78d1',
}; };
export const chartColorValues = [
'#1f78d1', // $blue-500 (see variables.scss)
'#1aaa55', // $green-500
'#fc9403', // $orange-500
'#6d49cb', // $purple
];
export const lineTypes = { export const lineTypes = {
default: 'solid', default: 'solid',
}; };
... ...
......
...@@ -8,6 +8,10 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController ...@@ -8,6 +8,10 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
include Gitlab::Experimentation::ControllerConcern include Gitlab::Experimentation::ControllerConcern
include InitializesCurrentUserMode include InitializesCurrentUserMode
# Defined by the `Doorkeeper::ApplicationsController` and is redundant as we call `authenticate_user!` below. Not
# defining or skipping this will result in a `403` response to all requests.
skip_before_action :authenticate_admin!
prepend_before_action :verify_user_oauth_applications_enabled, except: :index prepend_before_action :verify_user_oauth_applications_enabled, except: :index
prepend_before_action :authenticate_user! prepend_before_action :authenticate_user!
before_action :add_gon_variables before_action :add_gon_variables
... ...
......
# frozen_string_literal: true
class Oauth::TokenInfoController < Doorkeeper::TokenInfoController
def show
if doorkeeper_token && doorkeeper_token.accessible?
token_json = doorkeeper_token.as_json
# maintain backwards compatibility
render json: token_json.merge(
'scopes' => token_json[:scope],
'expires_in_seconds' => token_json[:expires_in]
), status: :ok
else
error = Doorkeeper::OAuth::ErrorResponse.new(name: :invalid_request)
response.headers.merge!(error.headers)
render json: error.body, status: error.status
end
end
end
---
title: Add a link to the variable priority override section from triggers page
merge_request: 25264
author: DFredell
type: other
---
title: Upgrade to Gitaly v1.87.0
merge_request: 25370
author:
type: changed
---
title: Upgrade Doorkeeper to 5.0.2
merge_request: 21173
author:
type: security
---
title: Add missing colors on the monitoring dashboards
merge_request: 24921
author:
type: fixed
...@@ -113,53 +113,3 @@ Doorkeeper.configure do ...@@ -113,53 +113,3 @@ Doorkeeper.configure do
base_controller '::Gitlab::BaseDoorkeeperController' base_controller '::Gitlab::BaseDoorkeeperController'
end end
# Monkey patch to avoid creating new applications if the scope of the
# app created does not match the complete list of scopes of the configured app.
# It also prevents the OAuth authorize application window to appear every time.
# Remove after we upgrade the doorkeeper gem from version 4.x
if Doorkeeper.gem_version > Gem::Version.new('5.0.0')
raise "Doorkeeper was upgraded, please remove the monkey patch in #{__FILE__}"
end
module Doorkeeper
module AccessTokenMixin
module ClassMethods
def matching_token_for(application, resource_owner_or_id, scopes)
resource_owner_id =
if resource_owner_or_id.respond_to?(:to_key)
resource_owner_or_id.id
else
resource_owner_or_id
end
tokens = authorized_tokens_for(application.try(:id), resource_owner_id)
tokens.detect do |token|
scopes_match?(token.scopes, scopes, application.try(:scopes))
end
end
def scopes_match?(token_scopes, param_scopes, app_scopes)
return true if token_scopes.empty? && param_scopes.empty?
(token_scopes.sort == param_scopes.sort) &&
Doorkeeper::OAuth::Helpers::ScopeChecker.valid?(
param_scopes.to_s,
Doorkeeper.configuration.scopes,
app_scopes)
end
def authorized_tokens_for(application_id, resource_owner_id)
ordered_by(:created_at, :desc)
.where(application_id: application_id,
resource_owner_id: resource_owner_id,
revoked_at: nil)
end
def last_authorized_token_for(application_id, resource_owner_id)
authorized_tokens_for(application_id, resource_owner_id).first
end
end
end
end
...@@ -24,7 +24,8 @@ Rails.application.routes.draw do ...@@ -24,7 +24,8 @@ Rails.application.routes.draw do
use_doorkeeper do use_doorkeeper do
controllers applications: 'oauth/applications', controllers applications: 'oauth/applications',
authorized_applications: 'oauth/authorized_applications', authorized_applications: 'oauth/authorized_applications',
authorizations: 'oauth/authorizations' authorizations: 'oauth/authorizations',
token_info: 'oauth/token_info'
end end
# This prefixless path is required because Jira gets confused if we set it up with a path # This prefixless path is required because Jira gets confused if we set it up with a path
... ...
