18676: make sure to handle V2 tokens properly.
[arvados.git] / services / api / app / models / api_client.rb
1 # Copyright (C) The Arvados Authors. All rights reserved.
2 #
3 # SPDX-License-Identifier: AGPL-3.0
4
5 class ApiClient < ArvadosModel
6   include HasUuid
7   include KindAndEtag
8   include CommonApiTemplate
9   has_many :api_client_authorizations
10
11   api_accessible :user, extend: :common do |t|
12     t.add :name
13     t.add :url_prefix
14     t.add :is_trusted
15   end
16
17   def is_trusted
18     (from_trusted_url && Rails.configuration.Login.IssueTrustedTokens) || super
19   end
20
21   protected
22
23   def from_trusted_url
24     norm_url_prefix = norm(self.url_prefix)
25
26     [Rails.configuration.Services.Workbench1.ExternalURL,
27      Rails.configuration.Services.Workbench2.ExternalURL,
28      "https://controller.api.client.invalid"].each do |url|
29       if norm_url_prefix == norm(url)
30         return true
31       end
32     end
33
34     Rails.configuration.Login.TrustedClients.keys.each do |url|
35       if norm_url_prefix == norm(url)
36         return true
37       end
38     end
39
40     false
41   end
42
43   def norm url
44     # normalize URL for comparison
45     url = URI(url.to_s)
46     if url.scheme == "https"
47       url.port == "443"
48     end
49     if url.scheme == "http"
50       url.port == "80"
51     end
52     url.path = "/"
53     url
54   end
55 end