......
...@@ -59,7 +59,7 @@ GET /applications ...@@ -59,7 +59,7 @@ GET /applications
Example request: Example request:
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/applications curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/applications
``` ```
Example response: Example response:
... ...
......
...@@ -111,7 +111,7 @@ GET /projects/:id/issues/:issue_iid/discussions ...@@ -111,7 +111,7 @@ GET /projects/:id/issues/:issue_iid/discussions
``` ```
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/issues/11/discussions curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/issues/11/discussions
``` ```
### Get single issue discussion item ### Get single issue discussion item
...@@ -131,7 +131,7 @@ Parameters: ...@@ -131,7 +131,7 @@ Parameters:
| `discussion_id` | integer | yes | The ID of a discussion item | | `discussion_id` | integer | yes | The ID of a discussion item |
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/issues/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7 curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/issues/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7
``` ```
### Create new issue thread ### Create new issue thread
...@@ -319,7 +319,7 @@ GET /projects/:id/snippets/:snippet_id/discussions ...@@ -319,7 +319,7 @@ GET /projects/:id/snippets/:snippet_id/discussions
``` ```
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/snippets/11/discussions curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/snippets/11/discussions
``` ```
### Get single snippet discussion item ### Get single snippet discussion item
...@@ -526,7 +526,7 @@ GET /groups/:id/epics/:epic_id/discussions ...@@ -526,7 +526,7 @@ GET /groups/:id/epics/:epic_id/discussions
``` ```
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/groups/5/epics/11/discussions curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/groups/5/epics/11/discussions
``` ```
### Get single epic discussion item ### Get single epic discussion item
...@@ -786,7 +786,7 @@ Diff comments contain also position: ...@@ -786,7 +786,7 @@ Diff comments contain also position:
``` ```
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions
``` ```
### Get single merge request discussion item ### Get single merge request discussion item
...@@ -806,7 +806,7 @@ Parameters: ...@@ -806,7 +806,7 @@ Parameters:
| `discussion_id` | integer | yes | The ID of a discussion item | | `discussion_id` | integer | yes | The ID of a discussion item |
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7 curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7
``` ```
### Create new merge request thread ### Create new merge request thread
...@@ -1079,7 +1079,7 @@ Diff comments contain also position: ...@@ -1079,7 +1079,7 @@ Diff comments contain also position:
``` ```
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/commits/11/discussions curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/commits/11/discussions
``` ```
### Get single commit discussion item ### Get single commit discussion item
...@@ -1099,7 +1099,7 @@ Parameters: ...@@ -1099,7 +1099,7 @@ Parameters:
| `discussion_id` | integer | yes | The ID of a discussion item | | `discussion_id` | integer | yes | The ID of a discussion item |
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/commits/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7 curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/commits/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7
``` ```
### Create new commit thread ### Create new commit thread
... ...
......
...@@ -1401,7 +1401,7 @@ GET /projects/:id/issues/:issue_iid/time_stats ...@@ -1401,7 +1401,7 @@ GET /projects/:id/issues/:issue_iid/time_stats
| `issue_iid` | integer | yes | The internal ID of a project's issue | | `issue_iid` | integer | yes | The internal ID of a project's issue |
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/issues/93/time_stats curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/issues/93/time_stats
``` ```
Example response: Example response:
...@@ -1429,7 +1429,7 @@ GET /projects/:id/issues/:issue_id/related_merge_requests ...@@ -1429,7 +1429,7 @@ GET /projects/:id/issues/:issue_id/related_merge_requests
| `issue_iid` | integer | yes | The internal ID of a project's issue | | `issue_iid` | integer | yes | The internal ID of a project's issue |
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/1/issues/11/related_merge_requests curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/1/issues/11/related_merge_requests
``` ```
Example response: Example response:
...@@ -1658,7 +1658,7 @@ GET /projects/:id/issues/:issue_iid/participants ...@@ -1658,7 +1658,7 @@ GET /projects/:id/issues/:issue_iid/participants
| `issue_iid` | integer | yes | The internal ID of a project's issue | | `issue_iid` | integer | yes | The internal ID of a project's issue |
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/issues/93/participants curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/issues/93/participants
``` ```
Example response: Example response:
...@@ -1702,7 +1702,7 @@ GET /projects/:id/issues/:issue_iid/user_agent_detail ...@@ -1702,7 +1702,7 @@ GET /projects/:id/issues/:issue_iid/user_agent_detail
| `issue_iid` | integer | yes | The internal ID of a project's issue | | `issue_iid` | integer | yes | The internal ID of a project's issue |
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/issues/93/user_agent_detail curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/issues/93/user_agent_detail
``` ```
Example response: Example response:
... ...
......
...@@ -1632,7 +1632,7 @@ PUT /projects/:id/merge_requests/:merge_request_iid/rebase ...@@ -1632,7 +1632,7 @@ PUT /projects/:id/merge_requests/:merge_request_iid/rebase
| `skip_ci` | boolean | no | Set to `true` to skip creating a CI pipeline | | `skip_ci` | boolean | no | Set to `true` to skip creating a CI pipeline |
```shell ```shell
curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/76/merge_requests/1/rebase curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/76/merge_requests/1/rebase
``` ```
This is an asynchronous request. The API will return a `202 Accepted` response This is an asynchronous request. The API will return a `202 Accepted` response
...@@ -2410,7 +2410,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/time_stats ...@@ -2410,7 +2410,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/time_stats
| `merge_request_iid` | integer | yes | The internal ID of the merge request | | `merge_request_iid` | integer | yes | The internal ID of the merge request |
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/merge_requests/93/time_stats curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/merge_requests/93/time_stats
``` ```
Example response: Example response:
... ...
......
...@@ -80,7 +80,7 @@ GET /projects/:id/issues/:issue_iid/notes?sort=asc&order_by=updated_at ...@@ -80,7 +80,7 @@ GET /projects/:id/issues/:issue_iid/notes?sort=asc&order_by=updated_at
``` ```
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/issues/11/notes curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/issues/11/notes
``` ```
### Get single issue note ### Get single issue note
...@@ -98,7 +98,7 @@ Parameters: ...@@ -98,7 +98,7 @@ Parameters:
- `note_id` (required) - The ID of an issue note - `note_id` (required) - The ID of an issue note
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/issues/11/notes/1 curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/issues/11/notes/1
``` ```
### Create new issue note ### Create new issue note
...@@ -178,7 +178,7 @@ GET /projects/:id/snippets/:snippet_id/notes?sort=asc&order_by=updated_at ...@@ -178,7 +178,7 @@ GET /projects/:id/snippets/:snippet_id/notes?sort=asc&order_by=updated_at
| `order_by` | string | no | Return snippet notes ordered by `created_at` or `updated_at` fields. Default is `created_at` | `order_by` | string | no | Return snippet notes ordered by `created_at` or `updated_at` fields. Default is `created_at`
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/snippets/11/notes curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/snippets/11/notes
``` ```
### Get single snippet note ### Get single snippet note
...@@ -215,7 +215,7 @@ Parameters: ...@@ -215,7 +215,7 @@ Parameters:
``` ```
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/snippets/11/notes/11 curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/snippets/11/notes/11
``` ```
### Create new snippet note ### Create new snippet note
...@@ -296,7 +296,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/notes?sort=asc&order_by=upda ...@@ -296,7 +296,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/notes?sort=asc&order_by=upda
| `order_by` | string | no | Return merge request notes ordered by `created_at` or `updated_at` fields. Default is `created_at` | `order_by` | string | no | Return merge request notes ordered by `created_at` or `updated_at` fields. Default is `created_at`
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/merge_requests/11/notes curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/merge_requests/11/notes
``` ```
### Get single merge request note ### Get single merge request note
...@@ -337,7 +337,7 @@ Parameters: ...@@ -337,7 +337,7 @@ Parameters:
``` ```
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/merge_requests/11/notes/1 curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/merge_requests/11/notes/1
``` ```
### Create new merge request note ### Create new merge request note
...@@ -415,7 +415,7 @@ GET /groups/:id/epics/:epic_id/notes?sort=asc&order_by=updated_at ...@@ -415,7 +415,7 @@ GET /groups/:id/epics/:epic_id/notes?sort=asc&order_by=updated_at
| `order_by` | string | no | Return epic notes ordered by `created_at` or `updated_at` fields. Default is `created_at` | | `order_by` | string | no | Return epic notes ordered by `created_at` or `updated_at` fields. Default is `created_at` |
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/groups/5/epics/11/notes curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/groups/5/epics/11/notes
``` ```
### Get single epic note ### Get single epic note
...@@ -454,7 +454,7 @@ Parameters: ...@@ -454,7 +454,7 @@ Parameters:
``` ```
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/groups/5/epics/11/notes/1 curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/groups/5/epics/11/notes/1
``` ```
### Create new epic note ### Create new epic note
... ...
......
...@@ -102,7 +102,7 @@ CAUTION: **Important:** ...@@ -102,7 +102,7 @@ CAUTION: **Important:**
Avoid using this flow for applications that store data outside of the GitLab Avoid using this flow for applications that store data outside of the GitLab
instance. If you do, make sure to verify `application id` associated with the instance. If you do, make sure to verify `application id` associated with the
access token before granting access to the data access token before granting access to the data
(see [`/oauth/token/info`](https://github.com/doorkeeper-gem/doorkeeper/wiki/API-endpoint-descriptions-and-examples#get----oauthtokeninfo)). (see [`/oauth/token/info`](#retrieving-the-token-info)).
Unlike the web flow, the client receives an `access token` immediately as a Unlike the web flow, the client receives an `access token` immediately as a
result of the authorization request. The flow does not use the client secret result of the authorization request. The flow does not use the client secret
...@@ -212,3 +212,34 @@ or you can put the token to the Authorization header: ...@@ -212,3 +212,34 @@ or you can put the token to the Authorization header:
``` ```
curl --header "Authorization: Bearer OAUTH-TOKEN" https://gitlab.example.com/api/v4/user curl --header "Authorization: Bearer OAUTH-TOKEN" https://gitlab.example.com/api/v4/user
``` ```
## Retrieving the Token Info
To verify the details of a token you can call the `token/info` endpoint. This is provided from the doorkeeper gem (see [`/oauth/token/info`](https://github.com/doorkeeper-gem/doorkeeper/wiki/API-endpoint-descriptions-and-examples#get----oauthtokeninfo)).
You will need to supply the access token, either as a parameter
```
GET https://gitlab.example.com/oauth/token/info?access_token=OAUTH-TOKEN
```
Or in the Authorization header:
```
curl --header "Authorization: Bearer OAUTH-TOKEN" https://gitlab.example.com/oauth/token/info
```
You will receive the following in response:
```json
{
"resource_owner_id": 1,
"scope": ["api"],
"expires_in": null,
"application": {"uid": "1cb242f495280beb4291e64bee2a17f330902e499882fe8e1e2aa875519cab33"},
"created_at": 1575890427
}
```
CAUTION: **Deprecated fields:**
The fields `scopes` and `expires_in_seconds` are also included in the response. They are aliases for `scope` and `expires_in` respectively and have been included to prevent breaking changes introduced in [doorkeeper 5.0.2](https://github.com/doorkeeper-gem/doorkeeper/wiki/Migration-from-old-versions#from-4x-to-5x). Please don't rely on these fields as they will be removed in a later release.
...@@ -177,7 +177,7 @@ Parameters: ...@@ -177,7 +177,7 @@ Parameters:
Example request: Example request:
```shell ```shell
curl --request GET https://gitlab.com/api/v4/projects/:id/snippets/:snippet_id/raw \ curl https://gitlab.com/api/v4/projects/:id/snippets/:snippet_id/raw \
--header "PRIVATE-TOKEN: <your_access_token>" --header "PRIVATE-TOKEN: <your_access_token>"
``` ```
...@@ -199,7 +199,7 @@ GET /projects/:id/snippets/:snippet_id/user_agent_detail ...@@ -199,7 +199,7 @@ GET /projects/:id/snippets/:snippet_id/user_agent_detail
Example request: Example request:
```shell ```shell
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/1/snippets/2/user_agent_detail curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/1/snippets/2/user_agent_detail
``` ```
Example response: Example response:
... ...
......